utua.com.br Open in urlscan Pro
2606:4700:10::6816:29  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://u24148341.ct.sendgrid.net/ls/click?upn=8pfxiuiO8W7wUsRV9a-2FeErFdpa-2BVEZiYEk-2FnSSW3IQpdvcn6K2HZVUvtPG5DuNs9UKoZJbwBHnkydrMyyFj6lDGnXfFuw4euAL-2FexrZDnUiJHO3sMwQ6pn2pVbDUT1OoOpw4-2Fzsge9MfGM5aKdcQHuM3c3wM-2FwYlN2QlwbCud0-2BZXN5V3CEsDuwdEXKjJ0L6-2BLHbkRqjpr6mxZB-2BD3s81wqcXOOrX5130YFz9-2BUpsrTqk6IODt9BUq8-2BmL0fEtYi3DlmEK9b9330S-2FEQbgEIWacukN7OgRSuuKkScuUcS5yivz1Kg4c-2FoYpxTcAGymptc1c0KMUK1m9Zt6NGJJmoYUCu2qUEsBW-2BjjAHCeoN26mmo2WgUoPkNH5azKHQ5fA9XKZwJEkGvAIGRi9hLUwp99m8jPllNy89P6G8NM630sbyLJMvvSXibrSMzGQlEyXncawjbL1heuiB19eDtlniphrLmGL-2BIUfE18ZwSec3M4sCLAinon7gyLmAiPuF8ynXIUGinn1N8pLcZII77-2FlRUwTOLdlvzh1z3l8V86B4Ik1vz82oNjHzczuL1nCyPWdOytghoe2LJYjbUwRRFyxyD7E2-2B91eP-2FnEBVgwFQ5SbjeAGPqLed-2FJp4z-2FGZzPAB2OUR8q6-2Fo5mnoaFI-2BVdppQwPxxlNTl9WoAYcIkUrcNQUZnDus0xis3bmhrEPkvXdw6q-2B9E-2BruDgrIyOHSFqqSPGM13i-2Bk5eJfxqoAHIki4IAetJqdaeSQlWTfMiZP-2FYnoXGMSKsgYm2oeL83hEWcjPYxbnpyjHsYJzW-2BMqxMq6mHY-3DiexX_iPO4DNbnER8vAb-2FPZNLsjtdAzCJRu4d6dk-2FgebVWoj22xJR6CPTg3kCCRr1Pr-2FVWyERRp-2B9pYqiN6tNdOrWKzTc0Yr-2F46XeyLy9sBNVkBfJ5Ld-2F-2BfCR0GstvWA-2BgGpn56HBKov7GBt4wabJnwb5l9Q9-2FlaxMDdKRPMQGQuOaROf8NyUG1OsbTi-2Fjmpgudgnq7iy7uIEc2F294NI1-2B77QUKO6I0n7k8xPZjwNQzMPUS-2FzPyy4cAnGR4Ctf7oiwmNByZU23xSyNTz8mS3-2Fs0vrNDHajWjLlaoRUh2hvgJxm0nqE1-2BHQGguH4-2B5yHS8CbrrpolkoG0IF0A6N1WBQcLC3I83E-2B7bG-2B0Te6zojjAYX8ffqxLEgMoFWQjKfzBRCX1dLJbs4VqfFozaWVxbch-2BdhEbN-2F3CHPu-2Bpw2i-2BR2OQ8G5YdBuR0LFhgL6mu2eXnkGg1-2BD3nxWnUYiA3At7ch3ItzxGAyEgDgeqOWolhxsXVDU-3D HTTP 302
   https://wizrocketmail.net/r?e=K2JmHB9iBQx6AGR9DSZjfgoDAgdiJCw1ICQsNQMFCQdkaWc3FxohLkFDWFs5BTEkODE7LnJwTQUrPyQuOS4uBV1EWFI%2BOTM%2FPjU8a3FcWFc8PzY3LHglMUBbbl0zeGhpZmxrewABBAduag15Z2hhewUCBBZ7eCUxJTENO1tGXkB1YHAdNig7KlxEEXV1Jw%3D%3D&r=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374%26an_uid%3D22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c&c=622824720&token=GlBVAgVUAAICCg%3D%3D&try=1&$follow_redirect=true HTTP 302
   https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

• https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374&rid=esp HTTP 302
• https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374&rid=esp&cc=1

Request Chain 30

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=utua.com.br&sn=ChromeSyncframe&so=0&topUrl=utua.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=IHTVjXxZTjZQOGdya3gwOXl0MnVPYzFyQWlQMUtPZlNHTVowK2d0azVZTzZtcktlWlBYYXQyRy94ZUdRUFM5dVF0RFU2eU1PeTdma1FLbWhjRFh6L28zeTFqQXdoOXg3eVVFeVIrS096RU5kdENCbE5sS3pjTmRSdEdhSFF5SmxuRFl4emdDQ2tUaTJEZFpGRCtaNGJzbkdMV09VRG1pMWJGejlZTWNWalVnUFBvbEZJc2VJZE1lOC92bkRVVFoyRkRObnQvbENaV1h6bzN6UTdCMHNmYU0zY3ZvakcrdkVRWUp0ZHNZano3OGp3ZkdVSXZaWXhyNVFDNW1UdFZzbXV4aitSdExGNzNyNW94NGdoZ2Rrc2UrSXgyUT09fA&cppv=2

Request Chain 87

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfonr-Y8jDlxxosUc3JxiU&google_cver=1

Request Chain 88

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMFBXYqDtey2Exmrt34lDQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENKtG2hABMCfUZbl5BqaDw&google_cver=1

Request Chain 89

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEP6JcsstFi06wa68Hl6oZ_o&google_cver=1

Request Chain 90

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYyMzYxNDA0NDc2NTI4MjMxOA%3D%3D

Request Chain 91

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfonr-Y8jDlxxosUc3JxiU&google_cver=1

Request Chain 92

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMFBXYqDtey2Exmrt34lDQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENKtG2hABMCfUZbl5BqaDw&google_cver=1

Request Chain 93

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEP6JcsstFi06wa68Hl6oZ_o&google_cver=1

Request Chain 94

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYyMzYxNDA0NDc2NTI4MjMxOA%3D%3D

Request Chain 99

• https://fw.adsafeprotected.com/rfw/bgd/1135760/69474528/xbbe/creative/adj?p=APEucNVDSZixqGDMUyUcMEAAlNHJJ1aVtmGLs1CdgRroti1tOWRurrM&d=CokBAKAmf-CqdoAmWTjN69c8hHEjo--ZXxGcxJBmeZ_jfjeRmuxoebJ_S18tUyumIOw93RDJZNEYPjZkaUlhl9JuTCsTrwziJA4bHz0jYnfnXQGhPYHNLO9Q7ZF5KBoChRY8kh6TSuiWifZKt8SEF-tUUdn6_YW8cETKlQT2-MpF9HKe9UlRdriiAkcS2RUAoCZ_4LDKRU1z1Z85ETReyTmlCYjw9tB5dsfFj3GWx25sBq0Ha3mpP7elbNDq5UP4HIzsAxd3OZt31-n5gjWINhMAgayQxZ9DB24TJuwvp7L1Ytm5AiBNbcOrtKyhMviHFLEpWeCRn-lhJ7H68vWkbRVMsPR9slDz7vbBvmwuj5fM8FK31rQugkPQOfB7CiO_0zQnbpZvp5o1yb4VUCl14jVwQ3JBCXTnXvvcrPKNGGSOx6rvcaFKfzhjjJDCpubN5ozyTfSHucVZ7pBGiGfS8m6x8t5UG36zUkNOSj2csQU6PjBDNjnsisexuP7NlFmHCANrtRwWvAhvxuHtoV-C8_3nzPCfi4yJT5CMasWcnXRVfeKE7-LW-OTN8ZSBCd2e-SJm1BoYZ7XPaaNr2lr5rX8_8vUKcczsW01rXUE4MszECfUZ9-gF3LLtJ120WPD-2fYMcqC4MERF-BTYz63JOWqSFuNE2k7q3mpTmvG_rxqzU6VPPKIyxH2zkTuygQVFSGi_NRrj0Iox__mN4RWtd1bHlY7M7RksDktFcHajXy0po-JqjLeE9jmGPG7zd5Fyl_vMEwY-WXnlTY5PaYdZmYo_opzpKpRsNxcx414CwAgqskREaUfdK0oa04Mqsl3wOSGcK5BmKxMXc2oUgZkRp18Gqq2U566NkPrpmtGe2ZshaXdA7UiMtTDM4q3ZmOe0OK_4wyHtR_NIOqP1RC7haSSxyCj23bOTq1VH0cMcZ67r4WxArV6Bi_d2U87BPqPhq2jdHvGSx9pYI0OnNmrtXyxVFkA0zc-4hodqpIdPs8q26yDAa0Dci3mOF31Xx5nGMdkmJDNXjpl6y8kdgH4O0_IX4DviWvwA1fPPXNMxzU7FBRznFTAnqsiuRz4GHpLneHCuIxvllWr0IJRqCgYYSqUOim43Z1RLabid1w3eP-ZxprADoNGxEnhVKhDXkOYzrhUaXHCRKQykLf-RYxWk-jIdc57mEU5ZqpeRf669PZ_xENM_fgG_dr_9QsNDqtr86fJj__mrdEudU74iiAnDDqJkBoML6L8OLrO_xN8TgEyeu5Hm2y9jdKmo96zEk9XrjQz2T9RwwEi8ZPThTnXzMLfHIptoXjz8jamn-0yOriqaRiks8CpJ_ZqnNDpZYRrhnMJ0kRideSYSzc75wliJeepZkuPOJ9oxAdQcmeXZnFUDmjMPX1dndeHQpqo8Qxdb8iI19TbopmVjKw8dp9EU0RGGbTsIFFuKDUJAatZWvJxkpIGoC3kiwzpOKuYbDIOHBWvExJAW-yhVAnHVjtCM_rNBM8Pr_xxTSbC37rqBOOl8DRG17_msO9TYOdQdQGh0nrsIEVDaNxU4kc76VkowsSTEC5pJ7kb1_RY7dD-kusAOjACr9WYhNcJdbGWt4qqmrONwtx-bwJoPHC10D-rPDRmQ-efJA2OXMRwYz5fiIJaxtA786jGEfG4B7mbukUHD8R-udF1mZSAb-zFNbKO0sjCTJjEiaDi15UlCRPEiDdBTGGEuyd3r-tZH8qsJsQM8bUSireYR2BmtV8fpm1MnPRaRfsX8b1zjWQp_S6gC5Q_Ns4W79mSWnjK2g4TUCqw7mJJh2iBcFYIZO4fyJjEY4vDoXh8gI5R4aGKDUeao2SlK_UBZLbkiglQycgJPH7pVOnrgdNmnWKi9creyMzCqJycbEngVE9ekPAG1nrVwxBViTnMpW9q_bHAc9upqiJLma9QRV_PH09VCUwNRf6HeWYGRL5REAZxrHEn4-4YsUY4NcNjbjC-zUGSQ4G3Rc-eCFW-7FrM13P35USa4SoFK5L1qA0d2lik_wl5yELZrQ9LN1KweuDd2oSgXymHYUAQW3mzZBGQh5RgMxtQRZkxwFOvoqy98RoyZK8Y-bBpx58wgaGAj1-4RPMTqPYOyiRR3Vf5VJ55gEfEI6M9PV1PpX1zxhb-7JSCeOwFUAZj8bC5NjldSS_leRE6m5nH9gFpADWN95BNkmoZvlBQrNMgffBTZDKQdZux9uwKkfenf6ED3eQPYG76ZQDNZWDfV1d5x13UM5zIvaTIyr_vBSnfgRzddsOEbJeNpDMVdtJXfowh5hUrOa9fhuAWzv_MkTafjX1cZh1I6R2F1fQVtkebmhSyHsLdCZQPYl1aADgzTfROwS-p1fycCuo-norvLebMaAiYIoy2GjsJVjr_9WUA6TBY_pX1aFKZoc9ggf5T2vmbk__LVzabT452eGoGWx5KvkxTbNui8-7uzHGWi-SRhA6xhZSysZCDoXMq_LV6-y0I6Qq6bFy29pw8qhYWdHIZaBzFFbV8FAdS6dWOPi7IEL7_HHGjE0sl-6MlBF6bYPG18tQHmnyC5OoH-2Bp0-f6Xs51pK7hB-rnYfbms5se2bHgmMjXrnOQo2-F-uJV-eJ5N8_wU0G2Gx4-UDYSUqlbVkJF7V46gi-HBTT1Dbkn5HPf8tPoXpVNaa4OZBOLEjoWDBZvhzPs1Fo4x7v5Pe-hXnbdaVqyXSTgYgkmdOQznvH0M20uD-7nIHyMLEY6ialbAdjK3z4pSKHtAykJJbQTibGGpOh0MhapxJiVGO4Pn6cEKGER5FdGNEXiIOI_dqibAWTcVmcpl49MurwFSY_jg6vqovqyHJGXM3c98P_IDWs0m9xUUdW1TMPmpJSUkTlHF6LPewwVEc-mJXYTP0DrHcEQspzrhK7K8ndYZ0AxTcqZ-xvXmERBrEu8s3B1dmGGFu4tFBdR_n-QlZEMCiUxksXM625NtTMAgk1J-67dIoelkHxQ0Ar0mZxbiQVpykRLP4GATBF3ykVa-Fo2NQV5Kwr1xxW6f7qmXabYKKKrYChozUAm8dHcY54j2ilcGNvQ3usy2SEXP4Gk4EOvYERhXp_R-gHUF_yX2NRmQuRq9zNdwQQq35dnrhlfc0k7IhCPngktY3PSuLB2hjObOS__4hEfgfWdEKQJBL2gPA2Ws863okaIVmV4zp5Ez8Fhpa71-rp4KKqhO-rNhe2-Hrt9yKajPm8A_WGGZcsiZt65LPADJnX74eettcnaYIi4q9pXMqxgRh644DLDkavjp7HmTeNKec7zoBX2Zhu25CuSlxczXYYI-uK4G3ZWmAwI7Qi8-0oY6X35vISXcnIkWV9KrYBQnOuAi9kw1L3TqBRv3Jp81idb2rD_YX9v0tJGgWru_TwoAMAjMAZmEXOUeEZSO45qNO9Vq-PUWpdinLQDNim_c3Ip96zMNzXmE2aPQdP-aXWtjCiSywdyK2yZApCSWvVvf56DTTOPy8Tqa42M578qKp_zN1pPfd0qI3ZL8fe074efR0KZxpRS7PEp-Ae1xlpldLoMKe-ubaFXwYe3B0b0sLEXnzrFELCJtQNxBYaHh0tzUxz8soI1LhXexgjtuB7lxLiq1j5KFakc8DRufaAcujqohrwk18DIHl3ce6dgZJoVDW7EVnlB6ucFJdIiwz-R5owUFKf9nPV4l_H0ZwwAcqmLzaDo7gS5pIiDmB0oRyX-dXWFxqSv_oPE9n2lG7Dys6tQfZUn-TZukDROmLEZyG7ACYSatciVg4NrfVbZ8_3S4-poF3iJ5eE_iSwrWen9o__fDwOxACJ5kAVwrsgXV2THztlKFHnw1qtB0OPPSl9PaUxJzl6KgH9Cs9vUuLswNU273VY7A-xYkBdIFvTJ96LiIjq0COEE7xMMd-j3ITDEjgKEkHRpRCAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgBYAE&bundleId=&ias_dspID=3&ias_campId=1010773593&ias_pubId=pub-1757064723917999&ias_chanId=1&ias_placementId=19749005473&bidurl=https://utua.com.br/br-cc-caixa-simples-p1/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jKRgi-7y2j-_QKyzxMzN5z&adsafe_url=https%3A%2F%2Futua.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Futua.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:353e14a6-5db3-05e2-fad7-4f50fe2502f1,c:juocvq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-57fb8678c4-lxwzx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16*.1135760-69474528%7C161%7C17%7C181%7C191,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:800666e2-2bcc-11ee-a68b-bebf713fd4aa,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVDSZixqGDMUyUcMEAAlNHJJ1aVtmGLs1CdgRroti1tOWRurrM&d=CokBAKAmf-CqdoAmWTjN69c8hHEjo--ZXxGcxJBmeZ_jfjeRmuxoebJ_S18tUyumIOw93RDJZNEYPjZkaUlhl9JuTCsTrwziJA4bHz0jYnfnXQGhPYHNLO9Q7ZF5KBoChRY8kh6TSuiWifZKt8SEF-tUUdn6_YW8cETKlQT2-MpF9HKe9UlRdriiAkcS2RUAoCZ_4LDKRU1z1Z85ETReyTmlCYjw9tB5dsfFj3GWx25sBq0Ha3mpP7elbNDq5UP4HIzsAxd3OZt31-n5gjWINhMAgayQxZ9DB24TJuwvp7L1Ytm5AiBNbcOrtKyhMviHFLEpWeCRn-lhJ7H68vWkbRVMsPR9slDz7vbBvmwuj5fM8FK31rQugkPQOfB7CiO_0zQnbpZvp5o1yb4VUCl14jVwQ3JBCXTnXvvcrPKNGGSOx6rvcaFKfzhjjJDCpubN5ozyTfSHucVZ7pBGiGfS8m6x8t5UG36zUkNOSj2csQU6PjBDNjnsisexuP7NlFmHCANrtRwWvAhvxuHtoV-C8_3nzPCfi4yJT5CMasWcnXRVfeKE7-LW-OTN8ZSBCd2e-SJm1BoYZ7XPaaNr2lr5rX8_8vUKcczsW01rXUE4MszECfUZ9-gF3LLtJ120WPD-2fYMcqC4MERF-BTYz63JOWqSFuNE2k7q3mpTmvG_rxqzU6VPPKIyxH2zkTuygQVFSGi_NRrj0Iox__mN4RWtd1bHlY7M7RksDktFcHajXy0po-JqjLeE9jmGPG7zd5Fyl_vMEwY-WXnlTY5PaYdZmYo_opzpKpRsNxcx414CwAgqskREaUfdK0oa04Mqsl3wOSGcK5BmKxMXc2oUgZkRp18Gqq2U566NkPrpmtGe2ZshaXdA7UiMtTDM4q3ZmOe0OK_4wyHtR_NIOqP1RC7haSSxyCj23bOTq1VH0cMcZ67r4WxArV6Bi_d2U87BPqPhq2jdHvGSx9pYI0OnNmrtXyxVFkA0zc-4hodqpIdPs8q26yDAa0Dci3mOF31Xx5nGMdkmJDNXjpl6y8kdgH4O0_IX4DviWvwA1fPPXNMxzU7FBRznFTAnqsiuRz4GHpLneHCuIxvllWr0IJRqCgYYSqUOim43Z1RLabid1w3eP-ZxprADoNGxEnhVKhDXkOYzrhUaXHCRKQykLf-RYxWk-jIdc57mEU5ZqpeRf669PZ_xENM_fgG_dr_9QsNDqtr86fJj__mrdEudU74iiAnDDqJkBoML6L8OLrO_xN8TgEyeu5Hm2y9jdKmo96zEk9XrjQz2T9RwwEi8ZPThTnXzMLfHIptoXjz8jamn-0yOriqaRiks8CpJ_ZqnNDpZYRrhnMJ0kRideSYSzc75wliJeepZkuPOJ9oxAdQcmeXZnFUDmjMPX1dndeHQpqo8Qxdb8iI19TbopmVjKw8dp9EU0RGGbTsIFFuKDUJAatZWvJxkpIGoC3kiwzpOKuYbDIOHBWvExJAW-yhVAnHVjtCM_rNBM8Pr_xxTSbC37rqBOOl8DRG17_msO9TYOdQdQGh0nrsIEVDaNxU4kc76VkowsSTEC5pJ7kb1_RY7dD-kusAOjACr9WYhNcJdbGWt4qqmrONwtx-bwJoPHC10D-rPDRmQ-efJA2OXMRwYz5fiIJaxtA786jGEfG4B7mbukUHD8R-udF1mZSAb-zFNbKO0sjCTJjEiaDi15UlCRPEiDdBTGGEuyd3r-tZH8qsJsQM8bUSireYR2BmtV8fpm1MnPRaRfsX8b1zjWQp_S6gC5Q_Ns4W79mSWnjK2g4TUCqw7mJJh2iBcFYIZO4fyJjEY4vDoXh8gI5R4aGKDUeao2SlK_UBZLbkiglQycgJPH7pVOnrgdNmnWKi9creyMzCqJycbEngVE9ekPAG1nrVwxBViTnMpW9q_bHAc9upqiJLma9QRV_PH09VCUwNRf6HeWYGRL5REAZxrHEn4-4YsUY4NcNjbjC-zUGSQ4G3Rc-eCFW-7FrM13P35USa4SoFK5L1qA0d2lik_wl5yELZrQ9LN1KweuDd2oSgXymHYUAQW3mzZBGQh5RgMxtQRZkxwFOvoqy98RoyZK8Y-bBpx58wgaGAj1-4RPMTqPYOyiRR3Vf5VJ55gEfEI6M9PV1PpX1zxhb-7JSCeOwFUAZj8bC5NjldSS_leRE6m5nH9gFpADWN95BNkmoZvlBQrNMgffBTZDKQdZux9uwKkfenf6ED3eQPYG76ZQDNZWDfV1d5x13UM5zIvaTIyr_vBSnfgRzddsOEbJeNpDMVdtJXfowh5hUrOa9fhuAWzv_MkTafjX1cZh1I6R2F1fQVtkebmhSyHsLdCZQPYl1aADgzTfROwS-p1fycCuo-norvLebMaAiYIoy2GjsJVjr_9WUA6TBY_pX1aFKZoc9ggf5T2vmbk__LVzabT452eGoGWx5KvkxTbNui8-7uzHGWi-SRhA6xhZSysZCDoXMq_LV6-y0I6Qq6bFy29pw8qhYWdHIZaBzFFbV8FAdS6dWOPi7IEL7_HHGjE0sl-6MlBF6bYPG18tQHmnyC5OoH-2Bp0-f6Xs51pK7hB-rnYfbms5se2bHgmMjXrnOQo2-F-uJV-eJ5N8_wU0G2Gx4-UDYSUqlbVkJF7V46gi-HBTT1Dbkn5HPf8tPoXpVNaa4OZBOLEjoWDBZvhzPs1Fo4x7v5Pe-hXnbdaVqyXSTgYgkmdOQznvH0M20uD-7nIHyMLEY6ialbAdjK3z4pSKHtAykJJbQTibGGpOh0MhapxJiVGO4Pn6cEKGER5FdGNEXiIOI_dqibAWTcVmcpl49MurwFSY_jg6vqovqyHJGXM3c98P_IDWs0m9xUUdW1TMPmpJSUkTlHF6LPewwVEc-mJXYTP0DrHcEQspzrhK7K8ndYZ0AxTcqZ-xvXmERBrEu8s3B1dmGGFu4tFBdR_n-QlZEMCiUxksXM625NtTMAgk1J-67dIoelkHxQ0Ar0mZxbiQVpykRLP4GATBF3ykVa-Fo2NQV5Kwr1xxW6f7qmXabYKKKrYChozUAm8dHcY54j2ilcGNvQ3usy2SEXP4Gk4EOvYERhXp_R-gHUF_yX2NRmQuRq9zNdwQQq35dnrhlfc0k7IhCPngktY3PSuLB2hjObOS__4hEfgfWdEKQJBL2gPA2Ws863okaIVmV4zp5Ez8Fhpa71-rp4KKqhO-rNhe2-Hrt9yKajPm8A_WGGZcsiZt65LPADJnX74eettcnaYIi4q9pXMqxgRh644DLDkavjp7HmTeNKec7zoBX2Zhu25CuSlxczXYYI-uK4G3ZWmAwI7Qi8-0oY6X35vISXcnIkWV9KrYBQnOuAi9kw1L3TqBRv3Jp81idb2rD_YX9v0tJGgWru_TwoAMAjMAZmEXOUeEZSO45qNO9Vq-PUWpdinLQDNim_c3Ip96zMNzXmE2aPQdP-aXWtjCiSywdyK2yZApCSWvVvf56DTTOPy8Tqa42M578qKp_zN1pPfd0qI3ZL8fe074efR0KZxpRS7PEp-Ae1xlpldLoMKe-ubaFXwYe3B0b0sLEXnzrFELCJtQNxBYaHh0tzUxz8soI1LhXexgjtuB7lxLiq1j5KFakc8DRufaAcujqohrwk18DIHl3ce6dgZJoVDW7EVnlB6ucFJdIiwz-R5owUFKf9nPV4l_H0ZwwAcqmLzaDo7gS5pIiDmB0oRyX-dXWFxqSv_oPE9n2lG7Dys6tQfZUn-TZukDROmLEZyG7ACYSatciVg4NrfVbZ8_3S4-poF3iJ5eE_iSwrWen9o__fDwOxACJ5kAVwrsgXV2THztlKFHnw1qtB0OPPSl9PaUxJzl6KgH9Cs9vUuLswNU273VY7A-xYkBdIFvTJ96LiIjq0COEE7xMMd-j3ITDEjgKEkHRpRCAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgBYAE&bundleId=

Request Chain 112

• https://fw.adsafeprotected.com/rfw/bgd/1135760/69474508/xbbe/creative/adj?p=APEucNVRgmF0MvPZLd2yXgQSQqE9zj73VY_bxk10Ar7lU0eBO6jcyTc&d=CokBAKAmf-CE8WaHOrD-FIGeyCpvxVrJTFvK5EGL8VeMh1kUu9tEzB5vxWKeJfZLKD1g2jO5yJmC_MCRljZNcSOkzL4oBfX08nkBPdtGe2UGS8FDslq1CvGZrIyh3pFc5YH1uO_Pn7xyp3aJmYmholwna-xWnqIPKojWj-7xUVpG4FHH_r3BEDG_QwES6RUAoCZ_4E7nRnSeLO5UYR7SMLEjvG1J9JRfzFbmofE9VF1Q4u_PO4-lixFJ0GP1yI5cGX0Kxo3HnRnyfXph1J7ipc70kisO3AlTxa5bCOnJAHP7ilXH1j1U3dLr14mMzwQqFvRrZXdDWkGgUMMAwy7gY5WNE76qTQEFrRAfoVL3OEzSxakviZ9BO7j0AV0C4On5mT4WKahmWehso0hrVXB60X12ekvXm3qDxa_RuRxkSOTGThBa-AEwKnTnGd48ptBr8MpBmJqnHtSSjTaZjkgHnOtp36D54ovfyWUzdP-J5R1-b_mvxuj2dkZWy68zbf5IeUF-ptFxat96Lr3EWI667bp4Xv2Q82SqDcoN1y4sqAAtIyFWDGgUZjANvraZ3uoaR9SWyRIdASvtBqMAf2g6DYOePNIngdzpyUwUiyCXKyQ3CreAfU_YdOxpXRsr5AUE0SeAk_QHj0aqODrO8RaKcmSu-l8jTFYhnvo5R8OUkzbLNw2uf_ochRahTcsGYtj5z_4imJdbr05kX0uhSIgsPwl1H87AVd1SzUUk6_wtl7nrUjO-nlyadL_al9OI3krGBA7-2Cb7o7qOzxenpGauz7_QOp4h_ZyqDLgOIQIxLm2rrc37WQYCOEBeAQN9x16RfL5qObFI1o4p2g7lS7PBbPpqs4LW84MnKof7wHeB0MIFcZpOHU19az0L3cBA8yBkgnwNj8LYc3JErzwfrKB06WF8QYgnybj_g8JPCBG_BDoufIxQGtItR5zUjZNbQr-PCVuuMAXitG17t1Nmi2orR62o2YRNEc5c3ypra_s6EsiBGojuP-JmVprMKKdlRFo5IyTfnWolZ5inIPrV7_rTRcMCGkt1Y7mI7pn_J9S04Y1ofHr-bdex3OxcVd20lFFMcWWVqDRunZ1upTn_HjbCGRhL6mDUq5UUa3g3fbiHHOKQmcKsuqp74SJqaCFZTIqLOv1SudJg3YIuq-XzntPmljScUcyFwsPl3dbpvC82bIOgngrK3SPq8bQNh0jmQbKtzky_vFf3SL4QDd7WaYhL9L8VYWU-dFVD6h1DflDUnRw5mhdcjHWeLgTnrZXZC26ik9t_5e_MoLp6IjAcaoaEt0hU-6Gmn1o1h6KEneRvv-q8UA8PwCLnjoS6O2Hmm7iCiDhUZaMBTNsFsoZQ28JXG6No_l5LRoNU3_0U3PT3i0leyR9hAqJsT78auCOxTJ94r5QBG4E4i_25UMmFmq_oqpsMFEdIqKScmVQiK9YF4ePm6Cnznj1yUdkD_836GQJBKQ8MAhetnYm7IWMDxlkUlG1SLQXo2anGX76kZ-RWDkD50RO174Fzc04P4S_IpxWXUQSXKmp474qpPUtYxn7vy7c8rQ3UMBZCVm4Hbasky_M2mfP5KwUnnrZXiospupnZp0xe-PfLauAFL7SCt9BnhjCgc4iWn8T7EJbnk0puhHzJ0l_F7dWvBriW8PtrcHfQD4C7WUDmhepQAZcbhS1_xu3kzfjwcDXd77srPCzTYqFioFIXlVC3CrLuJ2s7aMSlX6QbkCbN4veHM85xsnz5hSH3Do12trNgZeXcxlkbItGyIV8JkB1NxoFFgpHrPX2pxSiuRs0d-T4EtvJmqgS8N3rsSIpK2WDhtl4-WjGEvmaRyVBHUzALdjdW8k73E91uvJrQTQXz9T_dZwgSouuSXcHzipyPEZMk_wkX4S-Xtc-WTJ3PYBZBSp0wIfi63VRWyCMogUE9UFb_s3v32ECZJth7hwPdHfuya7EACDn2v7sEeSi3e8RR1UNmTiMbyrvo3ayjEg7dMW4EAhZJh9BpTv3fAyDCqx8nrSeiotGcel4iJYu9qxJBxDK4vnD_8twpbqs4bC9bJ0eUOLUmXHGRmsB4sx5QSe2GQh2GY3O2xacbTZ2ttwVzrqoJeY3mzAByqJVB3MdDDohUDdBfWQ3sIv4AvV4403zwIJSd92M1sI4jTbsPQHlhGDmjH8rqLvCOYPV0X9F1QV39KxmU3E1kgJSaKim1p1RwPNeRGVejcHhL7SHpxvvSfD9rOPfjNGTRI2_TgJGe6t-DkyIoRWTG2TKkX5jk3bC1b5RTBhk4ba7TbqwPDd6wXF78w9tssxMz74ts_qhOdlT8TQvJdDACxnmsk9YDiKz6LncY7bjwGY_LHOMNTFhIB9rj8zWopW72Vs3FP_sMX3IMxLqMf3El7553O2V8KFUbgXsfFU2BguGe_8hTPhZsGukKRpa9S_kozP2tVtAoCjqK1E4iDhWVs3iASgSu5XxqSWsRbZa9SNxwwnKzj70lykqC_EYf-GK-4XMWDiMqSrU2tKbPZABQsuF6K6t9zOADoSqFW2AAUICpZ82Y4uI3LobD2s9knFDHpZ8nIAm2BmQrpMlMLXHFTqDOp5aC5MD84ulOG2O0b4c0Kg5tsDCc6cNdjMQuKmn4oB72-9PmbWCxehPnTdAEnAfbUgvsRry4joqzDkRigpC_UyDrMpNGL5gKdT4yM6oWP7UV6rFYIjkxyCfDGtdyRQpVAuyj0bI8lJYjZeKZ7iIPCQOq4vfWtCZu2LkazqLbK0KcQRJ1ZMBQ75UBxuSqiED63RCziyrguIV58AiPhENitn4ME6xBDf37qwCBsApTFZ60pg1CidkYUhH6ofEYyHVxOuE4KbbROfBqG-ms6Ry-sHsF9DaT9ieAYvFD2hgKvGw9WFIA4IU90hGCcGnojE05tCaqEPrEd064W7e4XCGjVIGFpTbRvCvweI9Ik5364wuqLqAu_yup0hN94r4SbedqZlsuKmNyMaBj-P-bfH0g5RI8Awd_J3MsOeRogxHLVpxkrzVUc9xUNEdA4x_1jcrGIch16OkevE_7loF6tbhETLvysNTInPGWdVDL_wi-4gC7y93ncBzHuzpWA-0TMLmJqcblmb5SIN-E0I53O6RLLmFYw8-SCbvN5EJv4ByHhL4eG-6vfLvlRZy_kbq_waKcFbncGNLCC5kVRCSNbV3DcD-vjRyh8V0D1lZuTOmcqIvZscBuLdcvFhQjRQbBDqiMCxiT8KKFPLsR-6fPKODqS6drp0apUg56RDwPEwGPbUCLUW0H72zMG5ROk8A43cE0JTbh7ggt4qdktEYboU6z8cdMqyUk09CNzJ2vTwZw-WiJeV5ad55AkQxHg7DL-3hGP5RbxZe5wh_ftA7QHvllE9XvepbrGzwRHOIa0mgTBh_93ravGUdiXoJG2BvQuWPoHBzGnvzKDTOUXZTf6YTL8cseqOL8Ojb6icpjA_OZEzEhHRIl0exZI_hn8IVKAZEvCV4-LDqzrkRHNjSZ4uol-oDRKBeNntZgn3zsxdajX4Pf4vQhmtmpWAvDaHo1V4DUCIP-MT_VOuxxxBexYIYfbdInAa-LLrb2wYoazSj5iRlJHnHP7LAJkyfPi7r-HdlEf9i3b4IfOgp4_5XgYrRdh5xas8L44AGUl5NKZ0fE3Zkke3yEb-dmu3qQ5zySPiFqesu-lsy5X55_5uQ33TaUyYtkp5Na4DcgLxki9J0Mdie83SeoDPJbqNhoP9cjJ92r0_8pWK6cSa0q9rJUVwnPPpZT5NjcZEBpupUcneKpDUsmPFUR0tD5iFpa4HQ8shRy2ktQ69f7O22YLwdSBtq7jw1HCbnbT8dQpicrfCEk2ASfvj11QUQsUG8Mj3B4MFxQFBwHnKhKe3httFXjfRflZ_SpxnLI-JGU0XsEc46X6WSJfYQWHlYaUQgEEksAaQJSVhygez3gLVUKWapk5ShgtF0pdvnSEfNSR768OfplGYnsam7OAEaF2zcaVfGkQlhMDfFkNJzV4XidNOCiQ26pX5PLRN3WI0IYAWAB&bundleId=&ias_dspID=3&ias_campId=1010773593&ias_pubId=pub-1757064723917999&ias_chanId=1&ias_placementId=19749005473&bidurl=https://utua.com.br/br-cc-caixa-simples-p1/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hNdmGMQkb5NGABgdHeI23p&adsafe_url=https%3A%2F%2Futua.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Futua.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:dfa96b88-e5ec-97f9-255d-812c31a3aa47,c:juocyh,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-57fb8678c4-d2s2g,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tL8eFxm+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18*.1135760-69474508%7C181%7C191,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:22,oid:800666d6-2bcc-11ee-b2c4-064ea50ae1fc,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVRgmF0MvPZLd2yXgQSQqE9zj73VY_bxk10Ar7lU0eBO6jcyTc&d=CokBAKAmf-CE8WaHOrD-FIGeyCpvxVrJTFvK5EGL8VeMh1kUu9tEzB5vxWKeJfZLKD1g2jO5yJmC_MCRljZNcSOkzL4oBfX08nkBPdtGe2UGS8FDslq1CvGZrIyh3pFc5YH1uO_Pn7xyp3aJmYmholwna-xWnqIPKojWj-7xUVpG4FHH_r3BEDG_QwES6RUAoCZ_4E7nRnSeLO5UYR7SMLEjvG1J9JRfzFbmofE9VF1Q4u_PO4-lixFJ0GP1yI5cGX0Kxo3HnRnyfXph1J7ipc70kisO3AlTxa5bCOnJAHP7ilXH1j1U3dLr14mMzwQqFvRrZXdDWkGgUMMAwy7gY5WNE76qTQEFrRAfoVL3OEzSxakviZ9BO7j0AV0C4On5mT4WKahmWehso0hrVXB60X12ekvXm3qDxa_RuRxkSOTGThBa-AEwKnTnGd48ptBr8MpBmJqnHtSSjTaZjkgHnOtp36D54ovfyWUzdP-J5R1-b_mvxuj2dkZWy68zbf5IeUF-ptFxat96Lr3EWI667bp4Xv2Q82SqDcoN1y4sqAAtIyFWDGgUZjANvraZ3uoaR9SWyRIdASvtBqMAf2g6DYOePNIngdzpyUwUiyCXKyQ3CreAfU_YdOxpXRsr5AUE0SeAk_QHj0aqODrO8RaKcmSu-l8jTFYhnvo5R8OUkzbLNw2uf_ochRahTcsGYtj5z_4imJdbr05kX0uhSIgsPwl1H87AVd1SzUUk6_wtl7nrUjO-nlyadL_al9OI3krGBA7-2Cb7o7qOzxenpGauz7_QOp4h_ZyqDLgOIQIxLm2rrc37WQYCOEBeAQN9x16RfL5qObFI1o4p2g7lS7PBbPpqs4LW84MnKof7wHeB0MIFcZpOHU19az0L3cBA8yBkgnwNj8LYc3JErzwfrKB06WF8QYgnybj_g8JPCBG_BDoufIxQGtItR5zUjZNbQr-PCVuuMAXitG17t1Nmi2orR62o2YRNEc5c3ypra_s6EsiBGojuP-JmVprMKKdlRFo5IyTfnWolZ5inIPrV7_rTRcMCGkt1Y7mI7pn_J9S04Y1ofHr-bdex3OxcVd20lFFMcWWVqDRunZ1upTn_HjbCGRhL6mDUq5UUa3g3fbiHHOKQmcKsuqp74SJqaCFZTIqLOv1SudJg3YIuq-XzntPmljScUcyFwsPl3dbpvC82bIOgngrK3SPq8bQNh0jmQbKtzky_vFf3SL4QDd7WaYhL9L8VYWU-dFVD6h1DflDUnRw5mhdcjHWeLgTnrZXZC26ik9t_5e_MoLp6IjAcaoaEt0hU-6Gmn1o1h6KEneRvv-q8UA8PwCLnjoS6O2Hmm7iCiDhUZaMBTNsFsoZQ28JXG6No_l5LRoNU3_0U3PT3i0leyR9hAqJsT78auCOxTJ94r5QBG4E4i_25UMmFmq_oqpsMFEdIqKScmVQiK9YF4ePm6Cnznj1yUdkD_836GQJBKQ8MAhetnYm7IWMDxlkUlG1SLQXo2anGX76kZ-RWDkD50RO174Fzc04P4S_IpxWXUQSXKmp474qpPUtYxn7vy7c8rQ3UMBZCVm4Hbasky_M2mfP5KwUnnrZXiospupnZp0xe-PfLauAFL7SCt9BnhjCgc4iWn8T7EJbnk0puhHzJ0l_F7dWvBriW8PtrcHfQD4C7WUDmhepQAZcbhS1_xu3kzfjwcDXd77srPCzTYqFioFIXlVC3CrLuJ2s7aMSlX6QbkCbN4veHM85xsnz5hSH3Do12trNgZeXcxlkbItGyIV8JkB1NxoFFgpHrPX2pxSiuRs0d-T4EtvJmqgS8N3rsSIpK2WDhtl4-WjGEvmaRyVBHUzALdjdW8k73E91uvJrQTQXz9T_dZwgSouuSXcHzipyPEZMk_wkX4S-Xtc-WTJ3PYBZBSp0wIfi63VRWyCMogUE9UFb_s3v32ECZJth7hwPdHfuya7EACDn2v7sEeSi3e8RR1UNmTiMbyrvo3ayjEg7dMW4EAhZJh9BpTv3fAyDCqx8nrSeiotGcel4iJYu9qxJBxDK4vnD_8twpbqs4bC9bJ0eUOLUmXHGRmsB4sx5QSe2GQh2GY3O2xacbTZ2ttwVzrqoJeY3mzAByqJVB3MdDDohUDdBfWQ3sIv4AvV4403zwIJSd92M1sI4jTbsPQHlhGDmjH8rqLvCOYPV0X9F1QV39KxmU3E1kgJSaKim1p1RwPNeRGVejcHhL7SHpxvvSfD9rOPfjNGTRI2_TgJGe6t-DkyIoRWTG2TKkX5jk3bC1b5RTBhk4ba7TbqwPDd6wXF78w9tssxMz74ts_qhOdlT8TQvJdDACxnmsk9YDiKz6LncY7bjwGY_LHOMNTFhIB9rj8zWopW72Vs3FP_sMX3IMxLqMf3El7553O2V8KFUbgXsfFU2BguGe_8hTPhZsGukKRpa9S_kozP2tVtAoCjqK1E4iDhWVs3iASgSu5XxqSWsRbZa9SNxwwnKzj70lykqC_EYf-GK-4XMWDiMqSrU2tKbPZABQsuF6K6t9zOADoSqFW2AAUICpZ82Y4uI3LobD2s9knFDHpZ8nIAm2BmQrpMlMLXHFTqDOp5aC5MD84ulOG2O0b4c0Kg5tsDCc6cNdjMQuKmn4oB72-9PmbWCxehPnTdAEnAfbUgvsRry4joqzDkRigpC_UyDrMpNGL5gKdT4yM6oWP7UV6rFYIjkxyCfDGtdyRQpVAuyj0bI8lJYjZeKZ7iIPCQOq4vfWtCZu2LkazqLbK0KcQRJ1ZMBQ75UBxuSqiED63RCziyrguIV58AiPhENitn4ME6xBDf37qwCBsApTFZ60pg1CidkYUhH6ofEYyHVxOuE4KbbROfBqG-ms6Ry-sHsF9DaT9ieAYvFD2hgKvGw9WFIA4IU90hGCcGnojE05tCaqEPrEd064W7e4XCGjVIGFpTbRvCvweI9Ik5364wuqLqAu_yup0hN94r4SbedqZlsuKmNyMaBj-P-bfH0g5RI8Awd_J3MsOeRogxHLVpxkrzVUc9xUNEdA4x_1jcrGIch16OkevE_7loF6tbhETLvysNTInPGWdVDL_wi-4gC7y93ncBzHuzpWA-0TMLmJqcblmb5SIN-E0I53O6RLLmFYw8-SCbvN5EJv4ByHhL4eG-6vfLvlRZy_kbq_waKcFbncGNLCC5kVRCSNbV3DcD-vjRyh8V0D1lZuTOmcqIvZscBuLdcvFhQjRQbBDqiMCxiT8KKFPLsR-6fPKODqS6drp0apUg56RDwPEwGPbUCLUW0H72zMG5ROk8A43cE0JTbh7ggt4qdktEYboU6z8cdMqyUk09CNzJ2vTwZw-WiJeV5ad55AkQxHg7DL-3hGP5RbxZe5wh_ftA7QHvllE9XvepbrGzwRHOIa0mgTBh_93ravGUdiXoJG2BvQuWPoHBzGnvzKDTOUXZTf6YTL8cseqOL8Ojb6icpjA_OZEzEhHRIl0exZI_hn8IVKAZEvCV4-LDqzrkRHNjSZ4uol-oDRKBeNntZgn3zsxdajX4Pf4vQhmtmpWAvDaHo1V4DUCIP-MT_VOuxxxBexYIYfbdInAa-LLrb2wYoazSj5iRlJHnHP7LAJkyfPi7r-HdlEf9i3b4IfOgp4_5XgYrRdh5xas8L44AGUl5NKZ0fE3Zkke3yEb-dmu3qQ5zySPiFqesu-lsy5X55_5uQ33TaUyYtkp5Na4DcgLxki9J0Mdie83SeoDPJbqNhoP9cjJ92r0_8pWK6cSa0q9rJUVwnPPpZT5NjcZEBpupUcneKpDUsmPFUR0tD5iFpa4HQ8shRy2ktQ69f7O22YLwdSBtq7jw1HCbnbT8dQpicrfCEk2ASfvj11QUQsUG8Mj3B4MFxQFBwHnKhKe3httFXjfRflZ_SpxnLI-JGU0XsEc46X6WSJfYQWHlYaUQgEEksAaQJSVhygez3gLVUKWapk5ShgtF0pdvnSEfNSR768OfplGYnsam7OAEaF2zcaVfGkQlhMDfFkNJzV4XidNOCiQ26pX5PLRN3WI0IYAWAB&bundleId=

Request Chain 138

• https://gcdn.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/159381E7315D1C9D9B4000885A774696D56270A8.35C0DA70919C10E3E0BBE558E8F6C64647D373A4/key/ck2/file/file.mp4 HTTP 302
• https://r5---sn-5hne6nsy.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5A000745A89CA684F7596E55C9802ED5405279CD.185C48BBF2DDEC3990923D83B165002B5189E832/key/cms1/cms_redirect/yes/mh/NA/mip/2a03:1b20:b:f011::4e/mm/42/mn/sn-5hne6nsy/ms/onc/mt/1690385372/mv/u/mvi/5/pl/48/file/file.mp4

Request Chain 159

• https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vN2E1NmVlNjFjODVjMjZkN2YzNWEyYWQxYjFkZjBlNjkuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTAxNDY2MSIsImN1c3RvbTgiOiI3MTM2NDQ4NSIsInJlZ2lvbiI6ImllIiwieHNpZCI6IjI3YWE5MDVlLWJjMjEtNDk4MS1iNmI3LTVjODExZDE2ZDQ1MCJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMiIsImhlYWRlcjQiOiI3IiwiaGVhZGVyOCI6Imlhc28iLCJoZWFkZXI5IjoiIn0sImNiIjoiMTY5MDM4Njc4MjQ0OTA3MjIzMSIsImFkRHVyYXRpb24iOi05NDk2NzI5NjAsImlhc1NpbmdsZXRhZyI6dHJ1ZSwiaWFzU2luZ2xldGFnT3V0Y29tZSI6Ik9VVENPTUVfTV9fVkFTVF9fT01JRF9fV0VCX1BYTCJ9&advEntityId=1014661&pubEntityId=71364485 HTTP 303
• https://dt.adsafeprotected.com/dt?anId=10173&asId=27aa905e-bc21-4981-b6b7-5c811d16d450&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A-949672960%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

Request Chain 164

• https://pixel.adsafeprotected.com/rfw/st/1014661/71364486/skeleton.gif?xmtp=v&xmapp=0&xsId=27aa905e-bc21-4981-b6b7-5c811d16d450&bidurl=&ias_campId=&ias_pubId=&ias_placementId=&ias_chanId=&ias_dealId=&ias_impId=v4~~&ias_dspId=3&ias_creativeId=191547418&ias_xappb=&mon=71364486 HTTP 302
• https://static.adsafeprotected.com/skeleton.js

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response utua.com.br/br-cc-caixa-simples-p1/ Redirect Chain https://u24148341.ct.sendgrid.net/ls/click?upn=8pfxiuiO8W7wUsRV9a-2FeErFdpa-2BVEZiYEk-2FnSSW3IQpdvcn6K2HZVUvtPG5DuNs9UKoZJbwBHnkydrMyyFj6lDGnXfFuw4euAL-2FexrZDnUiJHO3sMwQ6pn2pVbDUT1OoOpw4-2Fzsge9Mf... https://wizrocketmail.net/r?e=K2JmHB9iBQx6AGR9DSZjfgoDAgdiJCw1ICQsNQMFCQdkaWc3FxohLkFDWFs5BTEkODE7LnJwTQUrPyQuOS4uBV1EWFI%2BOTM%2FPjU8a3FcWFc8PzY3LHglMUBbbl0zeGhpZmxrewABBAduag15Z2hhewUCBBZ7eCUxJTE... https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c...	72 KB 17 KB	729ms 626ms	Document text/html	2606:4700:10::6816:29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 21434af8bcf245fa7c1e003aec47fc45ff4d3a04c37cfc663b654480f63611ff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=300 cf-cache-status MISS cf-ray 7ecdd0171f1a915f-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 26 Jul 2023 15:52:59 GMT last-modified Wed, 26 Jul 2023 15:52:59 GMT link <https://utua.com.br/wp-json/>; rel="https://api.w.org/" <https://utua.com.br/wp-json/wp/v2/posts/2759>; rel="alternate"; type="application/json" <https://utua.com.br/?p=2759>; rel=shortlink server cloudflare vary Accept-Encoding via 1.1 google, 1.1 google x-cloud-trace-context 8ea880a597b1ece4ca32a70768c9a549 x-powered-by PHP/7.4.33 Redirect headers Cache-Control no-cache, no-store no-cache, no-store Connection keep-alive Content-Length 0 Date Wed, 26 Jul 2023 15:52:58 GMT Expires 0 Location https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Pragma no-cache Strict-Transport-Security max-age=31536000;includeSubDomains;preload Via 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront) X-Amz-Cf-Id 2c9NlFCdoDs0SVjE7S7IokANWlrBUmaE93eHTVy3iXtG1WcD5snfnQ== X-Amz-Cf-Pop FRA50-C1 X-Cache Miss from cloudfront X-Frame-Options SAMEORIGIN
GET H2	200	css2 fonts.googleapis.com/	848 B 827 B	195ms 70ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=DM+Sans&display=swap Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5b7b259a87df556c5752105da739eaaf0142a9b2c83fec6fd092501f90bc5817 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 26 Jul 2023 15:52:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 26 Jul 2023 14:23:18 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 26 Jul 2023 15:52:59 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	81 KB 28 KB	402ms 274ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b423ee66933ccb2c7857f9298eec67802d2d5dd272711a798f2ddc571f6b12f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:52:59 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27971 x-xss-protection 0 server cafe etag 973 / 19564 / m202307200101 / config-hash: 8317567018028545507 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Wed, 26 Jul 2023 15:52:59 GMT
GET H2	200	classic-themes.min.css utua.com.br/wp-includes/css/	291 B 309 B	45ms 42ms	Stylesheet text/css	2606:4700:10::6816:29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://utua.com.br/wp-includes/css/classic-themes.min.css?ver=6.2 Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:52:59 GMT via 1.1 google, 1.1 google content-encoding br cf-cache-status HIT last-modified Fri, 14 Jul 2023 17:03:10 GMT server cloudflare age 42888 etag W/"123-600756c650f80-gzip" vary Accept-Encoding content-type text/css x-cloud-trace-context 98dca27b8438da6f1999e9bffd929f08 cache-control private, max-age=300 cf-ray 7ecdd01b2d27915f-FRA alt-svc h3=":443"; ma=86400
GET H2	200	style.post.css utua.com.br/wp-content/themes/clean-n-beauty-theme/css/	20 KB 5 KB	43ms 40ms	Stylesheet text/css	2606:4700:10::6816:29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/style.post.css?ver=26072023125259 Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6e298baccf7bccebe558cd80c7473a2c6910bd2b2ec674e63079bc8adfef527 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:52:59 GMT via 1.1 google, 1.1 google content-encoding br cf-cache-status HIT age 41440 cf-polished origSize=25759 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 14 Jul 2023 17:03:09 GMT server cloudflare etag W/"649f-600756c55cd40-gzip" vary Accept-Encoding content-type text/css x-cloud-trace-context 8ce19c8de065598b09f0cb0a2e8814a8 cache-control private, max-age=300 cf-ray 7ecdd01b2d2a915f-FRA
GET H2	200	e8c846ea-design-sem-nome-1-442x332.png bucket.utua.com.br/img/2020/05/	40 KB 40 KB	509ms 267ms	Image image/png	2606:4700:10::6816:29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bucket.utua.com.br/img/2020/05/e8c846ea-design-sem-nome-1-442x332.png Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f89967d6b9cbbfea727e61fcfd70a061cc7463d698d8642990ccc2d7897d710 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:00 GMT cf-cache-status MISS x-guploader-uploadid ADPycdtz5AZJZLt47i_cZWVvPAgRVd_QofysNb-6ne4Z0JOWwBJ1cJyevK8-2DVBDFVfF_b-cakkZgcLrSTZYKY_f3wV x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 content-length 40615 x-goog-meta-height 332 x-goog-meta-file-hash d41d8cd98f00b204e9800998ecf8427e x-goog-meta-child-of 17357 last-modified Mon, 23 May 2022 17:06:54 GMT server cloudflare etag "5f39da71d62955b8cb140e58184e8385" vary Accept-Encoding x-goog-generation 1653325614445483 content-type image/png x-goog-hash crc32c=Mjknpw==, md5=XznacdYpVbjLFA5YGE6DhQ== x-goog-meta-width 442 cache-control public, max-age=36000, must-revalidate x-goog-stored-content-length 40615 accept-ranges bytes cf-ray 7ecdd01dddb23639-FRA x-goog-meta-size img-442 expires Thu, 27 Jul 2023 01:52:59 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	260 KB 85 KB	198ms 75ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1d4cd0475e3596e3ec0fb60345e58bfbc6e6cdc24aac69e993f8882b0133de91 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:52:59 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 86663 x-xss-protection 0 last-modified Wed, 26 Jul 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 26 Jul 2023 15:52:59 GMT
GET H3	200	spritesheet.png utua.com.br/wp-content/themes/clean-n-beauty-theme/images/	1 KB 2 KB	47ms 47ms	Image image/webp	2606:4700:10::6816:29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://utua.com.br/wp-content/themes/clean-n-beauty-theme/images/spritesheet.png Requested by Host: utua.com.br URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/style.post.css?ver=26072023125259 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 729fdd056968891a9b7a1eb8fa6365f58a7da10fd953e837feec3bea6501b585 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/style.post.css?ver=26072023125259 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:52:59 GMT via 1.1 google, 1.1 google cf-cache-status HIT age 37080 cf-polished origFmt=png, origSize=3567 content-disposition inline; filename="spritesheet.webp" alt-svc h3=":443"; ma=86400 content-length 1366 cf-bgj imgq:85,h2pri last-modified Fri, 14 Jul 2023 17:03:09 GMT server cloudflare etag "def-600756c55cd40" vary Accept content-type image/webp x-cloud-trace-context 43fa9ed4516f534b5e8862b6275124c1 cache-control max-age=300 accept-ranges bytes cf-ray 7ecdd01c682f91ff-FRA
GET H2	200	rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2 fonts.gstatic.com/s/dmsans/v14/	14 KB 14 KB	172ms 54ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=DM+Sans&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b99e2ac0acd1e779f2db8aa9fc92e5901207ad6150689a5318163a70ee667157 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://utua.com.br accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 25 Jul 2023 20:22:45 GMT x-content-type-options nosniff age 70214 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14132 x-xss-protection 0 last-modified Wed, 12 Jul 2023 22:06:27 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Jul 2024 20:22:45 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/	385 KB 123 KB	58ms 57ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 09:05:07 GMT content-encoding br x-content-type-options nosniff age 24472 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 125319 x-xss-protection 0 server cafe etag 4098493636285064892 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Thu, 25 Jul 2024 09:05:07 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	241 KB 82 KB	84ms 83ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f93c6d3d0fde39384d6e3e63538c6edabe088fcb0f11515ddc9f0ddde4c047c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:52:59 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83593 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 26 Jul 2023 15:52:59 GMT
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	118ms 30ms	Script application/javascript	34.102.146.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 19 Jul 2023 16:08:03 GMT content-encoding gzip age 603897 x-guploader-uploadid ADPycdu0ofEeAAYzdW5Z96wZyLXgm23ax7D6-P-kRrnYYyzN40_lI7nGf6iRwNhdTCtUf4jMUk4Ic8OfTq9SQAz3Ia2XKw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7927 last-modified Thu, 27 May 2021 18:30:51 GMT server UploadServer etag "df5542b88bc0e368c6999754a5b9e2ba" x-goog-generation 1622140251693895 x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== content-type application/javascript cache-control no-transform x-goog-stored-content-length 7927 accept-ranges bytes expires Thu, 18 Jul 2024 16:08:03 GMT
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	107ms 39ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:00 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Jul 2023 13:25:47 GMT server nginx etag W/"64ad585b-a980" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Thu, 27 Jul 2023 15:53:00 GMT
GET H2	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 1 KB	105ms 37ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:00 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 26050 x-jsd-version master content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ x-jsd-version-type branch server cloudflare etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AploB8UsTczz%2B%2FipH3ZlpI%2B0BM4Oq97XmjR9tKY2emDu3p4SSd%2BGonY19yUQ0ouZvHtokhtcu2ssYxgjSviVxGxLs6bH%2FbapOOU%2Fm4OWvP6Lj1NQB2h%2ByHR%2Fn7xXg2iKFLTdS9hU1uo2E36slIc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 7ecdd01ff9309010-FRA
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	102 KB 25 KB	132ms 44ms	Script text/javascript	2606:4700:10::6816:3556 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:00 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Thu, 22 Jun 2023 08:35:03 GMT server cloudflare x-amz-request-id EYAFV55K4BXD4QAJ age 2121 etag W/"9b8b8eb50e4814cbdc325ce477c96910" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 7ecdd0201c913616-FRA x-amz-id-2 whWkBhGm1ASZrNS/p6BPS7n04HervMshZG7qaxgZ9WSN3A3Ln15Wm67BYkFJkBlsBofx4C+mrXI=
GET H2	200	encrypted-tag-g.js Show response invstatic101.creativecdn.com/encrypted-signals/	1 KB 2 KB	148ms 50ms	Script text/javascript	34.96.70.87 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 87.70.96.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:00 GMT via 1.1 google, 1.1 google last-modified Wed, 05 Jul 2023 19:08:57 GMT server Google Frontend etag 6c49a4094d9a446bdc7fe3d19d23b4c7 content-type text/javascript; charset=utf-8 x-cloud-trace-context 62a5dee10e0e3c66f12074c9a6b4cb31 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1311
GET H/1.1	200 OK	uid2SecureSignal.js Show response cdn.prod.uidapi.com/	2 KB 2 KB	120ms 34ms	Script text/javascript	2600:9000:2250:bc00:a:e047:753:be1
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.uidapi.com/uid2SecureSignal.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:bc00:a:e047:753:be1 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id null Date Wed, 26 Jul 2023 00:56:56 GMT Via 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront) Last-Modified Thu, 04 May 2023 00:14:06 GMT Server AmazonS3 X-Amz-Cf-Pop FRA60-P2 Age 53765 x-amz-server-side-encryption AES256 ETag "4d5acbf33f4a0592ac0515db92fe88e6" X-Cache Hit from cloudfront Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1858 X-Amz-Cf-Id JymAcoE6C5hu6h8TOQFYTyL1cOhBn25wvgEl5m4YY4R8JUVPWIrPBA==
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16589/	38 KB 12 KB	119ms 33ms	Script text/javascript	65.9.66.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-122.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 02:34:21 GMT content-encoding gzip via 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront) last-modified Wed, 31 May 2023 20:34:33 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 47920 x-amz-server-side-encryption AES256 etag W/"550ead3a95bd6cfcd917d45c5f8f4553" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id dP7feex83YCunTRJCMETzh-AzUSXXUzkSJP8oVUK_N6W7llHFC1I7A==
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	317 KB 79 KB	1171ms 1170ms	XHR text/plain	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=773157468472007&correlator=3080356565760908&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=21862753527%2Cutua_desk_top%2Cutua_desk_content%2Cutua_desk_sidebar%2Cutua_desk_interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x250%7C970x250%7C980x90%2C320x50%7C300x250%7C336x280%2C120x600%7C160x600%7C300x600%7C300x250%2C1x1&fluid=0%2Cheight%2C0%2C0&ifi=1&adks=3399986936%2C1558435176%2C695725469%2C687659283&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C8&cust_params=request_uri%3D%252Fbr-cc-caixa-simples-p1%252F%26utm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374%26placement%3Ddirect%26hour%3D15%26dayshifts%3Dmorning&sc=1&cookie_enabled=1&abxe=1&dt=1690386780087&lmt=1690386779&adxs=436%2C650%2C1468%2C-9&adys=98%2C376%2C122%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374&frm=20&vis=1&psz=1600x1200%7C800x0%7C120x250%7C0x-1&msz=1600x0%7C800x0%7C120x250%7C0x-1&fws=4%2C4%2C516%2C2&ohw=1600%2C1600%2C1600%2C0&ga_vid=1775279135.1690386780&ga_sid=1690386780&ga_hid=2087640405&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYq5-dl5kxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKqfnZeZMUgAUgIIZBIXCghydGJob3VzZRirn52XmTFIAFICCGQSFAoFb3BlbngYqp-dl5kxSABSAghk&dlt=1690386779367&idt=671 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 34ceac17b7afd67c8bfcfdbf0aac9704d2f0ff10871d33c296e973c519a4b887 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:01 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 81033 x-xss-protection 0 google-lineitem-id -1,-1,-1,-1 pragma no-cache server cafe google-creative-id -1,-1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://utua.com.br cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C53F	6 KB 3 KB	257ms 90ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://utua.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 26 Jul 2023 15:53:00 GMT expires Thu, 25 Jul 2024 15:53:00 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/	37 KB 13 KB	58ms 58ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl_page_level_ads.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00c2e18e63aca27021f0097f27d83bc9794e06f4eb368f2e9beb8e00aa360fd7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:33:17 GMT content-encoding br x-content-type-options nosniff age 4783 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13167 x-xss-protection 0 server cafe etag 17457124678373541327 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Thu, 25 Jul 2024 14:33:17 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 242 B	109ms 35ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je37o0&_p=2087640405&_gaz=1&cid=1775279135.1690386780&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690386780&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374&dt=Conhe%C3%A7a%20o%20cart%C3%A3o%20de%20cr%C3%A9dito%20Caixa%20Simples!&en=page_view&_fv=2&_ss=2&_c=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://utua.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 242 B	113ms 36ms	Ping text/plain	2a00:1450:400c:c06::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y1WZWFMSQF&cid=1775279135.1690386780&gtm=45je37o0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://utua.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	198ms 78ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y1WZWFMSQF&cid=1775279135.1690386780&gtm=45je37o0&aip=1&z=1619123173 Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:00 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 45 B	95ms 36ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je37o0&_p=2087640405&cid=1775279135.1690386780&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1690386780&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374&dt=Conhe%C3%A7a%20o%20cart%C3%A3o%20de%20cr%C3%A9dito%20Caixa%20Simples!&en=scroll&_c=1&epn.percent_scrolled=90&_et=10 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://utua.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 446B	15 KB 6 KB	141ms 49ms	Document text/html	2a02:2638:d::d ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=utua.com.br Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://utua.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 26 Jul 2023 15:52:59 GMT server Kestrel server-processing-duration-in-ticks 251849 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	esp Show response oajs.openx.net/ Redirect Chain https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-em... https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-em...	85 B 202 B	142ms 142ms	Fetch application/json	34.120.135.53 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374&rid=esp&cc=1 Protocol H2 Server 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 53.135.120.34.bc.googleusercontent.com Software / Express Resource Hash f81981ef7824dd8b9f5a46b1d5f5dc8c0336b3147ff7eb730bf8cbc2af9ce1ac Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:00 GMT via 1.1 google x-powered-by Express etag W/"55-7/s9oFIfsaY3LwNgo+LQW7qO9r8" vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://utua.com.br access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85 Redirect headers date Wed, 26 Jul 2023 15:53:00 GMT via 1.1 google x-powered-by Express vary Origin access-control-allow-origin https://utua.com.br location /esp?url=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374&rid=esp&cc=1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H2	200	map Show response bcp.crwdcntrl.net/6/	60 B 331 B	156ms 44ms	XHR application/json	52.19.31.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.19.31.65 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-19-31-65.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash e6fbef14e90dea2440b801914859325df8da33b70e38ae7cc9f78b3baecd83fc Request headers Referer https://utua.com.br/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:00 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://utua.com.br cache-control no-cache x-server 10.45.0.79 access-control-allow-credentials true content-length 60 expires 0
GET H/1.1	204	increment Show response id5-sync.com/api/esp/	0 320 B	179ms 64ms	XHR text/plain	162.19.138.116 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533567.ip-162-19-138.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://utua.com.br/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://utua.com.br date Wed, 26 Jul 2023 15:52:59 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
POST H2	200	encrypt Show response esp.rtbhouse.com/	329 B 424 B	47ms 46ms	Fetch application/json	35.190.39.111 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://esp.rtbhouse.com/encrypt Requested by Host: invstatic101.creativecdn.com URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 111.39.190.35.bc.googleusercontent.com Software Google Frontend / Resource Hash b975bca4fb60b47b2ad91264bc97d9e9d09d33702403318de082251f1955c8bf Request headers Referer https://utua.com.br/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type application/json Response headers date Wed, 26 Jul 2023 15:53:00 GMT via 1.1 google, 1.1 google server Google Frontend content-type application/json access-control-allow-origin * x-cloud-trace-context e05c790f73df8aca854e987f32de67f3 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329
OPTIONS H2	200	encrypt esp.rtbhouse.com/ Frame	0 0	114ms 42ms	Preflight text/plain	35.190.39.111 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://esp.rtbhouse.com/encrypt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 111.39.190.35.bc.googleusercontent.com Software Google Frontend / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://utua.com.br Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST, GET access-control-allow-origin https://utua.com.br access-control-max-age 600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 content-type text/plain; charset=utf-8 date Wed, 26 Jul 2023 15:53:00 GMT server Google Frontend vary Origin via 1.1 google, 1.1 google x-cloud-trace-context 65e2a0e99a188b5c0149c09b2bfec1ee
GET H2	200	sid Show response mug.criteo.com/ Frame 446B Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=utua.com.br&sn=ChromeSyncframe&so=0&topUrl=utua.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=IHTVjXxZTjZQOGdya3gwOXl0MnVPYzFyQWlQMUtPZlNHTVowK2d0azVZTzZtcktlWlBYYXQyRy94ZUdRUFM5dVF0RFU2eU1PeTdma1FLbWhjRFh6L28zeTFqQXdoOXg3eVVFeVIrS096RU5kdENCbE5sS3pjTmRSdEdhSF...	443 B 675 B	148ms 47ms	Fetch application/json	178.250.7.13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=IHTVjXxZTjZQOGdya3gwOXl0MnVPYzFyQWlQMUtPZlNHTVowK2d0azVZTzZtcktlWlBYYXQyRy94ZUdRUFM5dVF0RFU2eU1PeTdma1FLbWhjRFh6L28zeTFqQXdoOXg3eVVFeVIrS096RU5kdENCbE5sS3pjTmRSdEdhSFF5SmxuRFl4emdDQ2tUaTJEZFpGRCtaNGJzbkdMV09VRG1pMWJGejlZTWNWalVnUFBvbEZJc2VJZE1lOC92bkRVVFoyRkRObnQvbENaV1h6bzN6UTdCMHNmYU0zY3ZvakcrdkVRWUp0ZHNZano3OGp3ZkdVSXZaWXhyNVFDNW1UdFZzbXV4aitSdExGNzNyNW94NGdoZ2Rrc2UrSXgyUT09fA&cppv=2 Protocol H2 Server 178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 170161a422df28ba96a439804603f8d9b6dc4291a18f9808da69bbac6d3de27e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:00 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1331550 expires 0 Redirect headers pragma no-cache date Wed, 26 Jul 2023 15:53:00 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=IHTVjXxZTjZQOGdya3gwOXl0MnVPYzFyQWlQMUtPZlNHTVowK2d0azVZTzZtcktlWlBYYXQyRy94ZUdRUFM5dVF0RFU2eU1PeTdma1FLbWhjRFh6L28zeTFqQXdoOXg3eVVFeVIrS096RU5kdENCbE5sS3pjTmRSdEdhSFF5SmxuRFl4emdDQ2tUaTJEZFpGRCtaNGJzbkdMV09VRG1pMWJGejlZTWNWalVnUFBvbEZJc2VJZE1lOC92bkRVVFoyRkRObnQvbENaV1h6bzN6UTdCMHNmYU0zY3ZvakcrdkVRWUp0ZHNZano3OGp3ZkdVSXZaWXhyNVFDNW1UdFZzbXV4aitSdExGNzNyNW94NGdoZ2Rrc2UrSXgyUT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 228430 content-length 0 expires 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 12 KB	233ms 105ms	XHR application/json	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307200101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b675899712293ff7fcafa359e537c6f028846bfb492891642473c28d32c686c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:00 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11715 x-xss-protection 0
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	181ms 57ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 26 Jul 2023 14:35:19 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 4661 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 26 Jul 2023 16:35:19 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 205 B	66ms 64ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2087640405&t=pageview&_s=1&dl=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374&ul=en-us&de=UTF-8&dt=Conhe%C3%A7a%20o%20cart%C3%A3o%20de%20cr%C3%A9dito%20Caixa%20Simples!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=592358521&gjid=109957518&cid=1775279135.1690386780&tid=UA-146231564-5&_gid=929911381.1690386781&_slc=1&gtm=45He37o0n81T48CH8D&z=634333915 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://utua.com.br/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:00 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://utua.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 151 B	37ms 36ms	XHR text/plain	2a00:1450:400c:c06::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146231564-5&cid=1775279135.1690386780&jid=592358521&gjid=109957518&_gid=929911381.1690386781&_u=YCDAiEABBAAAAGAAI~&z=1340822484 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://utua.com.br/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 26 Jul 2023 15:53:00 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://utua.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pd Show response google-bidout-d.openx.net/w/1.0/ Frame EF52	0 176 B	230ms 145ms	Document text/html	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Requested by Host: oa.openxcdn.net URL: https://oa.openxcdn.net/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://utua.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 20 content-type text/html date Wed, 26 Jul 2023 15:53:00 GMT server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	220ms 83ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:00 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 26 Jul 2023 15:53:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	209ms 79ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146231564-5&cid=1775279135.1690386780&jid=592358521&_u=YCDAiEABBAAAAGAAI~&z=167701633 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:00 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	80ms 79ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146231564-5&cid=1775279135.1690386780&jid=592358521&_u=YCDAiEABBAAAAGAAI~&z=167701633 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:00 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1829	13 KB 5 KB	65ms 57ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://utua.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1049 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 26 Jul 2023 15:35:31 GMT expires Thu, 25 Jul 2024 15:35:31 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 6442	783 B 971 B	65ms 64ms	Document text/html	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a0f0c60cf7cf2eb779460dcd40d848119f86e7131a20b3d49f880d15a29c9e76 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-IUtLo8G5lzI-KWBY6Dmx0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://utua.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 514 content-security-policy script-src 'report-sample' 'nonce-IUtLo8G5lzI-KWBY6Dmx0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 26 Jul 2023 15:53:00 GMT expires Wed, 26 Jul 2023 15:53:00 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 6442	0 0	205ms 89ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307200101&jk=773157468472007&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers
GET H3	200	dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js Show response pagead2.googlesyndication.com/bg/ Frame 1829	37 KB 14 KB	171ms 57ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7510acfe24a32d83799811456324f23dc4e232b122f6fb98b21f94cf6de6529f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 10:07:50 GMT content-encoding br x-content-type-options nosniff age 20711 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14586 x-xss-protection 0 last-modified Wed, 19 Jul 2023 16:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 25 Jul 2024 10:07:50 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 1829	0 10 B	54ms 54ms	Image text/plain	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?lKkGeg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:01 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	container.html Show response 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ACEB	6 KB 3 KB	61ms 57ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://utua.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 26 Jul 2023 15:53:00 GMT expires Thu, 25 Jul 2024 15:53:00 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect region1.analytics.google.com/g/	0 45 B	42ms 42ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je37o0&_p=2087640405&cid=1775279135.1690386780&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=3&sid=1690386780&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374&dt=Conhe%C3%A7a%20o%20cart%C3%A3o%20de%20cr%C3%A9dito%20Caixa%20Simples!&en=ad_impression&_c=1&ep.query_id=CMGewrzdrIADFUmYhQodwwsN9w&_et=1153 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://utua.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4BD7	6 KB 3 KB	58ms 57ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://utua.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 26 Jul 2023 15:53:00 GMT expires Thu, 25 Jul 2024 15:53:00 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	container.html Show response 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A6E	6 KB 3 KB	57ms 57ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://utua.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 26 Jul 2023 15:53:00 GMT expires Thu, 25 Jul 2024 15:53:00 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	container.html Show response 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E04	6 KB 3 KB	58ms 57ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://utua.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 26 Jul 2023 15:53:00 GMT expires Thu, 25 Jul 2024 15:53:00 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	35ms 34ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je37o0&_p=2087640405&cid=1775279135.1690386780&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=4&sid=1690386780&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374&dt=Conhe%C3%A7a%20o%20cart%C3%A3o%20de%20cr%C3%A9dito%20Caixa%20Simples!&en=ad_impression&_c=1&ep.query_id=CMKewrzdrIADFUmYhQodwwsN9w&_et=75 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://utua.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	36ms 35ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je37o0&_p=2087640405&cid=1775279135.1690386780&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=5&sid=1690386780&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374&dt=Conhe%C3%A7a%20o%20cart%C3%A3o%20de%20cr%C3%A9dito%20Caixa%20Simples!&en=ad_impression&_c=1&ep.query_id=CMOewrzdrIADFUmYhQodwwsN9w&_et=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://utua.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	34ms 34ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je37o0&_p=2087640405&cid=1775279135.1690386780&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=6&sid=1690386780&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fbr-cc-caixa-simples-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dbr-utua-ct-email-cc%26utm_content%3Dbr-utua-ct-email-cc-ag%26utm_term%3Dbr-utua-ct-email-cc-ag-2374&dt=Conhe%C3%A7a%20o%20cart%C3%A3o%20de%20cr%C3%A9dito%20Caixa%20Simples!&en=ad_impression&_c=1&ep.query_id=CMSewrzdrIADFUmYhQodwwsN9w&_et=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://utua.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 0762	624 B 505 B	228ms 97ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARizuN3gATAB&v=APEucNXcp_mf5Z7jn5F2Ot3jmA7HFyUKuZCMCCfXel4k94AYVBM-ciGCwxUofa3seWiFoMLSuwwjbsh-GSPdAsprH8g1s-m-jSO6y4uNgjgTsuKP3naLHCBlgmD5vlkiAPct8zDVP6iuvlXUYmp9Aj9zEws9oZHd25JFFWLSPPOFORAcaXe2fH0 Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 26 Jul 2023 15:53:01 GMT expires Wed, 26 Jul 2023 15:53:01 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame ACEB	85 KB 29 KB	140ms 139ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29781 x-xss-protection 0 server cafe etag 4315658989838864570 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Wed, 26 Jul 2023 15:53:01 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame ACEB	42 B 63 B	92ms 89ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ABrLl8_xtDHBk5IOEbxEJ1xwPAYmHe-9iBDj47sd7d9Tq69XVVweoHD1DYRipBO9mvJpUg9ZGrmsURUCMEoiOrnQazFuBGMh9qspceXY119XUnzO8 Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame ACEB	0 20 B	92ms 89ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7094442829068886306&x=1&ct=76 Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adj Show response fw.adsafeprotected.com/rjss/bgd/1135760/69474528/xbbe/creative/ Frame ACEB	257 KB 78 KB	189ms 48ms	Script application/javascript	54.171.46.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/bgd/1135760/69474528/xbbe/creative/adj?p=APEucNVDSZixqGDMUyUcMEAAlNHJJ1aVtmGLs1CdgRroti1tOWRurrM&d=CokBAKAmf-CqdoAmWTjN69c8hHEjo--ZXxGcxJBmeZ_jfjeRmuxoebJ_S18tUyumIOw93RDJZNEYPjZkaUlhl9JuTCsTrwziJA4bHz0jYnfnXQGhPYHNLO9Q7ZF5KBoChRY8kh6TSuiWifZKt8SEF-tUUdn6_YW8cETKlQT2-MpF9HKe9UlRdriiAkcS2RUAoCZ_4LDKRU1z1Z85ETReyTmlCYjw9tB5dsfFj3GWx25sBq0Ha3mpP7elbNDq5UP4HIzsAxd3OZt31-n5gjWINhMAgayQxZ9DB24TJuwvp7L1Ytm5AiBNbcOrtKyhMviHFLEpWeCRn-lhJ7H68vWkbRVMsPR9slDz7vbBvmwuj5fM8FK31rQugkPQOfB7CiO_0zQnbpZvp5o1yb4VUCl14jVwQ3JBCXTnXvvcrPKNGGSOx6rvcaFKfzhjjJDCpubN5ozyTfSHucVZ7pBGiGfS8m6x8t5UG36zUkNOSj2csQU6PjBDNjnsisexuP7NlFmHCANrtRwWvAhvxuHtoV-C8_3nzPCfi4yJT5CMasWcnXRVfeKE7-LW-OTN8ZSBCd2e-SJm1BoYZ7XPaaNr2lr5rX8_8vUKcczsW01rXUE4MszECfUZ9-gF3LLtJ120WPD-2fYMcqC4MERF-BTYz63JOWqSFuNE2k7q3mpTmvG_rxqzU6VPPKIyxH2zkTuygQVFSGi_NRrj0Iox__mN4RWtd1bHlY7M7RksDktFcHajXy0po-JqjLeE9jmGPG7zd5Fyl_vMEwY-WXnlTY5PaYdZmYo_opzpKpRsNxcx414CwAgqskREaUfdK0oa04Mqsl3wOSGcK5BmKxMXc2oUgZkRp18Gqq2U566NkPrpmtGe2ZshaXdA7UiMtTDM4q3ZmOe0OK_4wyHtR_NIOqP1RC7haSSxyCj23bOTq1VH0cMcZ67r4WxArV6Bi_d2U87BPqPhq2jdHvGSx9pYI0OnNmrtXyxVFkA0zc-4hodqpIdPs8q26yDAa0Dci3mOF31Xx5nGMdkmJDNXjpl6y8kdgH4O0_IX4DviWvwA1fPPXNMxzU7FBRznFTAnqsiuRz4GHpLneHCuIxvllWr0IJRqCgYYSqUOim43Z1RLabid1w3eP-ZxprADoNGxEnhVKhDXkOYzrhUaXHCRKQykLf-RYxWk-jIdc57mEU5ZqpeRf669PZ_xENM_fgG_dr_9QsNDqtr86fJj__mrdEudU74iiAnDDqJkBoML6L8OLrO_xN8TgEyeu5Hm2y9jdKmo96zEk9XrjQz2T9RwwEi8ZPThTnXzMLfHIptoXjz8jamn-0yOriqaRiks8CpJ_ZqnNDpZYRrhnMJ0kRideSYSzc75wliJeepZkuPOJ9oxAdQcmeXZnFUDmjMPX1dndeHQpqo8Qxdb8iI19TbopmVjKw8dp9EU0RGGbTsIFFuKDUJAatZWvJxkpIGoC3kiwzpOKuYbDIOHBWvExJAW-yhVAnHVjtCM_rNBM8Pr_xxTSbC37rqBOOl8DRG17_msO9TYOdQdQGh0nrsIEVDaNxU4kc76VkowsSTEC5pJ7kb1_RY7dD-kusAOjACr9WYhNcJdbGWt4qqmrONwtx-bwJoPHC10D-rPDRmQ-efJA2OXMRwYz5fiIJaxtA786jGEfG4B7mbukUHD8R-udF1mZSAb-zFNbKO0sjCTJjEiaDi15UlCRPEiDdBTGGEuyd3r-tZH8qsJsQM8bUSireYR2BmtV8fpm1MnPRaRfsX8b1zjWQp_S6gC5Q_Ns4W79mSWnjK2g4TUCqw7mJJh2iBcFYIZO4fyJjEY4vDoXh8gI5R4aGKDUeao2SlK_UBZLbkiglQycgJPH7pVOnrgdNmnWKi9creyMzCqJycbEngVE9ekPAG1nrVwxBViTnMpW9q_bHAc9upqiJLma9QRV_PH09VCUwNRf6HeWYGRL5REAZxrHEn4-4YsUY4NcNjbjC-zUGSQ4G3Rc-eCFW-7FrM13P35USa4SoFK5L1qA0d2lik_wl5yELZrQ9LN1KweuDd2oSgXymHYUAQW3mzZBGQh5RgMxtQRZkxwFOvoqy98RoyZK8Y-bBpx58wgaGAj1-4RPMTqPYOyiRR3Vf5VJ55gEfEI6M9PV1PpX1zxhb-7JSCeOwFUAZj8bC5NjldSS_leRE6m5nH9gFpADWN95BNkmoZvlBQrNMgffBTZDKQdZux9uwKkfenf6ED3eQPYG76ZQDNZWDfV1d5x13UM5zIvaTIyr_vBSnfgRzddsOEbJeNpDMVdtJXfowh5hUrOa9fhuAWzv_MkTafjX1cZh1I6R2F1fQVtkebmhSyHsLdCZQPYl1aADgzTfROwS-p1fycCuo-norvLebMaAiYIoy2GjsJVjr_9WUA6TBY_pX1aFKZoc9ggf5T2vmbk__LVzabT452eGoGWx5KvkxTbNui8-7uzHGWi-SRhA6xhZSysZCDoXMq_LV6-y0I6Qq6bFy29pw8qhYWdHIZaBzFFbV8FAdS6dWOPi7IEL7_HHGjE0sl-6MlBF6bYPG18tQHmnyC5OoH-2Bp0-f6Xs51pK7hB-rnYfbms5se2bHgmMjXrnOQo2-F-uJV-eJ5N8_wU0G2Gx4-UDYSUqlbVkJF7V46gi-HBTT1Dbkn5HPf8tPoXpVNaa4OZBOLEjoWDBZvhzPs1Fo4x7v5Pe-hXnbdaVqyXSTgYgkmdOQznvH0M20uD-7nIHyMLEY6ialbAdjK3z4pSKHtAykJJbQTibGGpOh0MhapxJiVGO4Pn6cEKGER5FdGNEXiIOI_dqibAWTcVmcpl49MurwFSY_jg6vqovqyHJGXM3c98P_IDWs0m9xUUdW1TMPmpJSUkTlHF6LPewwVEc-mJXYTP0DrHcEQspzrhK7K8ndYZ0AxTcqZ-xvXmERBrEu8s3B1dmGGFu4tFBdR_n-QlZEMCiUxksXM625NtTMAgk1J-67dIoelkHxQ0Ar0mZxbiQVpykRLP4GATBF3ykVa-Fo2NQV5Kwr1xxW6f7qmXabYKKKrYChozUAm8dHcY54j2ilcGNvQ3usy2SEXP4Gk4EOvYERhXp_R-gHUF_yX2NRmQuRq9zNdwQQq35dnrhlfc0k7IhCPngktY3PSuLB2hjObOS__4hEfgfWdEKQJBL2gPA2Ws863okaIVmV4zp5Ez8Fhpa71-rp4KKqhO-rNhe2-Hrt9yKajPm8A_WGGZcsiZt65LPADJnX74eettcnaYIi4q9pXMqxgRh644DLDkavjp7HmTeNKec7zoBX2Zhu25CuSlxczXYYI-uK4G3ZWmAwI7Qi8-0oY6X35vISXcnIkWV9KrYBQnOuAi9kw1L3TqBRv3Jp81idb2rD_YX9v0tJGgWru_TwoAMAjMAZmEXOUeEZSO45qNO9Vq-PUWpdinLQDNim_c3Ip96zMNzXmE2aPQdP-aXWtjCiSywdyK2yZApCSWvVvf56DTTOPy8Tqa42M578qKp_zN1pPfd0qI3ZL8fe074efR0KZxpRS7PEp-Ae1xlpldLoMKe-ubaFXwYe3B0b0sLEXnzrFELCJtQNxBYaHh0tzUxz8soI1LhXexgjtuB7lxLiq1j5KFakc8DRufaAcujqohrwk18DIHl3ce6dgZJoVDW7EVnlB6ucFJdIiwz-R5owUFKf9nPV4l_H0ZwwAcqmLzaDo7gS5pIiDmB0oRyX-dXWFxqSv_oPE9n2lG7Dys6tQfZUn-TZukDROmLEZyG7ACYSatciVg4NrfVbZ8_3S4-poF3iJ5eE_iSwrWen9o__fDwOxACJ5kAVwrsgXV2THztlKFHnw1qtB0OPPSl9PaUxJzl6KgH9Cs9vUuLswNU273VY7A-xYkBdIFvTJ96LiIjq0COEE7xMMd-j3ITDEjgKEkHRpRCAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgBYAE&bundleId=&ias_dspID=3&ias_campId=1010773593&ias_pubId=pub-1757064723917999&ias_chanId=1&ias_placementId=19749005473&bidurl=https://utua.com.br/br-cc-caixa-simples-p1/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jKRgi-7y2j-_QKyzxMzN5z Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.171.46.74 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-171-46-74.eu-west-1.compute.amazonaws.com Software / Resource Hash 22c23ac3b6a35896b217571c382a6bc6cf793207a244cddbdd26f6688a9293a2 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame ACEB	3 KB 1 KB	57ms 54ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/window_focus_fy2021.js Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:21:43 GMT content-encoding br x-content-type-options nosniff age 1878 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 15:21:43 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame ACEB	20 KB 8 KB	57ms 55ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:14:19 GMT content-encoding br x-content-type-options nosniff age 5922 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8302 x-xss-protection 0 server cafe etag 1396992018294926149 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 14:14:19 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame ACEB	179 KB 57 KB	244ms 115ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:01 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57383 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1690198756579870" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Wed, 26 Jul 2023 15:53:01 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230724/r20110914/ Frame 4BD7	23 KB 9 KB	54ms 54ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/abg_lite_fy2021.js Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:13:40 GMT content-encoding br x-content-type-options nosniff age 5961 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9132 x-xss-protection 0 server cafe etag 17712579318771444318 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 14:13:40 GMT
GET H2	200	css fonts.googleapis.com/ Frame 4BD7	8 KB 846 B	67ms 66ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 26 Jul 2023 15:53:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 26 Jul 2023 14:22:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 26 Jul 2023 15:53:01 GMT
GET H2	200	outstream.min.css imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame 4BD7	15 KB 3 KB	174ms 56ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.css Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:15:24 GMT content-encoding gzip x-content-type-options nosniff age 160657 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2920 x-xss-protection 0 last-modified Mon, 10 Jul 2023 17:29:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 23 Jul 2024 19:15:24 GMT
GET H2	200	outstream.min.js Show response imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame 4BD7	375 KB 129 KB	175ms 57ms	Script text/javascript	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:15:24 GMT content-encoding gzip x-content-type-options nosniff age 160657 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131779 x-xss-protection 0 last-modified Mon, 10 Jul 2023 17:29:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 23 Jul 2024 19:15:24 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 4BD7	20 KB 8 KB	54ms 54ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:14:19 GMT content-encoding br x-content-type-options nosniff age 5922 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8302 x-xss-protection 0 server cafe etag 1396992018294926149 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 14:14:19 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame E1E1	624 B 826 B	196ms 97ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARifqN3gATAB&v=APEucNXx4g4A9iL6GFfe-kif9MR5cOJfeSuOeZRvNUWafuM-2WGM3rWI_G6Q5LAB-_euTTj3M5BJ8gtb02LiJATveAkLz-9JOUo4iIqoIOW5J78bRYBBRKok7JWwAWTrLljzkGRRCWHm_L9GbJaNUBKF-LdRA8uu9J44Pu1etUpRNZAcDwj-jwU Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 26 Jul 2023 15:53:01 GMT expires Wed, 26 Jul 2023 15:53:01 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 0A6E	85 KB 29 KB	186ms 184ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29781 x-xss-protection 0 server cafe etag 4315658989838864570 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Wed, 26 Jul 2023 15:53:01 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0A6E	42 B 63 B	95ms 92ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CeoyciZgnqVWpZbcKvBFGbZT2lh7ZHBh0Z6OVvYb57zE61bfoky0YYye8V3p8lQkzC04rbbHqBNyZQx0N9Lo-8VXqDIgMdL-fB-1SgyNYa2n4M-ag Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0A6E	0 20 B	95ms 93ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15359261502279099281&x=1&ct=76 Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adj Show response fw.adsafeprotected.com/rjss/bgd/1135760/69474508/xbbe/creative/ Frame 0A6E	257 KB 78 KB	159ms 48ms	Script application/javascript	54.171.46.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/bgd/1135760/69474508/xbbe/creative/adj?p=APEucNVRgmF0MvPZLd2yXgQSQqE9zj73VY_bxk10Ar7lU0eBO6jcyTc&d=CokBAKAmf-CE8WaHOrD-FIGeyCpvxVrJTFvK5EGL8VeMh1kUu9tEzB5vxWKeJfZLKD1g2jO5yJmC_MCRljZNcSOkzL4oBfX08nkBPdtGe2UGS8FDslq1CvGZrIyh3pFc5YH1uO_Pn7xyp3aJmYmholwna-xWnqIPKojWj-7xUVpG4FHH_r3BEDG_QwES6RUAoCZ_4E7nRnSeLO5UYR7SMLEjvG1J9JRfzFbmofE9VF1Q4u_PO4-lixFJ0GP1yI5cGX0Kxo3HnRnyfXph1J7ipc70kisO3AlTxa5bCOnJAHP7ilXH1j1U3dLr14mMzwQqFvRrZXdDWkGgUMMAwy7gY5WNE76qTQEFrRAfoVL3OEzSxakviZ9BO7j0AV0C4On5mT4WKahmWehso0hrVXB60X12ekvXm3qDxa_RuRxkSOTGThBa-AEwKnTnGd48ptBr8MpBmJqnHtSSjTaZjkgHnOtp36D54ovfyWUzdP-J5R1-b_mvxuj2dkZWy68zbf5IeUF-ptFxat96Lr3EWI667bp4Xv2Q82SqDcoN1y4sqAAtIyFWDGgUZjANvraZ3uoaR9SWyRIdASvtBqMAf2g6DYOePNIngdzpyUwUiyCXKyQ3CreAfU_YdOxpXRsr5AUE0SeAk_QHj0aqODrO8RaKcmSu-l8jTFYhnvo5R8OUkzbLNw2uf_ochRahTcsGYtj5z_4imJdbr05kX0uhSIgsPwl1H87AVd1SzUUk6_wtl7nrUjO-nlyadL_al9OI3krGBA7-2Cb7o7qOzxenpGauz7_QOp4h_ZyqDLgOIQIxLm2rrc37WQYCOEBeAQN9x16RfL5qObFI1o4p2g7lS7PBbPpqs4LW84MnKof7wHeB0MIFcZpOHU19az0L3cBA8yBkgnwNj8LYc3JErzwfrKB06WF8QYgnybj_g8JPCBG_BDoufIxQGtItR5zUjZNbQr-PCVuuMAXitG17t1Nmi2orR62o2YRNEc5c3ypra_s6EsiBGojuP-JmVprMKKdlRFo5IyTfnWolZ5inIPrV7_rTRcMCGkt1Y7mI7pn_J9S04Y1ofHr-bdex3OxcVd20lFFMcWWVqDRunZ1upTn_HjbCGRhL6mDUq5UUa3g3fbiHHOKQmcKsuqp74SJqaCFZTIqLOv1SudJg3YIuq-XzntPmljScUcyFwsPl3dbpvC82bIOgngrK3SPq8bQNh0jmQbKtzky_vFf3SL4QDd7WaYhL9L8VYWU-dFVD6h1DflDUnRw5mhdcjHWeLgTnrZXZC26ik9t_5e_MoLp6IjAcaoaEt0hU-6Gmn1o1h6KEneRvv-q8UA8PwCLnjoS6O2Hmm7iCiDhUZaMBTNsFsoZQ28JXG6No_l5LRoNU3_0U3PT3i0leyR9hAqJsT78auCOxTJ94r5QBG4E4i_25UMmFmq_oqpsMFEdIqKScmVQiK9YF4ePm6Cnznj1yUdkD_836GQJBKQ8MAhetnYm7IWMDxlkUlG1SLQXo2anGX76kZ-RWDkD50RO174Fzc04P4S_IpxWXUQSXKmp474qpPUtYxn7vy7c8rQ3UMBZCVm4Hbasky_M2mfP5KwUnnrZXiospupnZp0xe-PfLauAFL7SCt9BnhjCgc4iWn8T7EJbnk0puhHzJ0l_F7dWvBriW8PtrcHfQD4C7WUDmhepQAZcbhS1_xu3kzfjwcDXd77srPCzTYqFioFIXlVC3CrLuJ2s7aMSlX6QbkCbN4veHM85xsnz5hSH3Do12trNgZeXcxlkbItGyIV8JkB1NxoFFgpHrPX2pxSiuRs0d-T4EtvJmqgS8N3rsSIpK2WDhtl4-WjGEvmaRyVBHUzALdjdW8k73E91uvJrQTQXz9T_dZwgSouuSXcHzipyPEZMk_wkX4S-Xtc-WTJ3PYBZBSp0wIfi63VRWyCMogUE9UFb_s3v32ECZJth7hwPdHfuya7EACDn2v7sEeSi3e8RR1UNmTiMbyrvo3ayjEg7dMW4EAhZJh9BpTv3fAyDCqx8nrSeiotGcel4iJYu9qxJBxDK4vnD_8twpbqs4bC9bJ0eUOLUmXHGRmsB4sx5QSe2GQh2GY3O2xacbTZ2ttwVzrqoJeY3mzAByqJVB3MdDDohUDdBfWQ3sIv4AvV4403zwIJSd92M1sI4jTbsPQHlhGDmjH8rqLvCOYPV0X9F1QV39KxmU3E1kgJSaKim1p1RwPNeRGVejcHhL7SHpxvvSfD9rOPfjNGTRI2_TgJGe6t-DkyIoRWTG2TKkX5jk3bC1b5RTBhk4ba7TbqwPDd6wXF78w9tssxMz74ts_qhOdlT8TQvJdDACxnmsk9YDiKz6LncY7bjwGY_LHOMNTFhIB9rj8zWopW72Vs3FP_sMX3IMxLqMf3El7553O2V8KFUbgXsfFU2BguGe_8hTPhZsGukKRpa9S_kozP2tVtAoCjqK1E4iDhWVs3iASgSu5XxqSWsRbZa9SNxwwnKzj70lykqC_EYf-GK-4XMWDiMqSrU2tKbPZABQsuF6K6t9zOADoSqFW2AAUICpZ82Y4uI3LobD2s9knFDHpZ8nIAm2BmQrpMlMLXHFTqDOp5aC5MD84ulOG2O0b4c0Kg5tsDCc6cNdjMQuKmn4oB72-9PmbWCxehPnTdAEnAfbUgvsRry4joqzDkRigpC_UyDrMpNGL5gKdT4yM6oWP7UV6rFYIjkxyCfDGtdyRQpVAuyj0bI8lJYjZeKZ7iIPCQOq4vfWtCZu2LkazqLbK0KcQRJ1ZMBQ75UBxuSqiED63RCziyrguIV58AiPhENitn4ME6xBDf37qwCBsApTFZ60pg1CidkYUhH6ofEYyHVxOuE4KbbROfBqG-ms6Ry-sHsF9DaT9ieAYvFD2hgKvGw9WFIA4IU90hGCcGnojE05tCaqEPrEd064W7e4XCGjVIGFpTbRvCvweI9Ik5364wuqLqAu_yup0hN94r4SbedqZlsuKmNyMaBj-P-bfH0g5RI8Awd_J3MsOeRogxHLVpxkrzVUc9xUNEdA4x_1jcrGIch16OkevE_7loF6tbhETLvysNTInPGWdVDL_wi-4gC7y93ncBzHuzpWA-0TMLmJqcblmb5SIN-E0I53O6RLLmFYw8-SCbvN5EJv4ByHhL4eG-6vfLvlRZy_kbq_waKcFbncGNLCC5kVRCSNbV3DcD-vjRyh8V0D1lZuTOmcqIvZscBuLdcvFhQjRQbBDqiMCxiT8KKFPLsR-6fPKODqS6drp0apUg56RDwPEwGPbUCLUW0H72zMG5ROk8A43cE0JTbh7ggt4qdktEYboU6z8cdMqyUk09CNzJ2vTwZw-WiJeV5ad55AkQxHg7DL-3hGP5RbxZe5wh_ftA7QHvllE9XvepbrGzwRHOIa0mgTBh_93ravGUdiXoJG2BvQuWPoHBzGnvzKDTOUXZTf6YTL8cseqOL8Ojb6icpjA_OZEzEhHRIl0exZI_hn8IVKAZEvCV4-LDqzrkRHNjSZ4uol-oDRKBeNntZgn3zsxdajX4Pf4vQhmtmpWAvDaHo1V4DUCIP-MT_VOuxxxBexYIYfbdInAa-LLrb2wYoazSj5iRlJHnHP7LAJkyfPi7r-HdlEf9i3b4IfOgp4_5XgYrRdh5xas8L44AGUl5NKZ0fE3Zkke3yEb-dmu3qQ5zySPiFqesu-lsy5X55_5uQ33TaUyYtkp5Na4DcgLxki9J0Mdie83SeoDPJbqNhoP9cjJ92r0_8pWK6cSa0q9rJUVwnPPpZT5NjcZEBpupUcneKpDUsmPFUR0tD5iFpa4HQ8shRy2ktQ69f7O22YLwdSBtq7jw1HCbnbT8dQpicrfCEk2ASfvj11QUQsUG8Mj3B4MFxQFBwHnKhKe3httFXjfRflZ_SpxnLI-JGU0XsEc46X6WSJfYQWHlYaUQgEEksAaQJSVhygez3gLVUKWapk5ShgtF0pdvnSEfNSR768OfplGYnsam7OAEaF2zcaVfGkQlhMDfFkNJzV4XidNOCiQ26pX5PLRN3WI0IYAWAB&bundleId=&ias_dspID=3&ias_campId=1010773593&ias_pubId=pub-1757064723917999&ias_chanId=1&ias_placementId=19749005473&bidurl=https://utua.com.br/br-cc-caixa-simples-p1/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hNdmGMQkb5NGABgdHeI23p Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.171.46.74 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-171-46-74.eu-west-1.compute.amazonaws.com Software / Resource Hash 28c9102c8d38cbd630330c5c89c7a9dde7a23322b47ee54ad9b91be3590c4a5b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 0A6E	3 KB 1 KB	57ms 55ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/window_focus_fy2021.js Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:21:43 GMT content-encoding br x-content-type-options nosniff age 1878 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 15:21:43 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 0A6E	20 KB 8 KB	57ms 55ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:14:19 GMT content-encoding br x-content-type-options nosniff age 5922 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8302 x-xss-protection 0 server cafe etag 1396992018294926149 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 14:14:19 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0A6E	179 KB 56 KB	305ms 206ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:01 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57383 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1690198756579870" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Wed, 26 Jul 2023 15:53:01 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame 3E04	4 KB 744 B	71ms 70ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 26 Jul 2023 15:53:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 26 Jul 2023 14:24:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 26 Jul 2023 15:53:01 GMT
GET H2	200	css fonts.googleapis.com/ Frame 4DE1	6 KB 779 B	66ms 65ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 26 Jul 2023 15:53:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 26 Jul 2023 14:19:15 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 26 Jul 2023 15:53:01 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 4DE1	2 KB 892 B	54ms 54ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:14:06 GMT content-encoding br x-content-type-options nosniff age 5935 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 14:14:06 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230724/r20110914/ Frame 4DE1	23 KB 9 KB	54ms 54ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/abg_lite_fy2021.js Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:13:40 GMT content-encoding br x-content-type-options nosniff age 5961 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9132 x-xss-protection 0 server cafe etag 17712579318771444318 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 14:13:40 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 4DE1	3 KB 1 KB	85ms 84ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/window_focus_fy2021.js Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:21:43 GMT content-encoding br x-content-type-options nosniff age 1878 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 15:21:43 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 4DE1	20 KB 8 KB	58ms 57ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/qs_click_protection_fy2021.js Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:14:19 GMT content-encoding br x-content-type-options nosniff age 5922 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8302 x-xss-protection 0 server cafe etag 1396992018294926149 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 14:14:19 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4DE1	179 KB 56 KB	298ms 221ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:01 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57383 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1690198756579870" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Wed, 26 Jul 2023 15:53:01 GMT
GET H2	200	39d4397462e2693449f221f9915f9e59.js Show response www.gstatic.com/mysidia/ Frame 4DE1	33 KB 14 KB	190ms 61ms	Script text/javascript	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 08:02:33 GMT content-encoding gzip x-content-type-options nosniff age 28228 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14179 x-xss-protection 0 last-modified Tue, 25 Jul 2023 11:10:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 24 Oct 2023 08:02:33 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230724/r20110914/elements/html/ Frame 3E04	20 KB 8 KB	66ms 65ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dd514ffbccdaba03d423b0bc47ed4602c734d534f3d5e2669d58cf40c133c3cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:09:35 GMT content-encoding br x-content-type-options nosniff age 2606 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8610 x-xss-protection 0 server cafe etag 1797702365616887767 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 15:09:35 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 3E04	205 B 295 B	196ms 73ms	Image image/png	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 25 Jul 2023 19:57:09 GMT x-content-type-options nosniff age 71752 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 24 Jul 2024 19:57:09 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 3E04	604 B 920 B	193ms 71ms	Image image/png	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Mon, 24 Jul 2023 13:09:15 GMT x-content-type-options nosniff age 182626 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 23 Jul 2024 13:09:15 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame ACEB	0 20 B	90ms 89ms	Ping image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9572797897140&version=m202306200101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame ACEB	0 20 B	92ms 92ms	Ping image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9572797897140&version=m202306200101&ct=76&x=1&cor=7094442829068886000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame ACEB	16 KB 12 KB	108ms 107ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwpBFzCCdD503wLckoQl3tww2ea7dy0HBSAfQfbasoVjWPw7QMVgLeIAKWx7hpgLu85ue8xZt1CSePpVcugXRHfPJJ7sVvRSJE-6xAkHYmm88BsMEkXvVlNKVTDKc3LB17mT921JH7U4j6NJOxjDVWvxREnnHy1Zk4MKU6LjdaaqJL-FE&cry=1&dbm_d=AKAmf-A8PKwUzM0kDsLhg3DD9nz0P7cwYiIxVAAU9Bawo5F2LzKqA9IiMrgqESRydHe_vrCbqWINh0INTRavMGebc5H6R31vBm40EPgdnRkBQMHLVxN7HspbAJWMxthDMsc7AOx5v4wPXGRcBiFw7RlHzpfVs8yz0GDVVVRwSUhA5kalyCtQUdveuORUDq47ED7wkY-bYc6sshlxVs_hdu34OckwD63KGiWxzb3Hp9AS2cK-3bBHSJoliruTxV_loO8wAiS_L7Q18gpZVCjrA_5SMVrM1Rgo-VTV49GtHH5cjlI73qXzSenukWf9S8Jcn93ZTlIVd8oCEUEZQ5JwsMPxZmZFWrybJYaOcM6dbO38CAsAMa_k3HKajxOr0BJ_PZ-hHoAvoZvZi7XKl1czJlHRxw4f4hwF1uiNfXVmkn6Ou593hdENff5MBfGr5LNcr6EiFbIwb1QEbhpe9Aa9uvUA0tNae7h3F7eCiB-tGkqBS8-ZPkXVa1AtD7mnm0jCsaRJGh8DiszX6b6ms6BrfX-18x0ad3v9EH2yGuQocy9xiqD92pDjgUI5ercj8qIvMR1KMRhL76UnTk1lf4TWDBaw6t1bPe1p7Mvun4kv_zmapArF18hZDi2g3uDGOMl1VMBwEsoqXLeFO7eMTO5j5dgozL3MjRO-ZFeJT8tBMP5yT5aYhevDqijTxIe-De-QtgJ2i39CzSkAqt2kNiMCXRFex7AqF-xHGNe-0WypaEnAkFRsRMykke0ej0xap7BiybXtx8T-vcrH2ejCW8htrxdHia8I_ccXw-cT_z5mvP1XIVmDHtSutkAUKqjoQFZjsSm0J4zSJ6zbzaAhIJqYGKmxsT6BMCmmK9pV7SQbRzSx54liJjt4mk7yKPM1zzjVLyfa_ED0hom8a0MneDBjCg3RAasyVi6e8OCIkef_iWAzvEhkUhn7QeWY7i2f4xf41unkg7KaoL7mhK1Z82fKyONe-hhMH5quV82ZUvIKRY_r5OuSfw56ZdpbpsAp_fmH5N-1wPA1NZYKhDyNEYA2ZvgzLxH9abrloVGLkVBSdw4ub9teFAz6kyhjw2bo6cTdcozzSHMMLgQECTeOpdR5Xb4l8BebdhMryKbc_vJCCb9yRyIKHcfsVMNuh0JAp1zWgjhVFuCnxXg3v45wBnvLn9AUWmd0ZpYA02B2787Kzrv9Q2wHdLqkQK8h0mIaowluSk_FtLfhcpA6VpI-ror29Et6eUhQ7egx4d8ex00hifLKTZSibFfov_dZWrlS7E1dIg8ex9b6hPK4KU5MnTrgm4WavPS2uPuv0u0Z4euzJp-q4Cioe2jqmBnBSoISWA19spW-MMfQ0aZrN5kfoow2mIadLGxldnYV8eYcPeXKc5b5Z9aj8ji3UOeY3bbPwiRYtKysRBpk8auokIzya6WRY-CByjescA1GG8SYIQTB7qZDTuKznH-Mh8PqSdtRQTyMjwIMu7zsi_RYx08Q3RQ-8j5yT50___O1ELG-SO4_4YwZYnfr4kKWWiNsMxbXzaRK0s3M16PQ0NozqGhfov9nDkresXyOt_sTgC34i8IDQaDc5sd8Q4b9YNi5bti5p-RboPa4PpKoIlpjeOo31MSq31ljvgYE6yinvUD4CUjFHxoEpnFJ-bMbEAGNvrTn95riTgYG7Gdpl3RTAVU1-njzXrjByZ-URl00Q-hYulfZYXdRB1RfxtASksxUepQn1XA_EUV0p5Y_KCEtvNYXKckf5h23Dd84p64kUhICPJ_gONTLcJ8YHnabUSJAHxlRb7EtfTOT2CUgfUNhWzpMZdHhkrGBZp7fI9xfrfOOMhTnOmMznlv9C2ycZdp8CTewsa78wrU6NAYupB9BqQrorN0hE7ukRj-n_1WslVYEDK4XTotlGfSpZVWu4kM-lDuFDcYphsgJ8Xr9VscPqnUAasiXcL5j4NQERLRjYHoQDsM9EZ4_P4wJlpFt_m_Y6wXxp4slfaIuZ9hzO4uHpc28on9T7_Xd-7U4HhjMogYlHkxZlYKLgnOclDtvq9ONORuy6VZ9Egko5X6OsLsBsFmUb4T2_CHfnyb85zYLDmblv7PF3iVnTGVteaWBAvcJXvw_f6wqX6yTKVbDa_MNCN_uNilA5K7WoGCku4zSl2NnKQD80H3hSXvqVpTWDVePubKaFgzLsG3mjBaduDyT_mMlFpXuO4qfOQg9XOmKorA7AHcuOn3P_L0fIJ6o4fa9BSQZzzKzumYFX5o96CrdVPytyiZlFGQ7TQu4v-xg4dqfYafN3KfSVry2mBqG40TiX5IOwIEv9R2TiMml_w_hliWUuJhioxrxpKFbPH6crcFa6LvxZZXeR9yuTRljje4qkS-3TB3TFelsv_RlaqtZSALyTdYyIKHz-Zflza2_1Fo4oUddXl0ro6ez88lPh92azqOK_ISW4OAho_9U9Nfo9atWWi-IC-vSb7JxIocyWnkrazxiEgVZSVUBFaaSHo2vAxHDcJCMU2LnczPd7Gq6vpCs96lwdw5LijKaqFCgSpUFmSGsLN2jaLJ8rGj9jtkaFaKyrO2hiHtuCECN0h_925mWuT5K7l4QhEJmxH0evmOU6tYsI68bPAivSNy8XdeGlA34rcqKm89zHggwpDyNKNTc7WJM27lBSE-B_BFFxEc8OyMrS6-sz8AZUExctVo5M9btbluIWUBsJECYnJgsu4KVflWGWDGDh_d2fQ2ugu-EoUqJOeKEaqwmtIlQ3Qwr6Rh8tj7PTrOtve_OYTOI1sbeDb3HvghS5mjiaUGwG4uvFmE2QrZvFG9dpr907Sy8BlLGhNOY0Pge3S8ZG1Mb1eEc2CZR-LUhsrJcX2wOPWeYhv1uCEipKVscA9ayRrHgp55QSzJhEoMycpxWWdIyDk2qj1iE7O6GG_yi6yR3b9cMIbzFKiwzmCZl3AmUsuASz8Fds-xR_5K5vBTusH4VAwkBzYjN3wXFAoSZTSS1lmzB3mGDEtnrxWHI9n1kTX7o1h4CcSpPq6pb5DfphkHk8JJkW71WuizN6nI_ugYo_w3Yc4aAK6Jnwui3Ndxi6J2LTagrsHtTy5Y6uNdC1qGbVNsBQI1dP4qduCoetK6yVoqwEaTsQvPZwwgDc9cBT-M&cid=CAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=7094442829068886000&adk=2228999115&idt=182&cac=0&dtd=20 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a31bd16c23258e5377955ffa298851f1fff9a08c5ec7b64e903562945550cea4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11852 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E1E1 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfonr-Y8jDlxxosUc3JxiU&google_cver=1	43 B 632 B	35ms 34ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfonr-Y8jDlxxosUc3JxiU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARifqN3gATAB&v=APEucNXx4g4A9iL6GFfe-kif9MR5cOJfeSuOeZRvNUWafuM-2WGM3rWI_G6Q5LAB-_euTTj3M5BJ8gtb02LiJATveAkLz-9JOUo4iIqoIOW5J78bRYBBRKok7JWwAWTrLljzkGRRCWHm_L9GbJaNUBKF-LdRA8uu9J44Pu1etUpRNZAcDwj-jwU Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Pragma no-cache Date Wed, 26 Jul 2023 15:53:02 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfonr-Y8jDlxxosUc3JxiU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E1E1 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMFBXYqDtey2Exmrt34lDQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENKtG2hABMCfUZbl5BqaDw&google_cver=1	43 B 632 B	46ms 39ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENKtG2hABMCfUZbl5BqaDw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARifqN3gATAB&v=APEucNXx4g4A9iL6GFfe-kif9MR5cOJfeSuOeZRvNUWafuM-2WGM3rWI_G6Q5LAB-_euTTj3M5BJ8gtb02LiJATveAkLz-9JOUo4iIqoIOW5J78bRYBBRKok7JWwAWTrLljzkGRRCWHm_L9GbJaNUBKF-LdRA8uu9J44Pu1etUpRNZAcDwj-jwU Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Pragma no-cache Date Wed, 26 Jul 2023 15:53:02 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENKtG2hABMCfUZbl5BqaDw&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame E1E1 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEP6JcsstFi06wa68Hl6oZ_o&google_cver=1	43 B 838 B	28ms 28ms	Image image/gif	37.252.171.53 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEP6JcsstFi06wa68Hl6oZ_o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARifqN3gATAB&v=APEucNXx4g4A9iL6GFfe-kif9MR5cOJfeSuOeZRvNUWafuM-2WGM3rWI_G6Q5LAB-_euTTj3M5BJ8gtb02LiJATveAkLz-9JOUo4iIqoIOW5J78bRYBBRKok7JWwAWTrLljzkGRRCWHm_L9GbJaNUBKF-LdRA8uu9J44Pu1etUpRNZAcDwj-jwU Protocol H2 Server 37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT an-x-request-uuid 2954f882-da17-4900-adcb-3ccb0ee0a71d server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 193.32.248.249; 193.32.248.249; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEP6JcsstFi06wa68Hl6oZ_o&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame E1E1 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYyMzYxNDA0NDc2NTI4MjMxOA%3D%3D	170 B 232 B	71ms 70ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYyMzYxNDA0NDc2NTI4MjMxOA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARifqN3gATAB&v=APEucNXx4g4A9iL6GFfe-kif9MR5cOJfeSuOeZRvNUWafuM-2WGM3rWI_G6Q5LAB-_euTTj3M5BJ8gtb02LiJATveAkLz-9JOUo4iIqoIOW5J78bRYBBRKok7JWwAWTrLljzkGRRCWHm_L9GbJaNUBKF-LdRA8uu9J44Pu1etUpRNZAcDwj-jwU Protocol H2 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT an-x-request-uuid c63398c5-05c4-477f-a624-e6b00d3f61f6 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYyMzYxNDA0NDc2NTI4MjMxOA%3D%3D x-proxy-origin 193.32.248.249; 193.32.248.249; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 0762 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfonr-Y8jDlxxosUc3JxiU&google_cver=1	43 B 766 B	36ms 36ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfonr-Y8jDlxxosUc3JxiU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARizuN3gATAB&v=APEucNXcp_mf5Z7jn5F2Ot3jmA7HFyUKuZCMCCfXel4k94AYVBM-ciGCwxUofa3seWiFoMLSuwwjbsh-GSPdAsprH8g1s-m-jSO6y4uNgjgTsuKP3naLHCBlgmD5vlkiAPct8zDVP6iuvlXUYmp9Aj9zEws9oZHd25JFFWLSPPOFORAcaXe2fH0 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Pragma no-cache Date Wed, 26 Jul 2023 15:53:02 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfonr-Y8jDlxxosUc3JxiU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 0762 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMFBXYqDtey2Exmrt34lDQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENKtG2hABMCfUZbl5BqaDw&google_cver=1	43 B 766 B	46ms 38ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENKtG2hABMCfUZbl5BqaDw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARizuN3gATAB&v=APEucNXcp_mf5Z7jn5F2Ot3jmA7HFyUKuZCMCCfXel4k94AYVBM-ciGCwxUofa3seWiFoMLSuwwjbsh-GSPdAsprH8g1s-m-jSO6y4uNgjgTsuKP3naLHCBlgmD5vlkiAPct8zDVP6iuvlXUYmp9Aj9zEws9oZHd25JFFWLSPPOFORAcaXe2fH0 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Pragma no-cache Date Wed, 26 Jul 2023 15:53:02 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENKtG2hABMCfUZbl5BqaDw&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 0762 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEP6JcsstFi06wa68Hl6oZ_o&google_cver=1	43 B 840 B	28ms 28ms	Image image/gif	37.252.171.53 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEP6JcsstFi06wa68Hl6oZ_o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARizuN3gATAB&v=APEucNXcp_mf5Z7jn5F2Ot3jmA7HFyUKuZCMCCfXel4k94AYVBM-ciGCwxUofa3seWiFoMLSuwwjbsh-GSPdAsprH8g1s-m-jSO6y4uNgjgTsuKP3naLHCBlgmD5vlkiAPct8zDVP6iuvlXUYmp9Aj9zEws9oZHd25JFFWLSPPOFORAcaXe2fH0 Protocol H2 Server 37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT an-x-request-uuid 73b6ca3e-83f3-4b5b-8d4c-b642bb18c3b3 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 193.32.248.249; 193.32.248.249; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEP6JcsstFi06wa68Hl6oZ_o&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 0762 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYyMzYxNDA0NDc2NTI4MjMxOA%3D%3D	170 B 243 B	70ms 69ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYyMzYxNDA0NDc2NTI4MjMxOA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARizuN3gATAB&v=APEucNXcp_mf5Z7jn5F2Ot3jmA7HFyUKuZCMCCfXel4k94AYVBM-ciGCwxUofa3seWiFoMLSuwwjbsh-GSPdAsprH8g1s-m-jSO6y4uNgjgTsuKP3naLHCBlgmD5vlkiAPct8zDVP6iuvlXUYmp9Aj9zEws9oZHd25JFFWLSPPOFORAcaXe2fH0 Protocol H2 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT an-x-request-uuid e9b68514-af8d-4db3-b289-8d1a74b1336a server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYyMzYxNDA0NDc2NTI4MjMxOA%3D%3D x-proxy-origin 193.32.248.249; 193.32.248.249; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0A6E	0 20 B	89ms 81ms	Ping image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6255354152437&version=m202306200101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0A6E	0 20 B	93ms 90ms	Ping image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6255354152437&version=m202306200101&ct=76&x=1&cor=15359261502279098000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 0A6E	15 KB 12 KB	96ms 90ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ca5ec-8EfgJD0B5YDTseRIf0J13fANUn_aoQE9_cnf4gvgeV-T-x5LGbgbLK26-sa0ywhU7rK03moIBKLCXLEtI0z2UpGcN7MJX1PqjE5mDjPTzfDAm3b1RPsi-FRtFQX2EoPYaDh0EsYTHjnnLT7Cds_W4XvxoTy76mLK8xvYLSMNYcI&cry=1&dbm_d=AKAmf-A2xbUkWFv5kOLjDgtkWMw5i_sN8RBn6QS_-OHNXrIj9WYeLIOYF5QeKjCMqK7TkFcOOilnA5xPStBWRJOBbsjwEAnzrfddXQUPaN1Dm46MzBIrf-lM8v0vf4NbhTEk7hTQ4GUtNJ0OVeaTKqPQ7IQisjPy8ALWVAnOefE1GEh5JTuQiaYNCtdsO4tNp7orV53j9uigco5HbQ_TsIHdU3jbySTJ35mVP0scGMa1gprquYFfvAndp5DigCahHvYFekiBIZlRFfyItqFeKCS2N2EUygwV_m-Ga6N09Dr_dWEOjjQZPwMjBdhEl9J8H70yU2Hrjwx7exWudVtytVI5eDBlZZyne2W0rNrN1zWiOM4NrzVyLzr0mOZktVVwK0qpDgmR2zZ6whAdr_N2mEZ4y52Tw6Pufm-N2eg5QQQwHvp4pPaBgdURJKjwN2AUs9aW7RyqbjnRicIoRvxH5gAlYG4_pB6gxMbZULXUG6mKYZe3joX6jlurMax8f1eYELhZ0HI1giKqDmCuY9SNNkDOome37TpSm2WcfkkML9d9nYkBCpthBBhntfhvDrCoAFQRvCTErSMtZiDx6at06qofgnwpj3bA8Eso0f_X_Ms6I0nQ3JdPz8-Lcpq0zRyH3BxAqh4fVrYdJAzfhek53J0k1CoWBi0BQn3vvI67nUZXMXYgTKbtxVir42X5figZymmR6jaLkl-Fbl6BLQdOApxXuL-1TcN6BCP0h12v-cc7wf1tPy2-tw00fBQr3MHHxpgDy7UT1ena3_R1vr43JfVYpV1WmCtCdYA1pg29BWAKcHiCSPzl_813MkoWYCPBU58Mhlitp0aUq_MF-P667b_qaolgLK5VudceChjJ4poy4c0JaY7Lk-G4Xxu8ZqzT-H1hlXsdSPKds6xeFTc0h_KI_cSoAPkYYkBdmI2McKKeFrwUKT4xGL288mXhSizGWyGwWKQNkZA2FfZiNF1e4INm_9cBBhOC54uyk9f53MtGUe_wv1iwn25zK-mPok6oPwi1id53NqsEGKdFFiF8EloMqse_5qV4d69bsFqyY2mCxGfTrXDcdHoj2_xxCfq4L4AAru735PvlcrJCeYSkGPC9ldPELHbW9kM79tkJpsQ5URtoRkxwxuw8BlsFWkVNpukSTl76t7q2sW8Slv1GRg_MZRGn1L9cZirr77Sfur14Nv6fdWnl04HDNqSzSy_IkY0QT_QyyjplkYNE-Gjot_J_nrIZlGfrqNR39TmsTxAsW5PTgBG0fBXLSC7dSZvOn9iNeHuYxUtUL1si1YuzJWmngxyyHnmuhy7tBEXkbrWa1PJRSv2TDS3ZTPBwSR3uEVJMo7I24BzRcLag7nVjMsG1raOWdeteX9XDH-O5k1eH2-EQj20UIMMYDlFl5o8_k3cN4J2Uw2WRh3GWGxSxrFtAMfwgQpdETQyQog_uBlbUEPlSxltHjvXA_f88JF-whOe2Cyi34qh3d2o1hvh2GAII0NbtRDGU29DnVb-rlyZ0YkDpnyGb_2gHry_0gJpdaHwREfYx6_vFpbUm_5bGTkbuz956oNmefgaNLrhOT__j9PBsS7y2fLUy7BrY0dIec46xR9AqPlxVCKY9_Q-K2vM5z9PgxD8KBin9_WwVQqmkSetMBTPUa4TvqYUaPmqLpyXrP02m1RmQO3dDw3WJuqMYX7-FQrqjQV1utFL5N7iVXCGvXXPuDM7Jug6pIdY7Eit7QJCq0F0bkB0rKH4xKLWbDVbKuljD_ytawyHGMe-FdyCVEGHlzhLnY4x62AnFZ2QDFleF0ULB_u3P-fouoMsYppJgqFAkosHli5dkFYgbzib0Y3enFbf0iYJ0nkfq9xzC-Q2MSvTI-CPQOmAXTo4FW2WEIVLxM7lc9nBA5MHQITzD1zCIhjEJxXdiOIajaIVxGuCSjYNLEQx7Pb0VMlxyF3fdocvNu4CdXLrQz6O65uu_9SFHMElVgHiodgar4DHF2P3V1Y_6oDN0dOi3M3FUrVPlNRGXx9LvzmmUtsVPwkZNgQVaJGVtO3KkNcsufq_K_-vaMUYNaqu8cVDO-N_AIAKZOpcgsO2VvmOULQ7QUs_ObOq6MU_-48pHZOToUZfHuUXkpLN6oR8JeJ12ueuhuYOfEikQy8LOQKkesb7ANbaOkn-1KALf7YwLwi2UX22vNb-Wrcy7ffN96SWD-f-RkRYTWvRrjOKuXg9LM7wmJDSy5QWbKjGM1LSE-mXIwbsx2f8LAXeBddrvUu9Y5xvEWiNiExbEwPkmnz79b1EXpEAd2ajjcW9Hdq9grKsm5I8n-6HEaN4LXJSTUu9uedNHHdmfZx7e7Fir-Y8Cr7roeT2d30JFVttJzVpwtUijHqLbioybVRoKhN-QmlavrrhG5b6_xTdBuNCYCH-CbB1ZbZu-N7p44zJhe60Sf2lWloDE_yg0l97l07XCYO2FzG0fT9EkidVzqUC4hOjte2FW_bosdT9Ube0JDWtWsi3nGbeqREsd9hUkhykFzTwD5htA0UpDFnqm5ZG-TuDJD3yr_M-97bK1i6hTNWy9uYRRfmyHOjIBG0tqhRSTMEL9RyW1NCiv952AwLr2zvhkiuzaImtShlqse9eK-8_11kVweivL0sHlucpKiuWWFIsJWAaJsAuUSAVEgFw7LtwsotTWCxrwBu07-BlNy10alZ_kluMwoWuSikenToEcC8TNq1dy3FB1JSXxfACpNCrIHY5bb2uwJCAhNXE6vIKhngo07eIiz0BmIPGWypyqTjMkGD-MbNv6PCSPQ6VnVGWOdqZv3Lr6YxAGsXSwO6aYwUC5RyEnQSbPNZeFvY5JqVLZfV2JvOQ_QwJ8izow33ZJDWxUvEzTZMIu_gQoNUAZ--tqoFgZEO63PMt3ss2xKDyjGtehkqlCOgbo0YZXpzxpViAIueA66ORzJIEnM3Isol6nbrbHW4tAaDzMw49zZX7-FzEtIjMw62EKNV30rJtu24ldlW-rPb6T67WjedTan4aK3vwjE7K_9DN9LEhKTfTauuf9bQaaVTVBHWKxdSJY4xI6yp5jDnHjRSR-nrFTzxegFsaEl8vyBfXKrTMBsflncf9Fhe5sB80RuPLg3kdyBREWV9ea5dPfkwNofWIIDXC332TJwi7bUE5B&cid=CAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=15359261502279098000&adk=2857193498&idt=222&cac=0&dtd=3 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d7bde87bdf08587c018a2929211f5e68e7530fdcacb5abd0a1244523dbcb3db1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11673 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame ACEB	41 KB 13 KB	58ms 57ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwpBFzCCdD503wLckoQl3tww2ea7dy0HBSAfQfbasoVjWPw7QMVgLeIAKWx7hpgLu85ue8xZt1CSePpVcugXRHfPJJ7sVvRSJE-6xAkHYmm88BsMEkXvVlNKVTDKc3LB17mT921JH7U4j6NJOxjDVWvxREnnHy1Zk4MKU6LjdaaqJL-FE&cry=1&dbm_d=AKAmf-A8PKwUzM0kDsLhg3DD9nz0P7cwYiIxVAAU9Bawo5F2LzKqA9IiMrgqESRydHe_vrCbqWINh0INTRavMGebc5H6R31vBm40EPgdnRkBQMHLVxN7HspbAJWMxthDMsc7AOx5v4wPXGRcBiFw7RlHzpfVs8yz0GDVVVRwSUhA5kalyCtQUdveuORUDq47ED7wkY-bYc6sshlxVs_hdu34OckwD63KGiWxzb3Hp9AS2cK-3bBHSJoliruTxV_loO8wAiS_L7Q18gpZVCjrA_5SMVrM1Rgo-VTV49GtHH5cjlI73qXzSenukWf9S8Jcn93ZTlIVd8oCEUEZQ5JwsMPxZmZFWrybJYaOcM6dbO38CAsAMa_k3HKajxOr0BJ_PZ-hHoAvoZvZi7XKl1czJlHRxw4f4hwF1uiNfXVmkn6Ou593hdENff5MBfGr5LNcr6EiFbIwb1QEbhpe9Aa9uvUA0tNae7h3F7eCiB-tGkqBS8-ZPkXVa1AtD7mnm0jCsaRJGh8DiszX6b6ms6BrfX-18x0ad3v9EH2yGuQocy9xiqD92pDjgUI5ercj8qIvMR1KMRhL76UnTk1lf4TWDBaw6t1bPe1p7Mvun4kv_zmapArF18hZDi2g3uDGOMl1VMBwEsoqXLeFO7eMTO5j5dgozL3MjRO-ZFeJT8tBMP5yT5aYhevDqijTxIe-De-QtgJ2i39CzSkAqt2kNiMCXRFex7AqF-xHGNe-0WypaEnAkFRsRMykke0ej0xap7BiybXtx8T-vcrH2ejCW8htrxdHia8I_ccXw-cT_z5mvP1XIVmDHtSutkAUKqjoQFZjsSm0J4zSJ6zbzaAhIJqYGKmxsT6BMCmmK9pV7SQbRzSx54liJjt4mk7yKPM1zzjVLyfa_ED0hom8a0MneDBjCg3RAasyVi6e8OCIkef_iWAzvEhkUhn7QeWY7i2f4xf41unkg7KaoL7mhK1Z82fKyONe-hhMH5quV82ZUvIKRY_r5OuSfw56ZdpbpsAp_fmH5N-1wPA1NZYKhDyNEYA2ZvgzLxH9abrloVGLkVBSdw4ub9teFAz6kyhjw2bo6cTdcozzSHMMLgQECTeOpdR5Xb4l8BebdhMryKbc_vJCCb9yRyIKHcfsVMNuh0JAp1zWgjhVFuCnxXg3v45wBnvLn9AUWmd0ZpYA02B2787Kzrv9Q2wHdLqkQK8h0mIaowluSk_FtLfhcpA6VpI-ror29Et6eUhQ7egx4d8ex00hifLKTZSibFfov_dZWrlS7E1dIg8ex9b6hPK4KU5MnTrgm4WavPS2uPuv0u0Z4euzJp-q4Cioe2jqmBnBSoISWA19spW-MMfQ0aZrN5kfoow2mIadLGxldnYV8eYcPeXKc5b5Z9aj8ji3UOeY3bbPwiRYtKysRBpk8auokIzya6WRY-CByjescA1GG8SYIQTB7qZDTuKznH-Mh8PqSdtRQTyMjwIMu7zsi_RYx08Q3RQ-8j5yT50___O1ELG-SO4_4YwZYnfr4kKWWiNsMxbXzaRK0s3M16PQ0NozqGhfov9nDkresXyOt_sTgC34i8IDQaDc5sd8Q4b9YNi5bti5p-RboPa4PpKoIlpjeOo31MSq31ljvgYE6yinvUD4CUjFHxoEpnFJ-bMbEAGNvrTn95riTgYG7Gdpl3RTAVU1-njzXrjByZ-URl00Q-hYulfZYXdRB1RfxtASksxUepQn1XA_EUV0p5Y_KCEtvNYXKckf5h23Dd84p64kUhICPJ_gONTLcJ8YHnabUSJAHxlRb7EtfTOT2CUgfUNhWzpMZdHhkrGBZp7fI9xfrfOOMhTnOmMznlv9C2ycZdp8CTewsa78wrU6NAYupB9BqQrorN0hE7ukRj-n_1WslVYEDK4XTotlGfSpZVWu4kM-lDuFDcYphsgJ8Xr9VscPqnUAasiXcL5j4NQERLRjYHoQDsM9EZ4_P4wJlpFt_m_Y6wXxp4slfaIuZ9hzO4uHpc28on9T7_Xd-7U4HhjMogYlHkxZlYKLgnOclDtvq9ONORuy6VZ9Egko5X6OsLsBsFmUb4T2_CHfnyb85zYLDmblv7PF3iVnTGVteaWBAvcJXvw_f6wqX6yTKVbDa_MNCN_uNilA5K7WoGCku4zSl2NnKQD80H3hSXvqVpTWDVePubKaFgzLsG3mjBaduDyT_mMlFpXuO4qfOQg9XOmKorA7AHcuOn3P_L0fIJ6o4fa9BSQZzzKzumYFX5o96CrdVPytyiZlFGQ7TQu4v-xg4dqfYafN3KfSVry2mBqG40TiX5IOwIEv9R2TiMml_w_hliWUuJhioxrxpKFbPH6crcFa6LvxZZXeR9yuTRljje4qkS-3TB3TFelsv_RlaqtZSALyTdYyIKHz-Zflza2_1Fo4oUddXl0ro6ez88lPh92azqOK_ISW4OAho_9U9Nfo9atWWi-IC-vSb7JxIocyWnkrazxiEgVZSVUBFaaSHo2vAxHDcJCMU2LnczPd7Gq6vpCs96lwdw5LijKaqFCgSpUFmSGsLN2jaLJ8rGj9jtkaFaKyrO2hiHtuCECN0h_925mWuT5K7l4QhEJmxH0evmOU6tYsI68bPAivSNy8XdeGlA34rcqKm89zHggwpDyNKNTc7WJM27lBSE-B_BFFxEc8OyMrS6-sz8AZUExctVo5M9btbluIWUBsJECYnJgsu4KVflWGWDGDh_d2fQ2ugu-EoUqJOeKEaqwmtIlQ3Qwr6Rh8tj7PTrOtve_OYTOI1sbeDb3HvghS5mjiaUGwG4uvFmE2QrZvFG9dpr907Sy8BlLGhNOY0Pge3S8ZG1Mb1eEc2CZR-LUhsrJcX2wOPWeYhv1uCEipKVscA9ayRrHgp55QSzJhEoMycpxWWdIyDk2qj1iE7O6GG_yi6yR3b9cMIbzFKiwzmCZl3AmUsuASz8Fds-xR_5K5vBTusH4VAwkBzYjN3wXFAoSZTSS1lmzB3mGDEtnrxWHI9n1kTX7o1h4CcSpPq6pb5DfphkHk8JJkW71WuizN6nI_ugYo_w3Yc4aAK6Jnwui3Ndxi6J2LTagrsHtTy5Y6uNdC1qGbVNsBQI1dP4qduCoetK6yVoqwEaTsQvPZwwgDc9cBT-M&cid=CAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=7094442829068886000&adk=2228999115&idt=182&cac=0&dtd=20 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 19 Jul 2023 21:41:24 GMT content-encoding br x-content-type-options nosniff age 583897 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 Jul 2024 21:41:24 GMT
GET H2	200	adj Show response bid.g.doubleclick.net/xbbe/creative/ Frame ACEB Redirect Chain https://fw.adsafeprotected.com/rfw/bgd/1135760/69474528/xbbe/creative/adj?p=APEucNVDSZixqGDMUyUcMEAAlNHJJ1aVtmGLs1CdgRroti1tOWRurrM&d=CokBAKAmf-CqdoAmWTjN69c8hHEjo--ZXxGcxJBmeZ_jfjeRmuxoebJ_S18tUyu... https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVDSZixqGDMUyUcMEAAlNHJJ1aVtmGLs1CdgRroti1tOWRurrM&d=CokBAKAmf-CqdoAmWTjN69c8hHEjo--ZXxGcxJBmeZ_jfjeRmuxoebJ_S18tUyumIOw93RDJZNEYPjZkaUlhl9JuT...	70 KB 24 KB	125ms 78ms	Script text/javascript	74.125.206.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVDSZixqGDMUyUcMEAAlNHJJ1aVtmGLs1CdgRroti1tOWRurrM&d=CokBAKAmf-CqdoAmWTjN69c8hHEjo--ZXxGcxJBmeZ_jfjeRmuxoebJ_S18tUyumIOw93RDJZNEYPjZkaUlhl9JuTCsTrwziJA4bHz0jYnfnXQGhPYHNLO9Q7ZF5KBoChRY8kh6TSuiWifZKt8SEF-tUUdn6_YW8cETKlQT2-MpF9HKe9UlRdriiAkcS2RUAoCZ_4LDKRU1z1Z85ETReyTmlCYjw9tB5dsfFj3GWx25sBq0Ha3mpP7elbNDq5UP4HIzsAxd3OZt31-n5gjWINhMAgayQxZ9DB24TJuwvp7L1Ytm5AiBNbcOrtKyhMviHFLEpWeCRn-lhJ7H68vWkbRVMsPR9slDz7vbBvmwuj5fM8FK31rQugkPQOfB7CiO_0zQnbpZvp5o1yb4VUCl14jVwQ3JBCXTnXvvcrPKNGGSOx6rvcaFKfzhjjJDCpubN5ozyTfSHucVZ7pBGiGfS8m6x8t5UG36zUkNOSj2csQU6PjBDNjnsisexuP7NlFmHCANrtRwWvAhvxuHtoV-C8_3nzPCfi4yJT5CMasWcnXRVfeKE7-LW-OTN8ZSBCd2e-SJm1BoYZ7XPaaNr2lr5rX8_8vUKcczsW01rXUE4MszECfUZ9-gF3LLtJ120WPD-2fYMcqC4MERF-BTYz63JOWqSFuNE2k7q3mpTmvG_rxqzU6VPPKIyxH2zkTuygQVFSGi_NRrj0Iox__mN4RWtd1bHlY7M7RksDktFcHajXy0po-JqjLeE9jmGPG7zd5Fyl_vMEwY-WXnlTY5PaYdZmYo_opzpKpRsNxcx414CwAgqskREaUfdK0oa04Mqsl3wOSGcK5BmKxMXc2oUgZkRp18Gqq2U566NkPrpmtGe2ZshaXdA7UiMtTDM4q3ZmOe0OK_4wyHtR_NIOqP1RC7haSSxyCj23bOTq1VH0cMcZ67r4WxArV6Bi_d2U87BPqPhq2jdHvGSx9pYI0OnNmrtXyxVFkA0zc-4hodqpIdPs8q26yDAa0Dci3mOF31Xx5nGMdkmJDNXjpl6y8kdgH4O0_IX4DviWvwA1fPPXNMxzU7FBRznFTAnqsiuRz4GHpLneHCuIxvllWr0IJRqCgYYSqUOim43Z1RLabid1w3eP-ZxprADoNGxEnhVKhDXkOYzrhUaXHCRKQykLf-RYxWk-jIdc57mEU5ZqpeRf669PZ_xENM_fgG_dr_9QsNDqtr86fJj__mrdEudU74iiAnDDqJkBoML6L8OLrO_xN8TgEyeu5Hm2y9jdKmo96zEk9XrjQz2T9RwwEi8ZPThTnXzMLfHIptoXjz8jamn-0yOriqaRiks8CpJ_ZqnNDpZYRrhnMJ0kRideSYSzc75wliJeepZkuPOJ9oxAdQcmeXZnFUDmjMPX1dndeHQpqo8Qxdb8iI19TbopmVjKw8dp9EU0RGGbTsIFFuKDUJAatZWvJxkpIGoC3kiwzpOKuYbDIOHBWvExJAW-yhVAnHVjtCM_rNBM8Pr_xxTSbC37rqBOOl8DRG17_msO9TYOdQdQGh0nrsIEVDaNxU4kc76VkowsSTEC5pJ7kb1_RY7dD-kusAOjACr9WYhNcJdbGWt4qqmrONwtx-bwJoPHC10D-rPDRmQ-efJA2OXMRwYz5fiIJaxtA786jGEfG4B7mbukUHD8R-udF1mZSAb-zFNbKO0sjCTJjEiaDi15UlCRPEiDdBTGGEuyd3r-tZH8qsJsQM8bUSireYR2BmtV8fpm1MnPRaRfsX8b1zjWQp_S6gC5Q_Ns4W79mSWnjK2g4TUCqw7mJJh2iBcFYIZO4fyJjEY4vDoXh8gI5R4aGKDUeao2SlK_UBZLbkiglQycgJPH7pVOnrgdNmnWKi9creyMzCqJycbEngVE9ekPAG1nrVwxBViTnMpW9q_bHAc9upqiJLma9QRV_PH09VCUwNRf6HeWYGRL5REAZxrHEn4-4YsUY4NcNjbjC-zUGSQ4G3Rc-eCFW-7FrM13P35USa4SoFK5L1qA0d2lik_wl5yELZrQ9LN1KweuDd2oSgXymHYUAQW3mzZBGQh5RgMxtQRZkxwFOvoqy98RoyZK8Y-bBpx58wgaGAj1-4RPMTqPYOyiRR3Vf5VJ55gEfEI6M9PV1PpX1zxhb-7JSCeOwFUAZj8bC5NjldSS_leRE6m5nH9gFpADWN95BNkmoZvlBQrNMgffBTZDKQdZux9uwKkfenf6ED3eQPYG76ZQDNZWDfV1d5x13UM5zIvaTIyr_vBSnfgRzddsOEbJeNpDMVdtJXfowh5hUrOa9fhuAWzv_MkTafjX1cZh1I6R2F1fQVtkebmhSyHsLdCZQPYl1aADgzTfROwS-p1fycCuo-norvLebMaAiYIoy2GjsJVjr_9WUA6TBY_pX1aFKZoc9ggf5T2vmbk__LVzabT452eGoGWx5KvkxTbNui8-7uzHGWi-SRhA6xhZSysZCDoXMq_LV6-y0I6Qq6bFy29pw8qhYWdHIZaBzFFbV8FAdS6dWOPi7IEL7_HHGjE0sl-6MlBF6bYPG18tQHmnyC5OoH-2Bp0-f6Xs51pK7hB-rnYfbms5se2bHgmMjXrnOQo2-F-uJV-eJ5N8_wU0G2Gx4-UDYSUqlbVkJF7V46gi-HBTT1Dbkn5HPf8tPoXpVNaa4OZBOLEjoWDBZvhzPs1Fo4x7v5Pe-hXnbdaVqyXSTgYgkmdOQznvH0M20uD-7nIHyMLEY6ialbAdjK3z4pSKHtAykJJbQTibGGpOh0MhapxJiVGO4Pn6cEKGER5FdGNEXiIOI_dqibAWTcVmcpl49MurwFSY_jg6vqovqyHJGXM3c98P_IDWs0m9xUUdW1TMPmpJSUkTlHF6LPewwVEc-mJXYTP0DrHcEQspzrhK7K8ndYZ0AxTcqZ-xvXmERBrEu8s3B1dmGGFu4tFBdR_n-QlZEMCiUxksXM625NtTMAgk1J-67dIoelkHxQ0Ar0mZxbiQVpykRLP4GATBF3ykVa-Fo2NQV5Kwr1xxW6f7qmXabYKKKrYChozUAm8dHcY54j2ilcGNvQ3usy2SEXP4Gk4EOvYERhXp_R-gHUF_yX2NRmQuRq9zNdwQQq35dnrhlfc0k7IhCPngktY3PSuLB2hjObOS__4hEfgfWdEKQJBL2gPA2Ws863okaIVmV4zp5Ez8Fhpa71-rp4KKqhO-rNhe2-Hrt9yKajPm8A_WGGZcsiZt65LPADJnX74eettcnaYIi4q9pXMqxgRh644DLDkavjp7HmTeNKec7zoBX2Zhu25CuSlxczXYYI-uK4G3ZWmAwI7Qi8-0oY6X35vISXcnIkWV9KrYBQnOuAi9kw1L3TqBRv3Jp81idb2rD_YX9v0tJGgWru_TwoAMAjMAZmEXOUeEZSO45qNO9Vq-PUWpdinLQDNim_c3Ip96zMNzXmE2aPQdP-aXWtjCiSywdyK2yZApCSWvVvf56DTTOPy8Tqa42M578qKp_zN1pPfd0qI3ZL8fe074efR0KZxpRS7PEp-Ae1xlpldLoMKe-ubaFXwYe3B0b0sLEXnzrFELCJtQNxBYaHh0tzUxz8soI1LhXexgjtuB7lxLiq1j5KFakc8DRufaAcujqohrwk18DIHl3ce6dgZJoVDW7EVnlB6ucFJdIiwz-R5owUFKf9nPV4l_H0ZwwAcqmLzaDo7gS5pIiDmB0oRyX-dXWFxqSv_oPE9n2lG7Dys6tQfZUn-TZukDROmLEZyG7ACYSatciVg4NrfVbZ8_3S4-poF3iJ5eE_iSwrWen9o__fDwOxACJ5kAVwrsgXV2THztlKFHnw1qtB0OPPSl9PaUxJzl6KgH9Cs9vUuLswNU273VY7A-xYkBdIFvTJ96LiIjq0COEE7xMMd-j3ITDEjgKEkHRpRCAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgBYAE&bundleId= Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 74.125.206.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS wk-in-f157.1e100.net Software cafe / Resource Hash ffb12fe94ade851aef5fabb72941121f673a1898247927c6835ef32b82360ccd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24511 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT server nginx x-server-name app09.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVDSZixqGDMUyUcMEAAlNHJJ1aVtmGLs1CdgRroti1tOWRurrM&d=CokBAKAmf-CqdoAmWTjN69c8hHEjo--ZXxGcxJBmeZ_jfjeRmuxoebJ_S18tUyumIOw93RDJZNEYPjZkaUlhl9JuTCsTrwziJA4bHz0jYnfnXQGhPYHNLO9Q7ZF5KBoChRY8kh6TSuiWifZKt8SEF-tUUdn6_YW8cETKlQT2-MpF9HKe9UlRdriiAkcS2RUAoCZ_4LDKRU1z1Z85ETReyTmlCYjw9tB5dsfFj3GWx25sBq0Ha3mpP7elbNDq5UP4HIzsAxd3OZt31-n5gjWINhMAgayQxZ9DB24TJuwvp7L1Ytm5AiBNbcOrtKyhMviHFLEpWeCRn-lhJ7H68vWkbRVMsPR9slDz7vbBvmwuj5fM8FK31rQugkPQOfB7CiO_0zQnbpZvp5o1yb4VUCl14jVwQ3JBCXTnXvvcrPKNGGSOx6rvcaFKfzhjjJDCpubN5ozyTfSHucVZ7pBGiGfS8m6x8t5UG36zUkNOSj2csQU6PjBDNjnsisexuP7NlFmHCANrtRwWvAhvxuHtoV-C8_3nzPCfi4yJT5CMasWcnXRVfeKE7-LW-OTN8ZSBCd2e-SJm1BoYZ7XPaaNr2lr5rX8_8vUKcczsW01rXUE4MszECfUZ9-gF3LLtJ120WPD-2fYMcqC4MERF-BTYz63JOWqSFuNE2k7q3mpTmvG_rxqzU6VPPKIyxH2zkTuygQVFSGi_NRrj0Iox__mN4RWtd1bHlY7M7RksDktFcHajXy0po-JqjLeE9jmGPG7zd5Fyl_vMEwY-WXnlTY5PaYdZmYo_opzpKpRsNxcx414CwAgqskREaUfdK0oa04Mqsl3wOSGcK5BmKxMXc2oUgZkRp18Gqq2U566NkPrpmtGe2ZshaXdA7UiMtTDM4q3ZmOe0OK_4wyHtR_NIOqP1RC7haSSxyCj23bOTq1VH0cMcZ67r4WxArV6Bi_d2U87BPqPhq2jdHvGSx9pYI0OnNmrtXyxVFkA0zc-4hodqpIdPs8q26yDAa0Dci3mOF31Xx5nGMdkmJDNXjpl6y8kdgH4O0_IX4DviWvwA1fPPXNMxzU7FBRznFTAnqsiuRz4GHpLneHCuIxvllWr0IJRqCgYYSqUOim43Z1RLabid1w3eP-ZxprADoNGxEnhVKhDXkOYzrhUaXHCRKQykLf-RYxWk-jIdc57mEU5ZqpeRf669PZ_xENM_fgG_dr_9QsNDqtr86fJj__mrdEudU74iiAnDDqJkBoML6L8OLrO_xN8TgEyeu5Hm2y9jdKmo96zEk9XrjQz2T9RwwEi8ZPThTnXzMLfHIptoXjz8jamn-0yOriqaRiks8CpJ_ZqnNDpZYRrhnMJ0kRideSYSzc75wliJeepZkuPOJ9oxAdQcmeXZnFUDmjMPX1dndeHQpqo8Qxdb8iI19TbopmVjKw8dp9EU0RGGbTsIFFuKDUJAatZWvJxkpIGoC3kiwzpOKuYbDIOHBWvExJAW-yhVAnHVjtCM_rNBM8Pr_xxTSbC37rqBOOl8DRG17_msO9TYOdQdQGh0nrsIEVDaNxU4kc76VkowsSTEC5pJ7kb1_RY7dD-kusAOjACr9WYhNcJdbGWt4qqmrONwtx-bwJoPHC10D-rPDRmQ-efJA2OXMRwYz5fiIJaxtA786jGEfG4B7mbukUHD8R-udF1mZSAb-zFNbKO0sjCTJjEiaDi15UlCRPEiDdBTGGEuyd3r-tZH8qsJsQM8bUSireYR2BmtV8fpm1MnPRaRfsX8b1zjWQp_S6gC5Q_Ns4W79mSWnjK2g4TUCqw7mJJh2iBcFYIZO4fyJjEY4vDoXh8gI5R4aGKDUeao2SlK_UBZLbkiglQycgJPH7pVOnrgdNmnWKi9creyMzCqJycbEngVE9ekPAG1nrVwxBViTnMpW9q_bHAc9upqiJLma9QRV_PH09VCUwNRf6HeWYGRL5REAZxrHEn4-4YsUY4NcNjbjC-zUGSQ4G3Rc-eCFW-7FrM13P35USa4SoFK5L1qA0d2lik_wl5yELZrQ9LN1KweuDd2oSgXymHYUAQW3mzZBGQh5RgMxtQRZkxwFOvoqy98RoyZK8Y-bBpx58wgaGAj1-4RPMTqPYOyiRR3Vf5VJ55gEfEI6M9PV1PpX1zxhb-7JSCeOwFUAZj8bC5NjldSS_leRE6m5nH9gFpADWN95BNkmoZvlBQrNMgffBTZDKQdZux9uwKkfenf6ED3eQPYG76ZQDNZWDfV1d5x13UM5zIvaTIyr_vBSnfgRzddsOEbJeNpDMVdtJXfowh5hUrOa9fhuAWzv_MkTafjX1cZh1I6R2F1fQVtkebmhSyHsLdCZQPYl1aADgzTfROwS-p1fycCuo-norvLebMaAiYIoy2GjsJVjr_9WUA6TBY_pX1aFKZoc9ggf5T2vmbk__LVzabT452eGoGWx5KvkxTbNui8-7uzHGWi-SRhA6xhZSysZCDoXMq_LV6-y0I6Qq6bFy29pw8qhYWdHIZaBzFFbV8FAdS6dWOPi7IEL7_HHGjE0sl-6MlBF6bYPG18tQHmnyC5OoH-2Bp0-f6Xs51pK7hB-rnYfbms5se2bHgmMjXrnOQo2-F-uJV-eJ5N8_wU0G2Gx4-UDYSUqlbVkJF7V46gi-HBTT1Dbkn5HPf8tPoXpVNaa4OZBOLEjoWDBZvhzPs1Fo4x7v5Pe-hXnbdaVqyXSTgYgkmdOQznvH0M20uD-7nIHyMLEY6ialbAdjK3z4pSKHtAykJJbQTibGGpOh0MhapxJiVGO4Pn6cEKGER5FdGNEXiIOI_dqibAWTcVmcpl49MurwFSY_jg6vqovqyHJGXM3c98P_IDWs0m9xUUdW1TMPmpJSUkTlHF6LPewwVEc-mJXYTP0DrHcEQspzrhK7K8ndYZ0AxTcqZ-xvXmERBrEu8s3B1dmGGFu4tFBdR_n-QlZEMCiUxksXM625NtTMAgk1J-67dIoelkHxQ0Ar0mZxbiQVpykRLP4GATBF3ykVa-Fo2NQV5Kwr1xxW6f7qmXabYKKKrYChozUAm8dHcY54j2ilcGNvQ3usy2SEXP4Gk4EOvYERhXp_R-gHUF_yX2NRmQuRq9zNdwQQq35dnrhlfc0k7IhCPngktY3PSuLB2hjObOS__4hEfgfWdEKQJBL2gPA2Ws863okaIVmV4zp5Ez8Fhpa71-rp4KKqhO-rNhe2-Hrt9yKajPm8A_WGGZcsiZt65LPADJnX74eettcnaYIi4q9pXMqxgRh644DLDkavjp7HmTeNKec7zoBX2Zhu25CuSlxczXYYI-uK4G3ZWmAwI7Qi8-0oY6X35vISXcnIkWV9KrYBQnOuAi9kw1L3TqBRv3Jp81idb2rD_YX9v0tJGgWru_TwoAMAjMAZmEXOUeEZSO45qNO9Vq-PUWpdinLQDNim_c3Ip96zMNzXmE2aPQdP-aXWtjCiSywdyK2yZApCSWvVvf56DTTOPy8Tqa42M578qKp_zN1pPfd0qI3ZL8fe074efR0KZxpRS7PEp-Ae1xlpldLoMKe-ubaFXwYe3B0b0sLEXnzrFELCJtQNxBYaHh0tzUxz8soI1LhXexgjtuB7lxLiq1j5KFakc8DRufaAcujqohrwk18DIHl3ce6dgZJoVDW7EVnlB6ucFJdIiwz-R5owUFKf9nPV4l_H0ZwwAcqmLzaDo7gS5pIiDmB0oRyX-dXWFxqSv_oPE9n2lG7Dys6tQfZUn-TZukDROmLEZyG7ACYSatciVg4NrfVbZ8_3S4-poF3iJ5eE_iSwrWen9o__fDwOxACJ5kAVwrsgXV2THztlKFHnw1qtB0OPPSl9PaUxJzl6KgH9Cs9vUuLswNU273VY7A-xYkBdIFvTJ96LiIjq0COEE7xMMd-j3ITDEjgKEkHRpRCAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgBYAE&bundleId= cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame 563B	91 KB 23 KB	138ms 42ms	Script application/javascript	2600:9000:2450:5c00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:5c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 21 Sep 2022 15:36:17 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 4bc6e08d9495b312ae3b91e801107f80.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P4 age 26612205 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id ojJyzJqr1Gu6vZro2xO7Fw9ju5Oh5l6r0cpToM2fR7Wcrn0fMO-w1Q==
GET H2	200	dt dt.adsafeprotected.com/ Frame ACEB	43 B 216 B	617ms 195ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=353e14a6-5db3-05e2-fad7-4f50fe2502f1&tv=%7Bc:juocwc,pingTime:-3,time:71,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:71,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16*.1135760-69474528%7C161%7C17%7C181%7C191,idMap:16*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&br=c Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server nginx x-server-name dt22.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame ACEB	43 B 215 B	617ms 196ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=353e14a6-5db3-05e2-fad7-4f50fe2502f1&tv=%7Bc:juocwd,pingTime:-6,time:72,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16*.1135760-69474528%7C161%7C17%7C181%7C191,idMap:16*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&tpiLookup=ao:utua.com.br*&br=c Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server nginx x-server-name dt20.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
POST H2	204	csi csi.gstatic.com/ Frame 4BD7	0 234 B	177ms 64ms	Ping image/gif	2a00:1450:400f:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lkjwn8hd&c=1703064373553&slotId=851532186776.5&qqid=CMKewrzdrIADFUmYhQodwwsN9w&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400f:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 4BD7	15 KB 16 KB	55ms 54ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 06:14:45 GMT x-content-type-options nosniff age 34696 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 25 Jul 2024 06:14:45 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 4BD7	15 KB 15 KB	70ms 69ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:32:27 GMT x-content-type-options nosniff age 4834 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 25 Jul 2024 14:32:27 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4BD7	0 20 B	91ms 91ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CarGkXEHBZMKACsmwlgTDl7S4D4Dph81wn4GZ4bMRpebAs4owEAEgn872fWCV-vCBjAegAd78oIMDyAEFqQKph_i025SyPqgDAcgDmwSqBOkBT9DAag8RUrOwA10qo3KRGo8VLJI-aE9xQJ6FUsDSRh9dfAv9NnDHCCj-s0Z8iHVLaWTQ1XGedauOL_fD6qQ2yreO4A-gQFKSc6xtJYxEUtPkZuoGfImrcuwsHp1_XvzobkoF7LhTM86bB9V-aL_H4HnWdvEKxnwhTAyugmd1rpyftdR1pBq-PjpIy9lY9QXWtDaA2OS-dosIyiqzzBbXm-HwXA2dwagO6n27demm3Qktw8ZcUQOE3hiE9Cg8fUhscQnZX3Gb4HBJ3EY-_drCwqlJ2J1o3DJ21Znuch4rwxHj33q5LezYnIfABLWasbf_A-AEA5AGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBP33ZoU0BMA2BMNiBQE2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1690386781910&ai=CarGkXEHBZMKACsmwlgTDl7S4D4Dph81wn4GZ4bMRpebAs4owEAEgn872fWCV-vCBjAegAd78oIMDyAEFqQKph_i025SyPqgDAcgDmwSqBOkBT9DAag8RUrOwA10qo3KRGo8VLJI-aE9xQJ6FUsDSRh9dfAv9NnDHCCj-s0Z8iHVLaWTQ1XGedauOL_fD6qQ2yreO4A-gQFKSc6xtJYxEUtPkZuoGfImrcuwsHp1_XvzobkoF7LhTM86bB9V-aL_H4HnWdvEKxnwhTAyugmd1rpyftdR1pBq-PjpIy9lY9QXWtDaA2OS-dosIyiqzzBbXm-HwXA2dwagO6n27demm3Qktw8ZcUQOE3hiE9Cg8fUhscQnZX3Gb4HBJ3EY-_drCwqlJ2J1o3DJ21Znuch4rwxHj33q5LezYnIfABLWasbf_A-AEA5AGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBP33ZoU0BMA2BMNiBQE2BQB0BUB-BYBgBcB Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 4BD7	0 54 B	171ms 75ms	Ping image/gif	2a00:1450:400f:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lkjwn8ig&c=1703064373553&slotId=851532186776.5&qqid=CMKewrzdrIADFUmYhQodwwsN9w&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1f2&vast_v=4.0&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400f:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	vast Show response bid.g.doubleclick.net/dbm/ Frame 4BD7	25 KB 17 KB	187ms 88ms	XHR text/xml	74.125.206.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Bksz7g426T3ElPAg7OoLjr3CQH_F51WT_y6Aj-xKN53b1e-XGhRwGJi2sjOpxhr5LyexTJ5i5ZO0u3s_IKASHEEkckvQ&dbm_d=AKAmf-CvK6PLmz__raIxxW3gdwOVj6eEmewzy_6AQZ_RVPJLF4qKmqcBie4DXUr7Gpy74U0VpQ_UeL1k3b7tTGFpcSl28S6Ba2iFjsIfLvNqsS8UxnY57gRQu7rczDbiEXRKIxXh03-YopnFSSnD-3cebL3ZyE0SMQev-IbbBXQXhgzXSiDI-ZupLWt98PrhDkREBb1C9up_ZHl0JdfJ_3hXBh3fcJwpnCRQDKkE9NVwGHh4GbF8UqIQPCFH2c78txE6K8CGPde5n1ZijFVZXfeQ_HsywuIyAZpPKaZC97eERyzieiiYGnknEBJBflkuLaHAjKCbbYq0tA4CWDRrlyhRVc5qgVZmdQxE2dpjYXTW5du4fttv7mPQIAvFAUTBnkGO22UrNg0PFGv2Z0FsMb4k9MFkEcAmJ2w5yAabYeU7XlHV6S0fltNH99eJkinmnnz7NRnlDjmk1lFxkTkgiKtEvnkrl7mHYxtpSWQfBqSJ2f5YnGwl9wsnW0YFXCnMpbuUfKEXe2xsYUh1wHh9XwqB5ujyTwgI61km6keScUZ0_CsCOp7SlvruBoZkKrqCjqHXnjobqKQaOt2Z1m08vhNckjxB122nCKGxMLggKSFYOf0hRaUuxUOoNWZ2IgcPWHps-l51eQXbH95Q3Y_QUlQbHdpGoY36Mjd1kL2C43ubhsVYLft4nbdmrsGF40sk-KSDuHTkam_H8Hamzi9IbvU8BvXQZXGuILiq_ZiiwwFHqbRgr1AOv5JdjvWf7HjGOx_TTiSt_UCCv1UL5nYqz7v6umChcq35SBdWdhyqAeIPuJbKaFgPZkrbgjEhNAjjXDG8kSht0_tLts-gaJxrVGJ8j5eFY28-AkTSMjv9lKqbnfruWWi-I8wWgtYl-tpIy_RWWLFqP1cgCQmrQCR5y1QQyHVIVHfl1E5zHO91Unqo1TaKFfc08HyzwL8Jf_Au3Ha6oSm8suzb0R6uG4gOjhKb6dpDESNBEiJFK9HIEMddlnq1MklNIXCdByz1HszqfwP1HYrQ2wi8XCIqgdrdHReTo7hbrd139DvN4gsY8FfPhkhR6HYi8Qw1Ov7XxcxZmCurxj4W9fvGvbMhcU7-lQs2j6PMyNTT6FSczPa6Cwr0d1uMvM7pVmkuguDNFs4o70VfdM1RRsxtd4gRIjQQYBm0c5oQWp9vQX4U6glkF5ZVjanPtrOwpZDaxyYTQuNlkKCW1OP6sfvHq_yGOP5ke6AqGLa5hc4J463X0vtLMIB7vTZAxNcxXWWceWR0H2O9IfWOR_f4IDoOiexa8Z1vcsm_BySiGBMrUxWX95pGhm9rhTCLaSvJjJkQEIfgiEEXwS6WnbGurPMwL6M-o1EdkbjpOfNEJc9n9TKsVTioOj99dnaxoFLtyTsxEf4CxRK_55KLdA7qgy76Cdg2RCipg2DEtkZpFc64dhxAx01GZopCvo2BkkZtiSVvOx0R03XdwTRqYe2xzesAgbdHoAaPI28m6iW9wTjJCHehOetG3IpKZMKE5M0ZFT5CDZR56F04GtLarfCe0U9FcLCBz6izUVrSZNP5e7LjBFRM22-PoARRhOOhMWrfaTggKTHLaYb1uUgU74eCijL3eFT6X39mV-o-8fRDbuFBaYYRyz34Q8RPgozX_Y7B4Xtmm4DX-xDmp7wBSU2vW9a4pr02UZ7jmXJC2l0j7nx0i9xYK3pnZstMeLpOm6yRdUJxukJ4m_PVNn32__XIJGqtRqMIH6qh-2frppbk8eVhCIgh6yE6wlNWKNmoRajZ5P72c0-Al53tLjPTALn6bKC1a_5FkFog7E35ucKzVbCv-MOT_GjyoIWcABCu3jqyC4wDJY0iUCDPCgkgTAW2pboeWOvy6oYLMzhW7joo8IwQoaMbPLQzdC-PdwpejKc2kQKv_ZTSE5AotQnfBl70_Fmx6TNex_ZnsTH4JPD9Hh36uwo7FvL6hj8LOCWkndg_GEUf3RJQqAzOSxhjvgEEz6uASFCFb29YDbEbT3p5Firemge6oSh02b2Wp0DZB1UvZi38aVVBkHebmA_NWS69Ea5KdepTd1GWL27hmqQ00Ke9Dhq0AzqAzq9lztVqaklkZ_y-6ooVKxO_w7uvBXAKL8sC9AGC0NgYC6IEeE_-SZNidbp3WXjswcvNAdJs8ZVrAK6_IAiWuM1FEb6Ee3IR4NG2_P1V8S2mInhjH4zyLD0FSsBpu9NyxntdB82rQog_hc4tGjxw2tG0Os20yZn2Y7OM1CK6ZvDjn3PRTy0l_owV5PsExsQ8OI6TGzDJVPFZvgnm9716Ph_zv36e2ExA41xX-H4sbswuDxzjM4pQ3d3xU2FuNt-dZVwqRjTz3s40ypqbwpZR3GUxLJmDhQBuYwo0BzGxrcF5SnZjqiwMio_PkTBpIgahRLeJewgEiZlo5VycCmLDKZUvSx4qiJikE4gauy0pA26ylKNV04m4cPft14FZzOxs5y9TbCfMab1eNBxYhPcneO7CwezBy1RjPyKrXa_SMsEsOB5xOkTjWDFeW6rta6ye5c58EuWsQWMk_s-GOPByXYOAQdBzJhKMxLo-MGGruDVNeCTT6x2wMReEbq7lkrXT35ggpX-Svg4NpJYw8_PdvJikTSKr5IDfiEERqPic7X4OEoZ7gAGlmQ5nx1BjDB6AZU9CDswSNSsIA_rFtgQAm4Qqv8YhHIaMz4odpsiwatnB_TsNI_8XGhGWOtsHISFJfiUR1XQV7NSxmjtXyG4gb8rBHcjzLZwoqbh6djU19clYzNjKgXkKH_5k-bv8tAfTB28BnjPDs0AvYCYzd-HSvJ_-7FZXHHuC9jt_cE3WVIoWYnHYF8rdy8XY8onO6EZ_Gw4ks3WFKUAfT_ctPBAuOlp__w7S3Cq7DF4vu44lDM20ZdtIrSieAS-wEWLPJiFcYRXdaz5vv97ihJ-TB45qovX3v3BlpqxlzIIFEImK0EjPJAV7j7BOYw0HJNyggE90VdxzuqYu02BWRvilFpVutKd5LhwC7TQlJvZ9y8zFGkW_mc7Bm7UuzBU15VPiKeFjBYmP3CbHgsTWU2VvBkAV6e_2nCFnReLxoNojnis6GjNw0BLKP32FUMjQyERdPLV7MQoCZsbpROW2wuPPQogAhs4S-_gjlCKTDk4oA_W-_bRY7gsvYLuslc0L_fB5GQXl-02lUHLTJHzlgy-adnLtPXpnx2DQIWoP9IsyVX3SmErQM-dxgIs8vyQGqB8HN0fKLblkG5bZ_YRVofJN0kA-hjr4wHzS87v2oZNRTzK4HwRQOipdV9yu3YJRMAsqAALg11ceWANdhLLWyxEEGYkvPgtWuy2Ntkb7pRJQQDsbYDOB6_Oc9HTM-Gkj4O-pHHMQApCoSBbWBk2mepy1zgBYs1iS3W74ngWLXO2wylFlnwPDpwrdMLOLGlBY0zxV3YeLku5tv5ABPET63txQZY9Q8-1GNPGA3mVZvIYefhcfhrESyI0cwNsc-zpdjcqIXccEGy-H_3ezJzdr7Jh_Ku6kqCaFJFUWl6f2UsewaZdDiJdZ_Pd8aqTFjFVhk8vHVLRQ0TfLKdpbZwRYE0Ehq6JdyWvNtNabLs1G8yLZyV2NEFNt5yE_d1qHLegVpTJDdSqOems7szrKqj_fs2MdxwNu8QRQCnnYBud5OZocmmagCMc-wAEy1rNDxA0LA7gQ-_Geuzbx0nUQVBPAeOg&cid=CAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.206.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS wk-in-f157.1e100.net Software cafe / Resource Hash 5e8ba98adcfee1674f7b07d5e6896389598d156402fc03e22c16866a81842a3e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:02 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16728 x-xss-protection 0 pragma no-cache server cafe content-type text/xml; charset=UTF-8 access-control-allow-origin https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame ACEB	43 B 215 B	565ms 197ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=353e14a6-5db3-05e2-fad7-4f50fe2502f1&tv=%7Bc:juocx2,pingTime:-2,time:123,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:491,beZ:493,mfA:495,cmA:496,inA:496,inZ:501,prA:501,prZ:507,si:515,poA:517,poZ:545,cmZ:545,mfZ:545,loA:563,loZ:567,ltA:614,ltZ:614%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:123,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B116~0%5D,as:%5B116~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16*.1135760-69474528%7C161%7C17%7C181%7C191,idMap:16*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:24,sinceFw:97,readyFired:false%7D&br=c Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server nginx x-server-name dt18.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 0A6E	41 KB 13 KB	59ms 55ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ca5ec-8EfgJD0B5YDTseRIf0J13fANUn_aoQE9_cnf4gvgeV-T-x5LGbgbLK26-sa0ywhU7rK03moIBKLCXLEtI0z2UpGcN7MJX1PqjE5mDjPTzfDAm3b1RPsi-FRtFQX2EoPYaDh0EsYTHjnnLT7Cds_W4XvxoTy76mLK8xvYLSMNYcI&cry=1&dbm_d=AKAmf-A2xbUkWFv5kOLjDgtkWMw5i_sN8RBn6QS_-OHNXrIj9WYeLIOYF5QeKjCMqK7TkFcOOilnA5xPStBWRJOBbsjwEAnzrfddXQUPaN1Dm46MzBIrf-lM8v0vf4NbhTEk7hTQ4GUtNJ0OVeaTKqPQ7IQisjPy8ALWVAnOefE1GEh5JTuQiaYNCtdsO4tNp7orV53j9uigco5HbQ_TsIHdU3jbySTJ35mVP0scGMa1gprquYFfvAndp5DigCahHvYFekiBIZlRFfyItqFeKCS2N2EUygwV_m-Ga6N09Dr_dWEOjjQZPwMjBdhEl9J8H70yU2Hrjwx7exWudVtytVI5eDBlZZyne2W0rNrN1zWiOM4NrzVyLzr0mOZktVVwK0qpDgmR2zZ6whAdr_N2mEZ4y52Tw6Pufm-N2eg5QQQwHvp4pPaBgdURJKjwN2AUs9aW7RyqbjnRicIoRvxH5gAlYG4_pB6gxMbZULXUG6mKYZe3joX6jlurMax8f1eYELhZ0HI1giKqDmCuY9SNNkDOome37TpSm2WcfkkML9d9nYkBCpthBBhntfhvDrCoAFQRvCTErSMtZiDx6at06qofgnwpj3bA8Eso0f_X_Ms6I0nQ3JdPz8-Lcpq0zRyH3BxAqh4fVrYdJAzfhek53J0k1CoWBi0BQn3vvI67nUZXMXYgTKbtxVir42X5figZymmR6jaLkl-Fbl6BLQdOApxXuL-1TcN6BCP0h12v-cc7wf1tPy2-tw00fBQr3MHHxpgDy7UT1ena3_R1vr43JfVYpV1WmCtCdYA1pg29BWAKcHiCSPzl_813MkoWYCPBU58Mhlitp0aUq_MF-P667b_qaolgLK5VudceChjJ4poy4c0JaY7Lk-G4Xxu8ZqzT-H1hlXsdSPKds6xeFTc0h_KI_cSoAPkYYkBdmI2McKKeFrwUKT4xGL288mXhSizGWyGwWKQNkZA2FfZiNF1e4INm_9cBBhOC54uyk9f53MtGUe_wv1iwn25zK-mPok6oPwi1id53NqsEGKdFFiF8EloMqse_5qV4d69bsFqyY2mCxGfTrXDcdHoj2_xxCfq4L4AAru735PvlcrJCeYSkGPC9ldPELHbW9kM79tkJpsQ5URtoRkxwxuw8BlsFWkVNpukSTl76t7q2sW8Slv1GRg_MZRGn1L9cZirr77Sfur14Nv6fdWnl04HDNqSzSy_IkY0QT_QyyjplkYNE-Gjot_J_nrIZlGfrqNR39TmsTxAsW5PTgBG0fBXLSC7dSZvOn9iNeHuYxUtUL1si1YuzJWmngxyyHnmuhy7tBEXkbrWa1PJRSv2TDS3ZTPBwSR3uEVJMo7I24BzRcLag7nVjMsG1raOWdeteX9XDH-O5k1eH2-EQj20UIMMYDlFl5o8_k3cN4J2Uw2WRh3GWGxSxrFtAMfwgQpdETQyQog_uBlbUEPlSxltHjvXA_f88JF-whOe2Cyi34qh3d2o1hvh2GAII0NbtRDGU29DnVb-rlyZ0YkDpnyGb_2gHry_0gJpdaHwREfYx6_vFpbUm_5bGTkbuz956oNmefgaNLrhOT__j9PBsS7y2fLUy7BrY0dIec46xR9AqPlxVCKY9_Q-K2vM5z9PgxD8KBin9_WwVQqmkSetMBTPUa4TvqYUaPmqLpyXrP02m1RmQO3dDw3WJuqMYX7-FQrqjQV1utFL5N7iVXCGvXXPuDM7Jug6pIdY7Eit7QJCq0F0bkB0rKH4xKLWbDVbKuljD_ytawyHGMe-FdyCVEGHlzhLnY4x62AnFZ2QDFleF0ULB_u3P-fouoMsYppJgqFAkosHli5dkFYgbzib0Y3enFbf0iYJ0nkfq9xzC-Q2MSvTI-CPQOmAXTo4FW2WEIVLxM7lc9nBA5MHQITzD1zCIhjEJxXdiOIajaIVxGuCSjYNLEQx7Pb0VMlxyF3fdocvNu4CdXLrQz6O65uu_9SFHMElVgHiodgar4DHF2P3V1Y_6oDN0dOi3M3FUrVPlNRGXx9LvzmmUtsVPwkZNgQVaJGVtO3KkNcsufq_K_-vaMUYNaqu8cVDO-N_AIAKZOpcgsO2VvmOULQ7QUs_ObOq6MU_-48pHZOToUZfHuUXkpLN6oR8JeJ12ueuhuYOfEikQy8LOQKkesb7ANbaOkn-1KALf7YwLwi2UX22vNb-Wrcy7ffN96SWD-f-RkRYTWvRrjOKuXg9LM7wmJDSy5QWbKjGM1LSE-mXIwbsx2f8LAXeBddrvUu9Y5xvEWiNiExbEwPkmnz79b1EXpEAd2ajjcW9Hdq9grKsm5I8n-6HEaN4LXJSTUu9uedNHHdmfZx7e7Fir-Y8Cr7roeT2d30JFVttJzVpwtUijHqLbioybVRoKhN-QmlavrrhG5b6_xTdBuNCYCH-CbB1ZbZu-N7p44zJhe60Sf2lWloDE_yg0l97l07XCYO2FzG0fT9EkidVzqUC4hOjte2FW_bosdT9Ube0JDWtWsi3nGbeqREsd9hUkhykFzTwD5htA0UpDFnqm5ZG-TuDJD3yr_M-97bK1i6hTNWy9uYRRfmyHOjIBG0tqhRSTMEL9RyW1NCiv952AwLr2zvhkiuzaImtShlqse9eK-8_11kVweivL0sHlucpKiuWWFIsJWAaJsAuUSAVEgFw7LtwsotTWCxrwBu07-BlNy10alZ_kluMwoWuSikenToEcC8TNq1dy3FB1JSXxfACpNCrIHY5bb2uwJCAhNXE6vIKhngo07eIiz0BmIPGWypyqTjMkGD-MbNv6PCSPQ6VnVGWOdqZv3Lr6YxAGsXSwO6aYwUC5RyEnQSbPNZeFvY5JqVLZfV2JvOQ_QwJ8izow33ZJDWxUvEzTZMIu_gQoNUAZ--tqoFgZEO63PMt3ss2xKDyjGtehkqlCOgbo0YZXpzxpViAIueA66ORzJIEnM3Isol6nbrbHW4tAaDzMw49zZX7-FzEtIjMw62EKNV30rJtu24ldlW-rPb6T67WjedTan4aK3vwjE7K_9DN9LEhKTfTauuf9bQaaVTVBHWKxdSJY4xI6yp5jDnHjRSR-nrFTzxegFsaEl8vyBfXKrTMBsflncf9Fhe5sB80RuPLg3kdyBREWV9ea5dPfkwNofWIIDXC332TJwi7bUE5B&cid=CAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=15359261502279098000&adk=2857193498&idt=222&cac=0&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 19 Jul 2023 21:41:24 GMT content-encoding br x-content-type-options nosniff age 583897 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 Jul 2024 21:41:24 GMT
GET DATA	200 OK	truncated / Frame 4BD7	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04ee4c061632d1f94229f0ad626e6eea5437a61c84deec524b9b02a36e7e8384 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Type image/png
GET H2	200	adj Show response bid.g.doubleclick.net/xbbe/creative/ Frame 0A6E Redirect Chain https://fw.adsafeprotected.com/rfw/bgd/1135760/69474508/xbbe/creative/adj?p=APEucNVRgmF0MvPZLd2yXgQSQqE9zj73VY_bxk10Ar7lU0eBO6jcyTc&d=CokBAKAmf-CE8WaHOrD-FIGeyCpvxVrJTFvK5EGL8VeMh1kUu9tEzB5vxWKeJfZ... https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVRgmF0MvPZLd2yXgQSQqE9zj73VY_bxk10Ar7lU0eBO6jcyTc&d=CokBAKAmf-CE8WaHOrD-FIGeyCpvxVrJTFvK5EGL8VeMh1kUu9tEzB5vxWKeJfZLKD1g2jO5yJmC_MCRljZNcSOkz...	70 KB 24 KB	115ms 113ms	Script text/javascript	74.125.206.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVRgmF0MvPZLd2yXgQSQqE9zj73VY_bxk10Ar7lU0eBO6jcyTc&d=CokBAKAmf-CE8WaHOrD-FIGeyCpvxVrJTFvK5EGL8VeMh1kUu9tEzB5vxWKeJfZLKD1g2jO5yJmC_MCRljZNcSOkzL4oBfX08nkBPdtGe2UGS8FDslq1CvGZrIyh3pFc5YH1uO_Pn7xyp3aJmYmholwna-xWnqIPKojWj-7xUVpG4FHH_r3BEDG_QwES6RUAoCZ_4E7nRnSeLO5UYR7SMLEjvG1J9JRfzFbmofE9VF1Q4u_PO4-lixFJ0GP1yI5cGX0Kxo3HnRnyfXph1J7ipc70kisO3AlTxa5bCOnJAHP7ilXH1j1U3dLr14mMzwQqFvRrZXdDWkGgUMMAwy7gY5WNE76qTQEFrRAfoVL3OEzSxakviZ9BO7j0AV0C4On5mT4WKahmWehso0hrVXB60X12ekvXm3qDxa_RuRxkSOTGThBa-AEwKnTnGd48ptBr8MpBmJqnHtSSjTaZjkgHnOtp36D54ovfyWUzdP-J5R1-b_mvxuj2dkZWy68zbf5IeUF-ptFxat96Lr3EWI667bp4Xv2Q82SqDcoN1y4sqAAtIyFWDGgUZjANvraZ3uoaR9SWyRIdASvtBqMAf2g6DYOePNIngdzpyUwUiyCXKyQ3CreAfU_YdOxpXRsr5AUE0SeAk_QHj0aqODrO8RaKcmSu-l8jTFYhnvo5R8OUkzbLNw2uf_ochRahTcsGYtj5z_4imJdbr05kX0uhSIgsPwl1H87AVd1SzUUk6_wtl7nrUjO-nlyadL_al9OI3krGBA7-2Cb7o7qOzxenpGauz7_QOp4h_ZyqDLgOIQIxLm2rrc37WQYCOEBeAQN9x16RfL5qObFI1o4p2g7lS7PBbPpqs4LW84MnKof7wHeB0MIFcZpOHU19az0L3cBA8yBkgnwNj8LYc3JErzwfrKB06WF8QYgnybj_g8JPCBG_BDoufIxQGtItR5zUjZNbQr-PCVuuMAXitG17t1Nmi2orR62o2YRNEc5c3ypra_s6EsiBGojuP-JmVprMKKdlRFo5IyTfnWolZ5inIPrV7_rTRcMCGkt1Y7mI7pn_J9S04Y1ofHr-bdex3OxcVd20lFFMcWWVqDRunZ1upTn_HjbCGRhL6mDUq5UUa3g3fbiHHOKQmcKsuqp74SJqaCFZTIqLOv1SudJg3YIuq-XzntPmljScUcyFwsPl3dbpvC82bIOgngrK3SPq8bQNh0jmQbKtzky_vFf3SL4QDd7WaYhL9L8VYWU-dFVD6h1DflDUnRw5mhdcjHWeLgTnrZXZC26ik9t_5e_MoLp6IjAcaoaEt0hU-6Gmn1o1h6KEneRvv-q8UA8PwCLnjoS6O2Hmm7iCiDhUZaMBTNsFsoZQ28JXG6No_l5LRoNU3_0U3PT3i0leyR9hAqJsT78auCOxTJ94r5QBG4E4i_25UMmFmq_oqpsMFEdIqKScmVQiK9YF4ePm6Cnznj1yUdkD_836GQJBKQ8MAhetnYm7IWMDxlkUlG1SLQXo2anGX76kZ-RWDkD50RO174Fzc04P4S_IpxWXUQSXKmp474qpPUtYxn7vy7c8rQ3UMBZCVm4Hbasky_M2mfP5KwUnnrZXiospupnZp0xe-PfLauAFL7SCt9BnhjCgc4iWn8T7EJbnk0puhHzJ0l_F7dWvBriW8PtrcHfQD4C7WUDmhepQAZcbhS1_xu3kzfjwcDXd77srPCzTYqFioFIXlVC3CrLuJ2s7aMSlX6QbkCbN4veHM85xsnz5hSH3Do12trNgZeXcxlkbItGyIV8JkB1NxoFFgpHrPX2pxSiuRs0d-T4EtvJmqgS8N3rsSIpK2WDhtl4-WjGEvmaRyVBHUzALdjdW8k73E91uvJrQTQXz9T_dZwgSouuSXcHzipyPEZMk_wkX4S-Xtc-WTJ3PYBZBSp0wIfi63VRWyCMogUE9UFb_s3v32ECZJth7hwPdHfuya7EACDn2v7sEeSi3e8RR1UNmTiMbyrvo3ayjEg7dMW4EAhZJh9BpTv3fAyDCqx8nrSeiotGcel4iJYu9qxJBxDK4vnD_8twpbqs4bC9bJ0eUOLUmXHGRmsB4sx5QSe2GQh2GY3O2xacbTZ2ttwVzrqoJeY3mzAByqJVB3MdDDohUDdBfWQ3sIv4AvV4403zwIJSd92M1sI4jTbsPQHlhGDmjH8rqLvCOYPV0X9F1QV39KxmU3E1kgJSaKim1p1RwPNeRGVejcHhL7SHpxvvSfD9rOPfjNGTRI2_TgJGe6t-DkyIoRWTG2TKkX5jk3bC1b5RTBhk4ba7TbqwPDd6wXF78w9tssxMz74ts_qhOdlT8TQvJdDACxnmsk9YDiKz6LncY7bjwGY_LHOMNTFhIB9rj8zWopW72Vs3FP_sMX3IMxLqMf3El7553O2V8KFUbgXsfFU2BguGe_8hTPhZsGukKRpa9S_kozP2tVtAoCjqK1E4iDhWVs3iASgSu5XxqSWsRbZa9SNxwwnKzj70lykqC_EYf-GK-4XMWDiMqSrU2tKbPZABQsuF6K6t9zOADoSqFW2AAUICpZ82Y4uI3LobD2s9knFDHpZ8nIAm2BmQrpMlMLXHFTqDOp5aC5MD84ulOG2O0b4c0Kg5tsDCc6cNdjMQuKmn4oB72-9PmbWCxehPnTdAEnAfbUgvsRry4joqzDkRigpC_UyDrMpNGL5gKdT4yM6oWP7UV6rFYIjkxyCfDGtdyRQpVAuyj0bI8lJYjZeKZ7iIPCQOq4vfWtCZu2LkazqLbK0KcQRJ1ZMBQ75UBxuSqiED63RCziyrguIV58AiPhENitn4ME6xBDf37qwCBsApTFZ60pg1CidkYUhH6ofEYyHVxOuE4KbbROfBqG-ms6Ry-sHsF9DaT9ieAYvFD2hgKvGw9WFIA4IU90hGCcGnojE05tCaqEPrEd064W7e4XCGjVIGFpTbRvCvweI9Ik5364wuqLqAu_yup0hN94r4SbedqZlsuKmNyMaBj-P-bfH0g5RI8Awd_J3MsOeRogxHLVpxkrzVUc9xUNEdA4x_1jcrGIch16OkevE_7loF6tbhETLvysNTInPGWdVDL_wi-4gC7y93ncBzHuzpWA-0TMLmJqcblmb5SIN-E0I53O6RLLmFYw8-SCbvN5EJv4ByHhL4eG-6vfLvlRZy_kbq_waKcFbncGNLCC5kVRCSNbV3DcD-vjRyh8V0D1lZuTOmcqIvZscBuLdcvFhQjRQbBDqiMCxiT8KKFPLsR-6fPKODqS6drp0apUg56RDwPEwGPbUCLUW0H72zMG5ROk8A43cE0JTbh7ggt4qdktEYboU6z8cdMqyUk09CNzJ2vTwZw-WiJeV5ad55AkQxHg7DL-3hGP5RbxZe5wh_ftA7QHvllE9XvepbrGzwRHOIa0mgTBh_93ravGUdiXoJG2BvQuWPoHBzGnvzKDTOUXZTf6YTL8cseqOL8Ojb6icpjA_OZEzEhHRIl0exZI_hn8IVKAZEvCV4-LDqzrkRHNjSZ4uol-oDRKBeNntZgn3zsxdajX4Pf4vQhmtmpWAvDaHo1V4DUCIP-MT_VOuxxxBexYIYfbdInAa-LLrb2wYoazSj5iRlJHnHP7LAJkyfPi7r-HdlEf9i3b4IfOgp4_5XgYrRdh5xas8L44AGUl5NKZ0fE3Zkke3yEb-dmu3qQ5zySPiFqesu-lsy5X55_5uQ33TaUyYtkp5Na4DcgLxki9J0Mdie83SeoDPJbqNhoP9cjJ92r0_8pWK6cSa0q9rJUVwnPPpZT5NjcZEBpupUcneKpDUsmPFUR0tD5iFpa4HQ8shRy2ktQ69f7O22YLwdSBtq7jw1HCbnbT8dQpicrfCEk2ASfvj11QUQsUG8Mj3B4MFxQFBwHnKhKe3httFXjfRflZ_SpxnLI-JGU0XsEc46X6WSJfYQWHlYaUQgEEksAaQJSVhygez3gLVUKWapk5ShgtF0pdvnSEfNSR768OfplGYnsam7OAEaF2zcaVfGkQlhMDfFkNJzV4XidNOCiQ26pX5PLRN3WI0IYAWAB&bundleId= Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 74.125.206.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS wk-in-f157.1e100.net Software cafe / Resource Hash 5c0b96452d906e29059a0d931adcece94161f0cead14e08e859f38ae7231aad7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24502 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server nginx x-server-name app06.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVRgmF0MvPZLd2yXgQSQqE9zj73VY_bxk10Ar7lU0eBO6jcyTc&d=CokBAKAmf-CE8WaHOrD-FIGeyCpvxVrJTFvK5EGL8VeMh1kUu9tEzB5vxWKeJfZLKD1g2jO5yJmC_MCRljZNcSOkzL4oBfX08nkBPdtGe2UGS8FDslq1CvGZrIyh3pFc5YH1uO_Pn7xyp3aJmYmholwna-xWnqIPKojWj-7xUVpG4FHH_r3BEDG_QwES6RUAoCZ_4E7nRnSeLO5UYR7SMLEjvG1J9JRfzFbmofE9VF1Q4u_PO4-lixFJ0GP1yI5cGX0Kxo3HnRnyfXph1J7ipc70kisO3AlTxa5bCOnJAHP7ilXH1j1U3dLr14mMzwQqFvRrZXdDWkGgUMMAwy7gY5WNE76qTQEFrRAfoVL3OEzSxakviZ9BO7j0AV0C4On5mT4WKahmWehso0hrVXB60X12ekvXm3qDxa_RuRxkSOTGThBa-AEwKnTnGd48ptBr8MpBmJqnHtSSjTaZjkgHnOtp36D54ovfyWUzdP-J5R1-b_mvxuj2dkZWy68zbf5IeUF-ptFxat96Lr3EWI667bp4Xv2Q82SqDcoN1y4sqAAtIyFWDGgUZjANvraZ3uoaR9SWyRIdASvtBqMAf2g6DYOePNIngdzpyUwUiyCXKyQ3CreAfU_YdOxpXRsr5AUE0SeAk_QHj0aqODrO8RaKcmSu-l8jTFYhnvo5R8OUkzbLNw2uf_ochRahTcsGYtj5z_4imJdbr05kX0uhSIgsPwl1H87AVd1SzUUk6_wtl7nrUjO-nlyadL_al9OI3krGBA7-2Cb7o7qOzxenpGauz7_QOp4h_ZyqDLgOIQIxLm2rrc37WQYCOEBeAQN9x16RfL5qObFI1o4p2g7lS7PBbPpqs4LW84MnKof7wHeB0MIFcZpOHU19az0L3cBA8yBkgnwNj8LYc3JErzwfrKB06WF8QYgnybj_g8JPCBG_BDoufIxQGtItR5zUjZNbQr-PCVuuMAXitG17t1Nmi2orR62o2YRNEc5c3ypra_s6EsiBGojuP-JmVprMKKdlRFo5IyTfnWolZ5inIPrV7_rTRcMCGkt1Y7mI7pn_J9S04Y1ofHr-bdex3OxcVd20lFFMcWWVqDRunZ1upTn_HjbCGRhL6mDUq5UUa3g3fbiHHOKQmcKsuqp74SJqaCFZTIqLOv1SudJg3YIuq-XzntPmljScUcyFwsPl3dbpvC82bIOgngrK3SPq8bQNh0jmQbKtzky_vFf3SL4QDd7WaYhL9L8VYWU-dFVD6h1DflDUnRw5mhdcjHWeLgTnrZXZC26ik9t_5e_MoLp6IjAcaoaEt0hU-6Gmn1o1h6KEneRvv-q8UA8PwCLnjoS6O2Hmm7iCiDhUZaMBTNsFsoZQ28JXG6No_l5LRoNU3_0U3PT3i0leyR9hAqJsT78auCOxTJ94r5QBG4E4i_25UMmFmq_oqpsMFEdIqKScmVQiK9YF4ePm6Cnznj1yUdkD_836GQJBKQ8MAhetnYm7IWMDxlkUlG1SLQXo2anGX76kZ-RWDkD50RO174Fzc04P4S_IpxWXUQSXKmp474qpPUtYxn7vy7c8rQ3UMBZCVm4Hbasky_M2mfP5KwUnnrZXiospupnZp0xe-PfLauAFL7SCt9BnhjCgc4iWn8T7EJbnk0puhHzJ0l_F7dWvBriW8PtrcHfQD4C7WUDmhepQAZcbhS1_xu3kzfjwcDXd77srPCzTYqFioFIXlVC3CrLuJ2s7aMSlX6QbkCbN4veHM85xsnz5hSH3Do12trNgZeXcxlkbItGyIV8JkB1NxoFFgpHrPX2pxSiuRs0d-T4EtvJmqgS8N3rsSIpK2WDhtl4-WjGEvmaRyVBHUzALdjdW8k73E91uvJrQTQXz9T_dZwgSouuSXcHzipyPEZMk_wkX4S-Xtc-WTJ3PYBZBSp0wIfi63VRWyCMogUE9UFb_s3v32ECZJth7hwPdHfuya7EACDn2v7sEeSi3e8RR1UNmTiMbyrvo3ayjEg7dMW4EAhZJh9BpTv3fAyDCqx8nrSeiotGcel4iJYu9qxJBxDK4vnD_8twpbqs4bC9bJ0eUOLUmXHGRmsB4sx5QSe2GQh2GY3O2xacbTZ2ttwVzrqoJeY3mzAByqJVB3MdDDohUDdBfWQ3sIv4AvV4403zwIJSd92M1sI4jTbsPQHlhGDmjH8rqLvCOYPV0X9F1QV39KxmU3E1kgJSaKim1p1RwPNeRGVejcHhL7SHpxvvSfD9rOPfjNGTRI2_TgJGe6t-DkyIoRWTG2TKkX5jk3bC1b5RTBhk4ba7TbqwPDd6wXF78w9tssxMz74ts_qhOdlT8TQvJdDACxnmsk9YDiKz6LncY7bjwGY_LHOMNTFhIB9rj8zWopW72Vs3FP_sMX3IMxLqMf3El7553O2V8KFUbgXsfFU2BguGe_8hTPhZsGukKRpa9S_kozP2tVtAoCjqK1E4iDhWVs3iASgSu5XxqSWsRbZa9SNxwwnKzj70lykqC_EYf-GK-4XMWDiMqSrU2tKbPZABQsuF6K6t9zOADoSqFW2AAUICpZ82Y4uI3LobD2s9knFDHpZ8nIAm2BmQrpMlMLXHFTqDOp5aC5MD84ulOG2O0b4c0Kg5tsDCc6cNdjMQuKmn4oB72-9PmbWCxehPnTdAEnAfbUgvsRry4joqzDkRigpC_UyDrMpNGL5gKdT4yM6oWP7UV6rFYIjkxyCfDGtdyRQpVAuyj0bI8lJYjZeKZ7iIPCQOq4vfWtCZu2LkazqLbK0KcQRJ1ZMBQ75UBxuSqiED63RCziyrguIV58AiPhENitn4ME6xBDf37qwCBsApTFZ60pg1CidkYUhH6ofEYyHVxOuE4KbbROfBqG-ms6Ry-sHsF9DaT9ieAYvFD2hgKvGw9WFIA4IU90hGCcGnojE05tCaqEPrEd064W7e4XCGjVIGFpTbRvCvweI9Ik5364wuqLqAu_yup0hN94r4SbedqZlsuKmNyMaBj-P-bfH0g5RI8Awd_J3MsOeRogxHLVpxkrzVUc9xUNEdA4x_1jcrGIch16OkevE_7loF6tbhETLvysNTInPGWdVDL_wi-4gC7y93ncBzHuzpWA-0TMLmJqcblmb5SIN-E0I53O6RLLmFYw8-SCbvN5EJv4ByHhL4eG-6vfLvlRZy_kbq_waKcFbncGNLCC5kVRCSNbV3DcD-vjRyh8V0D1lZuTOmcqIvZscBuLdcvFhQjRQbBDqiMCxiT8KKFPLsR-6fPKODqS6drp0apUg56RDwPEwGPbUCLUW0H72zMG5ROk8A43cE0JTbh7ggt4qdktEYboU6z8cdMqyUk09CNzJ2vTwZw-WiJeV5ad55AkQxHg7DL-3hGP5RbxZe5wh_ftA7QHvllE9XvepbrGzwRHOIa0mgTBh_93ravGUdiXoJG2BvQuWPoHBzGnvzKDTOUXZTf6YTL8cseqOL8Ojb6icpjA_OZEzEhHRIl0exZI_hn8IVKAZEvCV4-LDqzrkRHNjSZ4uol-oDRKBeNntZgn3zsxdajX4Pf4vQhmtmpWAvDaHo1V4DUCIP-MT_VOuxxxBexYIYfbdInAa-LLrb2wYoazSj5iRlJHnHP7LAJkyfPi7r-HdlEf9i3b4IfOgp4_5XgYrRdh5xas8L44AGUl5NKZ0fE3Zkke3yEb-dmu3qQ5zySPiFqesu-lsy5X55_5uQ33TaUyYtkp5Na4DcgLxki9J0Mdie83SeoDPJbqNhoP9cjJ92r0_8pWK6cSa0q9rJUVwnPPpZT5NjcZEBpupUcneKpDUsmPFUR0tD5iFpa4HQ8shRy2ktQ69f7O22YLwdSBtq7jw1HCbnbT8dQpicrfCEk2ASfvj11QUQsUG8Mj3B4MFxQFBwHnKhKe3httFXjfRflZ_SpxnLI-JGU0XsEc46X6WSJfYQWHlYaUQgEEksAaQJSVhygez3gLVUKWapk5ShgtF0pdvnSEfNSR768OfplGYnsam7OAEaF2zcaVfGkQlhMDfFkNJzV4XidNOCiQ26pX5PLRN3WI0IYAWAB&bundleId= cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame F788	91 KB 23 KB	43ms 42ms	Script application/javascript	2600:9000:2450:5c00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:5c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 21 Sep 2022 15:36:17 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 4bc6e08d9495b312ae3b91e801107f80.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P4 age 26612206 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id fABsp6HVuD0u3Z8ttGUinPvr_ZrpcgXEmrKofHOD5RfAXA4u_77DjA==
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 2293	22 KB 8 KB	56ms 55ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 188896 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 24 Jul 2023 11:24:46 GMT expires Tue, 23 Jul 2024 11:24:46 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A6E	43 B 215 B	417ms 198ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=dfa96b88-e5ec-97f9-255d-812c31a3aa47&tv=%7Bc:juoczx,pingTime:-3,time:99,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:99,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B92~0%5D,as:%5B92~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tL8eFxm+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18*.1135760-69474508%7C181%7C191,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:22%7D&br=c Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server nginx x-server-name dt19.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A6E	43 B 215 B	410ms 198ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=dfa96b88-e5ec-97f9-255d-812c31a3aa47&tv=%7Bc:juoczz,pingTime:-6,time:101,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:101,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B94~0%5D,as:%5B94~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tL8eFxm+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18*.1135760-69474508%7C181%7C191,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:22%7D&tpiLookup=ao:utua.com.br*&br=c Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server nginx x-server-name dt21.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js Show response pagead2.googlesyndication.com/bg/ Frame DA67	37 KB 14 KB	58ms 52ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7510acfe24a32d83799811456324f23dc4e232b122f6fb98b21f94cf6de6529f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 10:07:50 GMT content-encoding br x-content-type-options nosniff age 20712 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14586 x-xss-protection 0 last-modified Wed, 19 Jul 2023 16:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 25 Jul 2024 10:07:50 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A6E	43 B 215 B	398ms 200ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=dfa96b88-e5ec-97f9-255d-812c31a3aa47&tv=%7Bc:juoczQ,pingTime:-2,time:118,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:601,beZ:602,mfA:604,cmA:606,inA:606,inZ:610,prA:610,prZ:616,si:623,poA:624,poZ:648,cmZ:649,mfZ:649,loA:701,loZ:705,ltA:719,ltZ:719%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:118,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16.1135760-69474528%7C161%7C162%7C17%7C18*.1135760-69474508%7C181%7C191,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:22,sinceFw:95,readyFired:false%7D&br=c Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server nginx x-server-name dt30.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 4BD7	0 0	108ms 108ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=ChjqXXEHBZMKACsmwlgTDl7S4D4Dph81wn4GZ4bMRpebAs4owEAEgn872fWCV-vCBjAegAd78oIMDyAEFqQKph_i025SyPqgDAaoE5gFP0MBqDxFSs7ADXSqjcpEajxUskj5oT3FAnoVSwNJGH118C_02cMcIKP6zRnyIdUtpZNDVcZ51q44v98PqpDbKt47gD6BAUpJzrG0ljERS0-Rm6gZ8iaty7CwenX9e_OhuSgXsuFMzzpsH1X5ov8fgedZ28QrGfCFMDK6CZ3WunJ-11HWkGr4-OkjL2Vj1Bda0NoDY5L52iwjKKrPMFteb4fBcDZ2ZqZyidrG32DQgi8iTZLl5qQLkggLghZgO4uAvLNPbeLL42cRgNZR7AO7ssc5lA1JGlsv-tfaNqdaTs_NvIyky4sAEtZqxt_8D4AQDiAWY5amDQZIFBAgDGAGSBQYIGxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB4qD33yoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHCxCQ--UMGOnM8ukB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAbAT992aFMgT4Nma4APQEwDYEw2IFATYFAHQFQGAFwGyFx4KHAgAEhRwdWItNDk3OTk3NzQ2MzgzMzAyNBiZgXQ&sigh=jBYulOTG9fM&uach_m=[UACH]&cid=CAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgB&vt=10&cbvp=2&vis=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	103ms 102ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307200101&jk=773157468472007&bg=!ZWalZjLNAAa0yfNklMk7ADkAdvg8Wv8viH5UHjuYzRxsfAInMXuNa9CHKjaIizgiyCrvDe_3Pi-woobCWf7sxzqxHOqFgQX4OLsCAAAAwVIAAAAIaAEHCgBkKKuM-c1KDKOR82x_AcIVXDHAgdXw4fzw4tfHPZey7if7ZYGY3CJCW6pWm4lgIMxIkjGQ6IaHmHU43AsznrH9fT_GCA87hYE-0bdPwCLzykDQGtGNNPNGYPH9irKfDXMD-o_Ru5kCoS3r_CX3Ue6AI3p29xqutadwEZf_kvoK-80KZtc880kUt2NvGkwF9_kpFU2-kV7-FQKlhV3eqkBpLn4APL9ocpGU7cqSgAMy6iP52S2XUoeD-ToNgTmCeSeUcGIS5WiEME4-eD2gBDnmo1gFWgdnq6CfZC3M9YTx1nfqc4MUXfR_pEBYJVvaM7UXZtuc8AAGPmfCM-oVGgl72xHyEhUbeMLbLTV2Sh1-mh7_CaZ-lbcAgnDx08s-T-YaFKYqA5WgWvm_nMpPFPsKgPXV6ax2yYvmr4rzLkcAKZv1Q4vmt1iv-0hdNL73acPYNP-jMIdnsWeuQd_hKIMAYYBXQRMGiDW_U7isCNPzxhVs_a2Wpi6OXkYbOqetISoCnnj-u7opbHttchQ2am-5Uw-8wDcY3FN5gofTxbvMXwwwPLGcj5mgfDo0eVBHAUYpiFo-na4RhaTzLuWvpSVvBx9OIX-YrsnejLfab6ad55Mbjnu8I375kay8S2P65EMwevgb2Cac-uoURqGMUinJ0IpAjd4Q67Pl5spzWVW0ZdAeF_lJO5637Gx0dABdPHNHJXBS9v-qxzAn23K-cdpQ8qOuy-cDYhThlar5JX6LLptx_DWEAdYE5mSdEi98ZCCUhQcSh2jkYlRgdCLjl5YtqYSPf1znfDQnGbTLaGddlcS963NIal1oQGuyyp7uVL5Vl3zLkKHJQHdt2GCPHvxGwOxt4mLu66CccXnxbrkvpH9aU9V65tPyFwOtZjgeATffFwIyx4hZQUPm-gDhT1WB-cnp2AhBfcP2HFjwIiJ1ekNviBGg7B-eVsINqnd1kAO7wIugIRgUCPfIlq0Zzkg0nS7ee3BMCkvFEaiKBaICkg6XBksa2Cr42teshdN09USuQbaGu3AyADI Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://utua.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame DDFB	22 KB 8 KB	79ms 78ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 188896 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 24 Jul 2023 11:24:46 GMT expires Tue, 23 Jul 2024 11:24:46 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame ACEB	111 KB 39 KB	189ms 56ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ Origin https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 08:46:47 GMT content-encoding gzip x-content-type-options nosniff age 25575 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 27 Jul 2023 08:46:47 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/elements/html/ Frame ACEB	11 KB 4 KB	67ms 67ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/elements/html/omrhp.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/69474528/xbbe/creative/adj?p=APEucNVDSZixqGDMUyUcMEAAlNHJJ1aVtmGLs1CdgRroti1tOWRurrM&d=CokBAKAmf-CqdoAmWTjN69c8hHEjo--ZXxGcxJBmeZ_jfjeRmuxoebJ_S18tUyumIOw93RDJZNEYPjZkaUlhl9JuTCsTrwziJA4bHz0jYnfnXQGhPYHNLO9Q7ZF5KBoChRY8kh6TSuiWifZKt8SEF-tUUdn6_YW8cETKlQT2-MpF9HKe9UlRdriiAkcS2RUAoCZ_4LDKRU1z1Z85ETReyTmlCYjw9tB5dsfFj3GWx25sBq0Ha3mpP7elbNDq5UP4HIzsAxd3OZt31-n5gjWINhMAgayQxZ9DB24TJuwvp7L1Ytm5AiBNbcOrtKyhMviHFLEpWeCRn-lhJ7H68vWkbRVMsPR9slDz7vbBvmwuj5fM8FK31rQugkPQOfB7CiO_0zQnbpZvp5o1yb4VUCl14jVwQ3JBCXTnXvvcrPKNGGSOx6rvcaFKfzhjjJDCpubN5ozyTfSHucVZ7pBGiGfS8m6x8t5UG36zUkNOSj2csQU6PjBDNjnsisexuP7NlFmHCANrtRwWvAhvxuHtoV-C8_3nzPCfi4yJT5CMasWcnXRVfeKE7-LW-OTN8ZSBCd2e-SJm1BoYZ7XPaaNr2lr5rX8_8vUKcczsW01rXUE4MszECfUZ9-gF3LLtJ120WPD-2fYMcqC4MERF-BTYz63JOWqSFuNE2k7q3mpTmvG_rxqzU6VPPKIyxH2zkTuygQVFSGi_NRrj0Iox__mN4RWtd1bHlY7M7RksDktFcHajXy0po-JqjLeE9jmGPG7zd5Fyl_vMEwY-WXnlTY5PaYdZmYo_opzpKpRsNxcx414CwAgqskREaUfdK0oa04Mqsl3wOSGcK5BmKxMXc2oUgZkRp18Gqq2U566NkPrpmtGe2ZshaXdA7UiMtTDM4q3ZmOe0OK_4wyHtR_NIOqP1RC7haSSxyCj23bOTq1VH0cMcZ67r4WxArV6Bi_d2U87BPqPhq2jdHvGSx9pYI0OnNmrtXyxVFkA0zc-4hodqpIdPs8q26yDAa0Dci3mOF31Xx5nGMdkmJDNXjpl6y8kdgH4O0_IX4DviWvwA1fPPXNMxzU7FBRznFTAnqsiuRz4GHpLneHCuIxvllWr0IJRqCgYYSqUOim43Z1RLabid1w3eP-ZxprADoNGxEnhVKhDXkOYzrhUaXHCRKQykLf-RYxWk-jIdc57mEU5ZqpeRf669PZ_xENM_fgG_dr_9QsNDqtr86fJj__mrdEudU74iiAnDDqJkBoML6L8OLrO_xN8TgEyeu5Hm2y9jdKmo96zEk9XrjQz2T9RwwEi8ZPThTnXzMLfHIptoXjz8jamn-0yOriqaRiks8CpJ_ZqnNDpZYRrhnMJ0kRideSYSzc75wliJeepZkuPOJ9oxAdQcmeXZnFUDmjMPX1dndeHQpqo8Qxdb8iI19TbopmVjKw8dp9EU0RGGbTsIFFuKDUJAatZWvJxkpIGoC3kiwzpOKuYbDIOHBWvExJAW-yhVAnHVjtCM_rNBM8Pr_xxTSbC37rqBOOl8DRG17_msO9TYOdQdQGh0nrsIEVDaNxU4kc76VkowsSTEC5pJ7kb1_RY7dD-kusAOjACr9WYhNcJdbGWt4qqmrONwtx-bwJoPHC10D-rPDRmQ-efJA2OXMRwYz5fiIJaxtA786jGEfG4B7mbukUHD8R-udF1mZSAb-zFNbKO0sjCTJjEiaDi15UlCRPEiDdBTGGEuyd3r-tZH8qsJsQM8bUSireYR2BmtV8fpm1MnPRaRfsX8b1zjWQp_S6gC5Q_Ns4W79mSWnjK2g4TUCqw7mJJh2iBcFYIZO4fyJjEY4vDoXh8gI5R4aGKDUeao2SlK_UBZLbkiglQycgJPH7pVOnrgdNmnWKi9creyMzCqJycbEngVE9ekPAG1nrVwxBViTnMpW9q_bHAc9upqiJLma9QRV_PH09VCUwNRf6HeWYGRL5REAZxrHEn4-4YsUY4NcNjbjC-zUGSQ4G3Rc-eCFW-7FrM13P35USa4SoFK5L1qA0d2lik_wl5yELZrQ9LN1KweuDd2oSgXymHYUAQW3mzZBGQh5RgMxtQRZkxwFOvoqy98RoyZK8Y-bBpx58wgaGAj1-4RPMTqPYOyiRR3Vf5VJ55gEfEI6M9PV1PpX1zxhb-7JSCeOwFUAZj8bC5NjldSS_leRE6m5nH9gFpADWN95BNkmoZvlBQrNMgffBTZDKQdZux9uwKkfenf6ED3eQPYG76ZQDNZWDfV1d5x13UM5zIvaTIyr_vBSnfgRzddsOEbJeNpDMVdtJXfowh5hUrOa9fhuAWzv_MkTafjX1cZh1I6R2F1fQVtkebmhSyHsLdCZQPYl1aADgzTfROwS-p1fycCuo-norvLebMaAiYIoy2GjsJVjr_9WUA6TBY_pX1aFKZoc9ggf5T2vmbk__LVzabT452eGoGWx5KvkxTbNui8-7uzHGWi-SRhA6xhZSysZCDoXMq_LV6-y0I6Qq6bFy29pw8qhYWdHIZaBzFFbV8FAdS6dWOPi7IEL7_HHGjE0sl-6MlBF6bYPG18tQHmnyC5OoH-2Bp0-f6Xs51pK7hB-rnYfbms5se2bHgmMjXrnOQo2-F-uJV-eJ5N8_wU0G2Gx4-UDYSUqlbVkJF7V46gi-HBTT1Dbkn5HPf8tPoXpVNaa4OZBOLEjoWDBZvhzPs1Fo4x7v5Pe-hXnbdaVqyXSTgYgkmdOQznvH0M20uD-7nIHyMLEY6ialbAdjK3z4pSKHtAykJJbQTibGGpOh0MhapxJiVGO4Pn6cEKGER5FdGNEXiIOI_dqibAWTcVmcpl49MurwFSY_jg6vqovqyHJGXM3c98P_IDWs0m9xUUdW1TMPmpJSUkTlHF6LPewwVEc-mJXYTP0DrHcEQspzrhK7K8ndYZ0AxTcqZ-xvXmERBrEu8s3B1dmGGFu4tFBdR_n-QlZEMCiUxksXM625NtTMAgk1J-67dIoelkHxQ0Ar0mZxbiQVpykRLP4GATBF3ykVa-Fo2NQV5Kwr1xxW6f7qmXabYKKKrYChozUAm8dHcY54j2ilcGNvQ3usy2SEXP4Gk4EOvYERhXp_R-gHUF_yX2NRmQuRq9zNdwQQq35dnrhlfc0k7IhCPngktY3PSuLB2hjObOS__4hEfgfWdEKQJBL2gPA2Ws863okaIVmV4zp5Ez8Fhpa71-rp4KKqhO-rNhe2-Hrt9yKajPm8A_WGGZcsiZt65LPADJnX74eettcnaYIi4q9pXMqxgRh644DLDkavjp7HmTeNKec7zoBX2Zhu25CuSlxczXYYI-uK4G3ZWmAwI7Qi8-0oY6X35vISXcnIkWV9KrYBQnOuAi9kw1L3TqBRv3Jp81idb2rD_YX9v0tJGgWru_TwoAMAjMAZmEXOUeEZSO45qNO9Vq-PUWpdinLQDNim_c3Ip96zMNzXmE2aPQdP-aXWtjCiSywdyK2yZApCSWvVvf56DTTOPy8Tqa42M578qKp_zN1pPfd0qI3ZL8fe074efR0KZxpRS7PEp-Ae1xlpldLoMKe-ubaFXwYe3B0b0sLEXnzrFELCJtQNxBYaHh0tzUxz8soI1LhXexgjtuB7lxLiq1j5KFakc8DRufaAcujqohrwk18DIHl3ce6dgZJoVDW7EVnlB6ucFJdIiwz-R5owUFKf9nPV4l_H0ZwwAcqmLzaDo7gS5pIiDmB0oRyX-dXWFxqSv_oPE9n2lG7Dys6tQfZUn-TZukDROmLEZyG7ACYSatciVg4NrfVbZ8_3S4-poF3iJ5eE_iSwrWen9o__fDwOxACJ5kAVwrsgXV2THztlKFHnw1qtB0OPPSl9PaUxJzl6KgH9Cs9vUuLswNU273VY7A-xYkBdIFvTJ96LiIjq0COEE7xMMd-j3ITDEjgKEkHRpRCAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgBYAE&bundleId=&ias_dspID=3&ias_campId=1010773593&ias_pubId=pub-1757064723917999&ias_chanId=1&ias_placementId=19749005473&bidurl=https://utua.com.br/br-cc-caixa-simples-p1/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jKRgi-7y2j-_QKyzxMzN5z&adsafe_url=https%3A%2F%2Futua.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Futua.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:353e14a6-5db3-05e2-fad7-4f50fe2502f1,c:juocvq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-57fb8678c4-lxwzx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16*.1135760-69474528%7C161%7C17%7C181%7C191,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:800666e2-2bcc-11ee-a68b-bebf713fd4aa,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:23:06 GMT content-encoding br x-content-type-options nosniff age 5396 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4172 x-xss-protection 0 server cafe etag 16731591232229431525 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 14:23:06 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/ Frame ACEB	30 KB 11 KB	63ms 62ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/abg_lite.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/69474528/xbbe/creative/adj?p=APEucNVDSZixqGDMUyUcMEAAlNHJJ1aVtmGLs1CdgRroti1tOWRurrM&d=CokBAKAmf-CqdoAmWTjN69c8hHEjo--ZXxGcxJBmeZ_jfjeRmuxoebJ_S18tUyumIOw93RDJZNEYPjZkaUlhl9JuTCsTrwziJA4bHz0jYnfnXQGhPYHNLO9Q7ZF5KBoChRY8kh6TSuiWifZKt8SEF-tUUdn6_YW8cETKlQT2-MpF9HKe9UlRdriiAkcS2RUAoCZ_4LDKRU1z1Z85ETReyTmlCYjw9tB5dsfFj3GWx25sBq0Ha3mpP7elbNDq5UP4HIzsAxd3OZt31-n5gjWINhMAgayQxZ9DB24TJuwvp7L1Ytm5AiBNbcOrtKyhMviHFLEpWeCRn-lhJ7H68vWkbRVMsPR9slDz7vbBvmwuj5fM8FK31rQugkPQOfB7CiO_0zQnbpZvp5o1yb4VUCl14jVwQ3JBCXTnXvvcrPKNGGSOx6rvcaFKfzhjjJDCpubN5ozyTfSHucVZ7pBGiGfS8m6x8t5UG36zUkNOSj2csQU6PjBDNjnsisexuP7NlFmHCANrtRwWvAhvxuHtoV-C8_3nzPCfi4yJT5CMasWcnXRVfeKE7-LW-OTN8ZSBCd2e-SJm1BoYZ7XPaaNr2lr5rX8_8vUKcczsW01rXUE4MszECfUZ9-gF3LLtJ120WPD-2fYMcqC4MERF-BTYz63JOWqSFuNE2k7q3mpTmvG_rxqzU6VPPKIyxH2zkTuygQVFSGi_NRrj0Iox__mN4RWtd1bHlY7M7RksDktFcHajXy0po-JqjLeE9jmGPG7zd5Fyl_vMEwY-WXnlTY5PaYdZmYo_opzpKpRsNxcx414CwAgqskREaUfdK0oa04Mqsl3wOSGcK5BmKxMXc2oUgZkRp18Gqq2U566NkPrpmtGe2ZshaXdA7UiMtTDM4q3ZmOe0OK_4wyHtR_NIOqP1RC7haSSxyCj23bOTq1VH0cMcZ67r4WxArV6Bi_d2U87BPqPhq2jdHvGSx9pYI0OnNmrtXyxVFkA0zc-4hodqpIdPs8q26yDAa0Dci3mOF31Xx5nGMdkmJDNXjpl6y8kdgH4O0_IX4DviWvwA1fPPXNMxzU7FBRznFTAnqsiuRz4GHpLneHCuIxvllWr0IJRqCgYYSqUOim43Z1RLabid1w3eP-ZxprADoNGxEnhVKhDXkOYzrhUaXHCRKQykLf-RYxWk-jIdc57mEU5ZqpeRf669PZ_xENM_fgG_dr_9QsNDqtr86fJj__mrdEudU74iiAnDDqJkBoML6L8OLrO_xN8TgEyeu5Hm2y9jdKmo96zEk9XrjQz2T9RwwEi8ZPThTnXzMLfHIptoXjz8jamn-0yOriqaRiks8CpJ_ZqnNDpZYRrhnMJ0kRideSYSzc75wliJeepZkuPOJ9oxAdQcmeXZnFUDmjMPX1dndeHQpqo8Qxdb8iI19TbopmVjKw8dp9EU0RGGbTsIFFuKDUJAatZWvJxkpIGoC3kiwzpOKuYbDIOHBWvExJAW-yhVAnHVjtCM_rNBM8Pr_xxTSbC37rqBOOl8DRG17_msO9TYOdQdQGh0nrsIEVDaNxU4kc76VkowsSTEC5pJ7kb1_RY7dD-kusAOjACr9WYhNcJdbGWt4qqmrONwtx-bwJoPHC10D-rPDRmQ-efJA2OXMRwYz5fiIJaxtA786jGEfG4B7mbukUHD8R-udF1mZSAb-zFNbKO0sjCTJjEiaDi15UlCRPEiDdBTGGEuyd3r-tZH8qsJsQM8bUSireYR2BmtV8fpm1MnPRaRfsX8b1zjWQp_S6gC5Q_Ns4W79mSWnjK2g4TUCqw7mJJh2iBcFYIZO4fyJjEY4vDoXh8gI5R4aGKDUeao2SlK_UBZLbkiglQycgJPH7pVOnrgdNmnWKi9creyMzCqJycbEngVE9ekPAG1nrVwxBViTnMpW9q_bHAc9upqiJLma9QRV_PH09VCUwNRf6HeWYGRL5REAZxrHEn4-4YsUY4NcNjbjC-zUGSQ4G3Rc-eCFW-7FrM13P35USa4SoFK5L1qA0d2lik_wl5yELZrQ9LN1KweuDd2oSgXymHYUAQW3mzZBGQh5RgMxtQRZkxwFOvoqy98RoyZK8Y-bBpx58wgaGAj1-4RPMTqPYOyiRR3Vf5VJ55gEfEI6M9PV1PpX1zxhb-7JSCeOwFUAZj8bC5NjldSS_leRE6m5nH9gFpADWN95BNkmoZvlBQrNMgffBTZDKQdZux9uwKkfenf6ED3eQPYG76ZQDNZWDfV1d5x13UM5zIvaTIyr_vBSnfgRzddsOEbJeNpDMVdtJXfowh5hUrOa9fhuAWzv_MkTafjX1cZh1I6R2F1fQVtkebmhSyHsLdCZQPYl1aADgzTfROwS-p1fycCuo-norvLebMaAiYIoy2GjsJVjr_9WUA6TBY_pX1aFKZoc9ggf5T2vmbk__LVzabT452eGoGWx5KvkxTbNui8-7uzHGWi-SRhA6xhZSysZCDoXMq_LV6-y0I6Qq6bFy29pw8qhYWdHIZaBzFFbV8FAdS6dWOPi7IEL7_HHGjE0sl-6MlBF6bYPG18tQHmnyC5OoH-2Bp0-f6Xs51pK7hB-rnYfbms5se2bHgmMjXrnOQo2-F-uJV-eJ5N8_wU0G2Gx4-UDYSUqlbVkJF7V46gi-HBTT1Dbkn5HPf8tPoXpVNaa4OZBOLEjoWDBZvhzPs1Fo4x7v5Pe-hXnbdaVqyXSTgYgkmdOQznvH0M20uD-7nIHyMLEY6ialbAdjK3z4pSKHtAykJJbQTibGGpOh0MhapxJiVGO4Pn6cEKGER5FdGNEXiIOI_dqibAWTcVmcpl49MurwFSY_jg6vqovqyHJGXM3c98P_IDWs0m9xUUdW1TMPmpJSUkTlHF6LPewwVEc-mJXYTP0DrHcEQspzrhK7K8ndYZ0AxTcqZ-xvXmERBrEu8s3B1dmGGFu4tFBdR_n-QlZEMCiUxksXM625NtTMAgk1J-67dIoelkHxQ0Ar0mZxbiQVpykRLP4GATBF3ykVa-Fo2NQV5Kwr1xxW6f7qmXabYKKKrYChozUAm8dHcY54j2ilcGNvQ3usy2SEXP4Gk4EOvYERhXp_R-gHUF_yX2NRmQuRq9zNdwQQq35dnrhlfc0k7IhCPngktY3PSuLB2hjObOS__4hEfgfWdEKQJBL2gPA2Ws863okaIVmV4zp5Ez8Fhpa71-rp4KKqhO-rNhe2-Hrt9yKajPm8A_WGGZcsiZt65LPADJnX74eettcnaYIi4q9pXMqxgRh644DLDkavjp7HmTeNKec7zoBX2Zhu25CuSlxczXYYI-uK4G3ZWmAwI7Qi8-0oY6X35vISXcnIkWV9KrYBQnOuAi9kw1L3TqBRv3Jp81idb2rD_YX9v0tJGgWru_TwoAMAjMAZmEXOUeEZSO45qNO9Vq-PUWpdinLQDNim_c3Ip96zMNzXmE2aPQdP-aXWtjCiSywdyK2yZApCSWvVvf56DTTOPy8Tqa42M578qKp_zN1pPfd0qI3ZL8fe074efR0KZxpRS7PEp-Ae1xlpldLoMKe-ubaFXwYe3B0b0sLEXnzrFELCJtQNxBYaHh0tzUxz8soI1LhXexgjtuB7lxLiq1j5KFakc8DRufaAcujqohrwk18DIHl3ce6dgZJoVDW7EVnlB6ucFJdIiwz-R5owUFKf9nPV4l_H0ZwwAcqmLzaDo7gS5pIiDmB0oRyX-dXWFxqSv_oPE9n2lG7Dys6tQfZUn-TZukDROmLEZyG7ACYSatciVg4NrfVbZ8_3S4-poF3iJ5eE_iSwrWen9o__fDwOxACJ5kAVwrsgXV2THztlKFHnw1qtB0OPPSl9PaUxJzl6KgH9Cs9vUuLswNU273VY7A-xYkBdIFvTJ96LiIjq0COEE7xMMd-j3ITDEjgKEkHRpRCAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgBYAE&bundleId=&ias_dspID=3&ias_campId=1010773593&ias_pubId=pub-1757064723917999&ias_chanId=1&ias_placementId=19749005473&bidurl=https://utua.com.br/br-cc-caixa-simples-p1/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jKRgi-7y2j-_QKyzxMzN5z&adsafe_url=https%3A%2F%2Futua.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Futua.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:353e14a6-5db3-05e2-fad7-4f50fe2502f1,c:juocvq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-57fb8678c4-lxwzx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16*.1135760-69474528%7C161%7C17%7C181%7C191,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:800666e2-2bcc-11ee-a68b-bebf713fd4aa,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:23:53 GMT content-encoding br x-content-type-options nosniff age 1749 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11572 x-xss-protection 0 server cafe etag 5014499061205845695 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 15:23:53 GMT
POST H2	204	csi csi.gstatic.com/ Frame 4BD7	0 54 B	62ms 60ms	Ping image/gif	2a00:1450:400f:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lkjwn8ix&c=1703064373553&slotId=851532186776.5&qqid=CMKewrzdrIADFUmYhQodwwsN9w&fb=outstream-lima&vast_v=2.0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400f:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	71364485 Show response unified.adsafeprotected.com/v2/1014661/ Frame 4BD7	20 KB 6 KB	297ms 119ms	XHR text/xml	46.137.161.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://unified.adsafeprotected.com/v2/1014661/71364485?mon=71364486&omidPartner=Google2&apiframeworks=7&bundleId=&ias_xappb=&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://ad.doubleclick.net/ddm/pfadx/N7442.1972103DOUBLECLICKBIDMANAG/B27601193.367223508%3Bsz%3D0x0%3BAUCTIONID%3DABAjH0g7irQ-fgjaYurqUwxeb2OW%3BEXCHANGEID%3D1%3BSELLERID%3D834298991907%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://utua.com.br/br-cc-caixa-simples-p1/%253Futm_source%253Dclevertap%2526utm_medium%253Demail%2526utm_campaign%253Dbr-utua-ct-email-cc%2526utm_content%253Dbr-utua-ct-email-cc-ag%2526utm_term%253Dbr-utua-ct-email-cc-ag-2374%3Fves%3DdGltZXN0YW1wOiAxNjkwMzg2NzgyMDg1CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdEF4MklUSnRKbXIyb1BjbGYzVkFUcTBRZkdMY0Q4NGZwUDg4Y0p5R2Zjd2RXbUVzTFZJcldMak03Q2h0WkFsU0JRS1RkX0RJaTBLT1hGTFRDWEVudmd4d3FyWVlYNUx4VVBmYzBPbWdyT1dMUS1taEY3NnZ1MERIZWliYjhUWld1akE4NHZnS0VPMTNYdFBGOGNORzVoWXd5aU5yZnhvTGxoTVRHZlZ1OWpRNElzZzlZaVhlVXJxMGZ4eXN3MmRqOURXS01pdFM2cHVhRUtlYU15TXFSMEFsWG5IeHBnUTVsVC1vM1J2M2ZzcTBydTh4WndYa3BQTE44bHU4U2ZIVE4zeXlIU1pWcjEteURMVm4tcXVUOHR0a0pXWVlEMHhrVi1qRlBSRmZLT0ZHU1RCYkkwSzc3R1ZLTUxXZFRnTTU2MWE1eFAwR1FLWmhMbWVTVWlxalVUR2RqSjZaZzdhdlhQdU9WS2xCTGxWeWNhU0YxV3FaS1pLX29nMHRjMm1nanZsTEE0MG90a2tZWHBhNm52RTBBNVN4MXdpSkwzeVhOa1ZzMXVjN0tYRmowWl9sdEdEUmdia3hhMVBuLW1sNzB1eC1VRWREb2ZTZTZWSkNDNHdDbnN3U2N0RmJMN042ekVpNzJWTlk2LWxGM1UwT1NFZEZ0ZmF4N0tmRGNBVjlmOFNWaDE1ajNuaVAtU2RtbXlDRldFdEV2dHpNUU5PTzNIRWhmcVFNc1c0U0x3OWNXZnFDaVV5SGhvcThXbDdRMHdDekFZUU5JNTEyaUxwNXVkeDFzQ3l6LVFtajAzX1pIaUFOc28xdlg5UXdfb0dIcVhyLTNSdU1EZ3R6dHZUOXpxVGJCLXF2UEVxV1Q4NXRQNjBFTWJuYXpZTmZqSXJJVnRHZlpjeHVYRDRXbUFXWFFUZkN4eDBHWnN4cHNrcVlpaUhKVUJING5Uai1GREFSRjVfMVFoUnNHUUhNV3J0M09NUXhsMDFqc2pOSzZTNGpaM2FObl83S0hYNEEzYXVJZFF6MnBqTHJidWJubGNKeGJ0Mi1GN2VIbDRnNE9XRkh3UGxnZDY3bDh5dXhDNkJ0bWl2QkttMV81NnpPSnk3TEdIWWJYbmpwem1aeUs0SFhGVHo5b3lqSDlBSFlxNGF4d1J2SFNTUUN1UHk3MllRLUhVU3ZrZkhzSkZSc0ZUenBQNWM0MV82Zl9fa0xKQ090ejh2QWlnQVpmVG5wcGlKbzRqYjJaR2x5aWhscVRfRlp3YlNWQnFxcnhlRDdPNjNPUko0NmJHdVlDTThzUUdmVzMwbUdobGZ2bUlGQ0o5WkhTZE1ud1Y4V0gyNmt4N0ZGTTBZM042ZDVlRXlwLTFnNlNHc09IYVotWXMwMmltZUVDLW5INk5sc1dRMWxIazNWSFlOX2lDTFFDTk5xdWlMVG1mV3k2aGpjaUN6Sm9ZbEg2SnN4cVZDempOUDhlanhobG5ENS00d1doMUtPMFdybkxOb2hITlI2bzhaMVBsM0d4bHBkYkhmaGNmbTNOVXNvM1ZNU0NDclVDUmNaN1A1X3BJc0tWWW4yMG5tVlZ4elk5WldjbDU0dUhkTkNfenZob0VMQkFLdU1xVmhzUEhaUEZyWWlQMVNtZDdiajlucHh1ejAyQmRVd3daVEZ5QmVGVEh3NkZERFktb3l3M3ZLMEsxYmZnRHhIMWtoUGZGZDd3QWpVODZUc2Mmc2FpPUFNZmwtWVRfb1hKM2ZUT3dfbzQ0ZlpoR1JYQjBZQnB1cm5RRnRWS0E1aWk3MHk1WXliWk8xVG54cHVBNTFFTkVTT3VJcll3dmlWMFVuMnZ2Q2hCUnVfUC1DSVdIbDQ3OXVxUkxTZ1gwcVFHdDlZMVkwMTJ0eWRFTk5RSU92My1kMGw5SEl1YnVPUm85Tm04SDdCcHBNLVhFWWVLZFQxZVFEUE1OMUxLUjRvTllpQ3FncDZWVXItRjF6WVhrZFotb0R1SGhnYXgtak5nOUhOMURYTHI5bC1nY3pRSkR6MVd1VkxGNHpKaldkVkl0d2c4MkVZSzAxbmpaalhVOHFnVmYxU1RZcXNiM0xsU0xQRl9JRFdGU1NOWUVBZ3JaT0QwaFoweVNLYmdQLVBHS2tGZURjb3hZeXlMbW1jQnhCLVFmZ2RidjhBZyZzaWc9Q2cwQXJLSlN6Q1IzNXlFNi1xUzJFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LmNpc2NvLmNvbS9jL2RlX2RlL3NvbHV0aW9ucy9oeWJyaWQtd29yay9yZXF1ZXN0LWRlbW8uaHRtbCUzRkNDSUQlM0RjYzAwMjQ2NCUyNk9JRCUzRGRtb2NvMDI4NjEwJTI2RFRJRCUzRHBkaXByZzAwMDAwMSUyNmRjbGlkJTNEJTI1ZWRjbGlkISIK%26dc_cid%3D191547418%26dc_adid%3D557904688 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.137.161.173 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-46-137-161-173.eu-west-1.compute.amazonaws.com Software / Resource Hash 0b5cd7479a569a03882b5618e79a68f1c6835ab9ddd4b87561ed17dffce79571 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Date Wed, 26 Jul 2023 15:53:02 GMT Content-Encoding gzip Vary Origin Content-Type text/xml; charset=UTF-8 Access-Control-Allow-Origin https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate Access-Control-Allow-Credentials true Connection keep-alive Request-Id cj0k2ni1a4mknkc3g0qg Content-Length 5667
GET DATA	200 OK	truncated / Frame ACEB	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 924522c549df05c7ec6a3ebcc728182b8f6d9660b084a14ea4dc54157d85a0b3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Type image/png
GET H3	200	dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js Show response pagead2.googlesyndication.com/bg/ Frame 2293	37 KB 14 KB	58ms 57ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7510acfe24a32d83799811456324f23dc4e232b122f6fb98b21f94cf6de6529f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 10:07:50 GMT content-encoding br x-content-type-options nosniff age 20712 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14586 x-xss-protection 0 last-modified Wed, 19 Jul 2023 16:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 25 Jul 2024 10:07:50 GMT
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 0A6E	111 KB 39 KB	59ms 58ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ Origin https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 08:46:47 GMT content-encoding gzip x-content-type-options nosniff age 25575 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 27 Jul 2023 08:46:47 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/elements/html/ Frame 0A6E	11 KB 4 KB	60ms 59ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/elements/html/omrhp.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/69474508/xbbe/creative/adj?p=APEucNVRgmF0MvPZLd2yXgQSQqE9zj73VY_bxk10Ar7lU0eBO6jcyTc&d=CokBAKAmf-CE8WaHOrD-FIGeyCpvxVrJTFvK5EGL8VeMh1kUu9tEzB5vxWKeJfZLKD1g2jO5yJmC_MCRljZNcSOkzL4oBfX08nkBPdtGe2UGS8FDslq1CvGZrIyh3pFc5YH1uO_Pn7xyp3aJmYmholwna-xWnqIPKojWj-7xUVpG4FHH_r3BEDG_QwES6RUAoCZ_4E7nRnSeLO5UYR7SMLEjvG1J9JRfzFbmofE9VF1Q4u_PO4-lixFJ0GP1yI5cGX0Kxo3HnRnyfXph1J7ipc70kisO3AlTxa5bCOnJAHP7ilXH1j1U3dLr14mMzwQqFvRrZXdDWkGgUMMAwy7gY5WNE76qTQEFrRAfoVL3OEzSxakviZ9BO7j0AV0C4On5mT4WKahmWehso0hrVXB60X12ekvXm3qDxa_RuRxkSOTGThBa-AEwKnTnGd48ptBr8MpBmJqnHtSSjTaZjkgHnOtp36D54ovfyWUzdP-J5R1-b_mvxuj2dkZWy68zbf5IeUF-ptFxat96Lr3EWI667bp4Xv2Q82SqDcoN1y4sqAAtIyFWDGgUZjANvraZ3uoaR9SWyRIdASvtBqMAf2g6DYOePNIngdzpyUwUiyCXKyQ3CreAfU_YdOxpXRsr5AUE0SeAk_QHj0aqODrO8RaKcmSu-l8jTFYhnvo5R8OUkzbLNw2uf_ochRahTcsGYtj5z_4imJdbr05kX0uhSIgsPwl1H87AVd1SzUUk6_wtl7nrUjO-nlyadL_al9OI3krGBA7-2Cb7o7qOzxenpGauz7_QOp4h_ZyqDLgOIQIxLm2rrc37WQYCOEBeAQN9x16RfL5qObFI1o4p2g7lS7PBbPpqs4LW84MnKof7wHeB0MIFcZpOHU19az0L3cBA8yBkgnwNj8LYc3JErzwfrKB06WF8QYgnybj_g8JPCBG_BDoufIxQGtItR5zUjZNbQr-PCVuuMAXitG17t1Nmi2orR62o2YRNEc5c3ypra_s6EsiBGojuP-JmVprMKKdlRFo5IyTfnWolZ5inIPrV7_rTRcMCGkt1Y7mI7pn_J9S04Y1ofHr-bdex3OxcVd20lFFMcWWVqDRunZ1upTn_HjbCGRhL6mDUq5UUa3g3fbiHHOKQmcKsuqp74SJqaCFZTIqLOv1SudJg3YIuq-XzntPmljScUcyFwsPl3dbpvC82bIOgngrK3SPq8bQNh0jmQbKtzky_vFf3SL4QDd7WaYhL9L8VYWU-dFVD6h1DflDUnRw5mhdcjHWeLgTnrZXZC26ik9t_5e_MoLp6IjAcaoaEt0hU-6Gmn1o1h6KEneRvv-q8UA8PwCLnjoS6O2Hmm7iCiDhUZaMBTNsFsoZQ28JXG6No_l5LRoNU3_0U3PT3i0leyR9hAqJsT78auCOxTJ94r5QBG4E4i_25UMmFmq_oqpsMFEdIqKScmVQiK9YF4ePm6Cnznj1yUdkD_836GQJBKQ8MAhetnYm7IWMDxlkUlG1SLQXo2anGX76kZ-RWDkD50RO174Fzc04P4S_IpxWXUQSXKmp474qpPUtYxn7vy7c8rQ3UMBZCVm4Hbasky_M2mfP5KwUnnrZXiospupnZp0xe-PfLauAFL7SCt9BnhjCgc4iWn8T7EJbnk0puhHzJ0l_F7dWvBriW8PtrcHfQD4C7WUDmhepQAZcbhS1_xu3kzfjwcDXd77srPCzTYqFioFIXlVC3CrLuJ2s7aMSlX6QbkCbN4veHM85xsnz5hSH3Do12trNgZeXcxlkbItGyIV8JkB1NxoFFgpHrPX2pxSiuRs0d-T4EtvJmqgS8N3rsSIpK2WDhtl4-WjGEvmaRyVBHUzALdjdW8k73E91uvJrQTQXz9T_dZwgSouuSXcHzipyPEZMk_wkX4S-Xtc-WTJ3PYBZBSp0wIfi63VRWyCMogUE9UFb_s3v32ECZJth7hwPdHfuya7EACDn2v7sEeSi3e8RR1UNmTiMbyrvo3ayjEg7dMW4EAhZJh9BpTv3fAyDCqx8nrSeiotGcel4iJYu9qxJBxDK4vnD_8twpbqs4bC9bJ0eUOLUmXHGRmsB4sx5QSe2GQh2GY3O2xacbTZ2ttwVzrqoJeY3mzAByqJVB3MdDDohUDdBfWQ3sIv4AvV4403zwIJSd92M1sI4jTbsPQHlhGDmjH8rqLvCOYPV0X9F1QV39KxmU3E1kgJSaKim1p1RwPNeRGVejcHhL7SHpxvvSfD9rOPfjNGTRI2_TgJGe6t-DkyIoRWTG2TKkX5jk3bC1b5RTBhk4ba7TbqwPDd6wXF78w9tssxMz74ts_qhOdlT8TQvJdDACxnmsk9YDiKz6LncY7bjwGY_LHOMNTFhIB9rj8zWopW72Vs3FP_sMX3IMxLqMf3El7553O2V8KFUbgXsfFU2BguGe_8hTPhZsGukKRpa9S_kozP2tVtAoCjqK1E4iDhWVs3iASgSu5XxqSWsRbZa9SNxwwnKzj70lykqC_EYf-GK-4XMWDiMqSrU2tKbPZABQsuF6K6t9zOADoSqFW2AAUICpZ82Y4uI3LobD2s9knFDHpZ8nIAm2BmQrpMlMLXHFTqDOp5aC5MD84ulOG2O0b4c0Kg5tsDCc6cNdjMQuKmn4oB72-9PmbWCxehPnTdAEnAfbUgvsRry4joqzDkRigpC_UyDrMpNGL5gKdT4yM6oWP7UV6rFYIjkxyCfDGtdyRQpVAuyj0bI8lJYjZeKZ7iIPCQOq4vfWtCZu2LkazqLbK0KcQRJ1ZMBQ75UBxuSqiED63RCziyrguIV58AiPhENitn4ME6xBDf37qwCBsApTFZ60pg1CidkYUhH6ofEYyHVxOuE4KbbROfBqG-ms6Ry-sHsF9DaT9ieAYvFD2hgKvGw9WFIA4IU90hGCcGnojE05tCaqEPrEd064W7e4XCGjVIGFpTbRvCvweI9Ik5364wuqLqAu_yup0hN94r4SbedqZlsuKmNyMaBj-P-bfH0g5RI8Awd_J3MsOeRogxHLVpxkrzVUc9xUNEdA4x_1jcrGIch16OkevE_7loF6tbhETLvysNTInPGWdVDL_wi-4gC7y93ncBzHuzpWA-0TMLmJqcblmb5SIN-E0I53O6RLLmFYw8-SCbvN5EJv4ByHhL4eG-6vfLvlRZy_kbq_waKcFbncGNLCC5kVRCSNbV3DcD-vjRyh8V0D1lZuTOmcqIvZscBuLdcvFhQjRQbBDqiMCxiT8KKFPLsR-6fPKODqS6drp0apUg56RDwPEwGPbUCLUW0H72zMG5ROk8A43cE0JTbh7ggt4qdktEYboU6z8cdMqyUk09CNzJ2vTwZw-WiJeV5ad55AkQxHg7DL-3hGP5RbxZe5wh_ftA7QHvllE9XvepbrGzwRHOIa0mgTBh_93ravGUdiXoJG2BvQuWPoHBzGnvzKDTOUXZTf6YTL8cseqOL8Ojb6icpjA_OZEzEhHRIl0exZI_hn8IVKAZEvCV4-LDqzrkRHNjSZ4uol-oDRKBeNntZgn3zsxdajX4Pf4vQhmtmpWAvDaHo1V4DUCIP-MT_VOuxxxBexYIYfbdInAa-LLrb2wYoazSj5iRlJHnHP7LAJkyfPi7r-HdlEf9i3b4IfOgp4_5XgYrRdh5xas8L44AGUl5NKZ0fE3Zkke3yEb-dmu3qQ5zySPiFqesu-lsy5X55_5uQ33TaUyYtkp5Na4DcgLxki9J0Mdie83SeoDPJbqNhoP9cjJ92r0_8pWK6cSa0q9rJUVwnPPpZT5NjcZEBpupUcneKpDUsmPFUR0tD5iFpa4HQ8shRy2ktQ69f7O22YLwdSBtq7jw1HCbnbT8dQpicrfCEk2ASfvj11QUQsUG8Mj3B4MFxQFBwHnKhKe3httFXjfRflZ_SpxnLI-JGU0XsEc46X6WSJfYQWHlYaUQgEEksAaQJSVhygez3gLVUKWapk5ShgtF0pdvnSEfNSR768OfplGYnsam7OAEaF2zcaVfGkQlhMDfFkNJzV4XidNOCiQ26pX5PLRN3WI0IYAWAB&bundleId=&ias_dspID=3&ias_campId=1010773593&ias_pubId=pub-1757064723917999&ias_chanId=1&ias_placementId=19749005473&bidurl=https://utua.com.br/br-cc-caixa-simples-p1/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hNdmGMQkb5NGABgdHeI23p&adsafe_url=https%3A%2F%2Futua.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Futua.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:dfa96b88-e5ec-97f9-255d-812c31a3aa47,c:juocyh,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-57fb8678c4-d2s2g,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tL8eFxm+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18*.1135760-69474508%7C181%7C191,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:22,oid:800666d6-2bcc-11ee-b2c4-064ea50ae1fc,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:23:06 GMT content-encoding br x-content-type-options nosniff age 5396 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4172 x-xss-protection 0 server cafe etag 16731591232229431525 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 14:23:06 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/ Frame 0A6E	30 KB 11 KB	58ms 57ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/abg_lite.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/69474508/xbbe/creative/adj?p=APEucNVRgmF0MvPZLd2yXgQSQqE9zj73VY_bxk10Ar7lU0eBO6jcyTc&d=CokBAKAmf-CE8WaHOrD-FIGeyCpvxVrJTFvK5EGL8VeMh1kUu9tEzB5vxWKeJfZLKD1g2jO5yJmC_MCRljZNcSOkzL4oBfX08nkBPdtGe2UGS8FDslq1CvGZrIyh3pFc5YH1uO_Pn7xyp3aJmYmholwna-xWnqIPKojWj-7xUVpG4FHH_r3BEDG_QwES6RUAoCZ_4E7nRnSeLO5UYR7SMLEjvG1J9JRfzFbmofE9VF1Q4u_PO4-lixFJ0GP1yI5cGX0Kxo3HnRnyfXph1J7ipc70kisO3AlTxa5bCOnJAHP7ilXH1j1U3dLr14mMzwQqFvRrZXdDWkGgUMMAwy7gY5WNE76qTQEFrRAfoVL3OEzSxakviZ9BO7j0AV0C4On5mT4WKahmWehso0hrVXB60X12ekvXm3qDxa_RuRxkSOTGThBa-AEwKnTnGd48ptBr8MpBmJqnHtSSjTaZjkgHnOtp36D54ovfyWUzdP-J5R1-b_mvxuj2dkZWy68zbf5IeUF-ptFxat96Lr3EWI667bp4Xv2Q82SqDcoN1y4sqAAtIyFWDGgUZjANvraZ3uoaR9SWyRIdASvtBqMAf2g6DYOePNIngdzpyUwUiyCXKyQ3CreAfU_YdOxpXRsr5AUE0SeAk_QHj0aqODrO8RaKcmSu-l8jTFYhnvo5R8OUkzbLNw2uf_ochRahTcsGYtj5z_4imJdbr05kX0uhSIgsPwl1H87AVd1SzUUk6_wtl7nrUjO-nlyadL_al9OI3krGBA7-2Cb7o7qOzxenpGauz7_QOp4h_ZyqDLgOIQIxLm2rrc37WQYCOEBeAQN9x16RfL5qObFI1o4p2g7lS7PBbPpqs4LW84MnKof7wHeB0MIFcZpOHU19az0L3cBA8yBkgnwNj8LYc3JErzwfrKB06WF8QYgnybj_g8JPCBG_BDoufIxQGtItR5zUjZNbQr-PCVuuMAXitG17t1Nmi2orR62o2YRNEc5c3ypra_s6EsiBGojuP-JmVprMKKdlRFo5IyTfnWolZ5inIPrV7_rTRcMCGkt1Y7mI7pn_J9S04Y1ofHr-bdex3OxcVd20lFFMcWWVqDRunZ1upTn_HjbCGRhL6mDUq5UUa3g3fbiHHOKQmcKsuqp74SJqaCFZTIqLOv1SudJg3YIuq-XzntPmljScUcyFwsPl3dbpvC82bIOgngrK3SPq8bQNh0jmQbKtzky_vFf3SL4QDd7WaYhL9L8VYWU-dFVD6h1DflDUnRw5mhdcjHWeLgTnrZXZC26ik9t_5e_MoLp6IjAcaoaEt0hU-6Gmn1o1h6KEneRvv-q8UA8PwCLnjoS6O2Hmm7iCiDhUZaMBTNsFsoZQ28JXG6No_l5LRoNU3_0U3PT3i0leyR9hAqJsT78auCOxTJ94r5QBG4E4i_25UMmFmq_oqpsMFEdIqKScmVQiK9YF4ePm6Cnznj1yUdkD_836GQJBKQ8MAhetnYm7IWMDxlkUlG1SLQXo2anGX76kZ-RWDkD50RO174Fzc04P4S_IpxWXUQSXKmp474qpPUtYxn7vy7c8rQ3UMBZCVm4Hbasky_M2mfP5KwUnnrZXiospupnZp0xe-PfLauAFL7SCt9BnhjCgc4iWn8T7EJbnk0puhHzJ0l_F7dWvBriW8PtrcHfQD4C7WUDmhepQAZcbhS1_xu3kzfjwcDXd77srPCzTYqFioFIXlVC3CrLuJ2s7aMSlX6QbkCbN4veHM85xsnz5hSH3Do12trNgZeXcxlkbItGyIV8JkB1NxoFFgpHrPX2pxSiuRs0d-T4EtvJmqgS8N3rsSIpK2WDhtl4-WjGEvmaRyVBHUzALdjdW8k73E91uvJrQTQXz9T_dZwgSouuSXcHzipyPEZMk_wkX4S-Xtc-WTJ3PYBZBSp0wIfi63VRWyCMogUE9UFb_s3v32ECZJth7hwPdHfuya7EACDn2v7sEeSi3e8RR1UNmTiMbyrvo3ayjEg7dMW4EAhZJh9BpTv3fAyDCqx8nrSeiotGcel4iJYu9qxJBxDK4vnD_8twpbqs4bC9bJ0eUOLUmXHGRmsB4sx5QSe2GQh2GY3O2xacbTZ2ttwVzrqoJeY3mzAByqJVB3MdDDohUDdBfWQ3sIv4AvV4403zwIJSd92M1sI4jTbsPQHlhGDmjH8rqLvCOYPV0X9F1QV39KxmU3E1kgJSaKim1p1RwPNeRGVejcHhL7SHpxvvSfD9rOPfjNGTRI2_TgJGe6t-DkyIoRWTG2TKkX5jk3bC1b5RTBhk4ba7TbqwPDd6wXF78w9tssxMz74ts_qhOdlT8TQvJdDACxnmsk9YDiKz6LncY7bjwGY_LHOMNTFhIB9rj8zWopW72Vs3FP_sMX3IMxLqMf3El7553O2V8KFUbgXsfFU2BguGe_8hTPhZsGukKRpa9S_kozP2tVtAoCjqK1E4iDhWVs3iASgSu5XxqSWsRbZa9SNxwwnKzj70lykqC_EYf-GK-4XMWDiMqSrU2tKbPZABQsuF6K6t9zOADoSqFW2AAUICpZ82Y4uI3LobD2s9knFDHpZ8nIAm2BmQrpMlMLXHFTqDOp5aC5MD84ulOG2O0b4c0Kg5tsDCc6cNdjMQuKmn4oB72-9PmbWCxehPnTdAEnAfbUgvsRry4joqzDkRigpC_UyDrMpNGL5gKdT4yM6oWP7UV6rFYIjkxyCfDGtdyRQpVAuyj0bI8lJYjZeKZ7iIPCQOq4vfWtCZu2LkazqLbK0KcQRJ1ZMBQ75UBxuSqiED63RCziyrguIV58AiPhENitn4ME6xBDf37qwCBsApTFZ60pg1CidkYUhH6ofEYyHVxOuE4KbbROfBqG-ms6Ry-sHsF9DaT9ieAYvFD2hgKvGw9WFIA4IU90hGCcGnojE05tCaqEPrEd064W7e4XCGjVIGFpTbRvCvweI9Ik5364wuqLqAu_yup0hN94r4SbedqZlsuKmNyMaBj-P-bfH0g5RI8Awd_J3MsOeRogxHLVpxkrzVUc9xUNEdA4x_1jcrGIch16OkevE_7loF6tbhETLvysNTInPGWdVDL_wi-4gC7y93ncBzHuzpWA-0TMLmJqcblmb5SIN-E0I53O6RLLmFYw8-SCbvN5EJv4ByHhL4eG-6vfLvlRZy_kbq_waKcFbncGNLCC5kVRCSNbV3DcD-vjRyh8V0D1lZuTOmcqIvZscBuLdcvFhQjRQbBDqiMCxiT8KKFPLsR-6fPKODqS6drp0apUg56RDwPEwGPbUCLUW0H72zMG5ROk8A43cE0JTbh7ggt4qdktEYboU6z8cdMqyUk09CNzJ2vTwZw-WiJeV5ad55AkQxHg7DL-3hGP5RbxZe5wh_ftA7QHvllE9XvepbrGzwRHOIa0mgTBh_93ravGUdiXoJG2BvQuWPoHBzGnvzKDTOUXZTf6YTL8cseqOL8Ojb6icpjA_OZEzEhHRIl0exZI_hn8IVKAZEvCV4-LDqzrkRHNjSZ4uol-oDRKBeNntZgn3zsxdajX4Pf4vQhmtmpWAvDaHo1V4DUCIP-MT_VOuxxxBexYIYfbdInAa-LLrb2wYoazSj5iRlJHnHP7LAJkyfPi7r-HdlEf9i3b4IfOgp4_5XgYrRdh5xas8L44AGUl5NKZ0fE3Zkke3yEb-dmu3qQ5zySPiFqesu-lsy5X55_5uQ33TaUyYtkp5Na4DcgLxki9J0Mdie83SeoDPJbqNhoP9cjJ92r0_8pWK6cSa0q9rJUVwnPPpZT5NjcZEBpupUcneKpDUsmPFUR0tD5iFpa4HQ8shRy2ktQ69f7O22YLwdSBtq7jw1HCbnbT8dQpicrfCEk2ASfvj11QUQsUG8Mj3B4MFxQFBwHnKhKe3httFXjfRflZ_SpxnLI-JGU0XsEc46X6WSJfYQWHlYaUQgEEksAaQJSVhygez3gLVUKWapk5ShgtF0pdvnSEfNSR768OfplGYnsam7OAEaF2zcaVfGkQlhMDfFkNJzV4XidNOCiQ26pX5PLRN3WI0IYAWAB&bundleId=&ias_dspID=3&ias_campId=1010773593&ias_pubId=pub-1757064723917999&ias_chanId=1&ias_placementId=19749005473&bidurl=https://utua.com.br/br-cc-caixa-simples-p1/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hNdmGMQkb5NGABgdHeI23p&adsafe_url=https%3A%2F%2Futua.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Futua.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:dfa96b88-e5ec-97f9-255d-812c31a3aa47,c:juocyh,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-57fb8678c4-d2s2g,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tL8eFxm+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18*.1135760-69474508%7C181%7C191,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:22,oid:800666d6-2bcc-11ee-b2c4-064ea50ae1fc,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:23:53 GMT content-encoding br x-content-type-options nosniff age 1749 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11572 x-xss-protection 0 server cafe etag 5014499061205845695 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 09 Aug 2023 15:23:53 GMT
GET H3	200	dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js Show response pagead2.googlesyndication.com/bg/ Frame DDFB	37 KB 14 KB	58ms 57ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7510acfe24a32d83799811456324f23dc4e232b122f6fb98b21f94cf6de6529f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 10:07:50 GMT content-encoding br x-content-type-options nosniff age 20712 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14586 x-xss-protection 0 last-modified Wed, 19 Jul 2023 16:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 25 Jul 2024 10:07:50 GMT
GET DATA	200 OK	truncated / Frame 0A6E	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0a8eaf68639c9c0d75434fdd090f77856fee8d100d0707deec323d3c6ef5cd80 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Type image/png
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/ Frame 6BBD	163 KB 92 KB	175ms 58ms	Document text/html	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 35780cbede43786d50dcf8f68d67034cd1fc4eead25bca09cfaf9bc6f2d6f84d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 215241 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 93974 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Mon, 24 Jul 2023 04:05:41 GMT expires Tue, 23 Jul 2024 04:05:41 GMT last-modified Wed, 08 Feb 2023 09:21:21 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame ACEB	0 0	253ms 101ms	Fetch image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsublA3i7Bq4VfStaJ6wdM-zpwDO769A9CXIxPOEQVDgdXKwYwO9XXSYnhLh81S7lWwI2Fp8ECAtIy1VKCNhGbxm8FkNmura8sU5KmLPM6aezsris31K8AxKwIYPFrCDK_fd0f6P-bCGI6lUpGv0VG61sy8n8fzHcQ5CYsGhhmcbVFBRSEjqGzpBFNIAKYLZZIU3CGtIxSeB_UaLxgw&sai=AMfl-YSWynvPZvtw8ffhg0RUmbpnadlXBePzwbnEUwoBOSBmTI1rO0jl_GD4UBH4a2t1EbmTeAB3ww8P2sIfNL8e1upd3sAEWPymY-jj6pFYcj6DZ0hTT_koiwGA6x-dZGAALrrYvc3DJMUtU87QSg2lxcPBZQ&sig=Cg0ArKJSzLeXpNcNDsWlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=387&cbvp=1&cstd=383&cisv=r20230724.83724&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:02 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 26 Jul 2023 15:53:02 GMT
POST H3	204	csi csi.gstatic.com/ Frame 4BD7	0 17 B	60ms 59ms	Ping image/gif	2a00:1450:400f:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lkjwn8pw&c=1703064373553&slotId=851532186776.5&qqid=CMKewrzdrIADFUmYhQodwwsN9w&fb=outstream-lima&vmfc=10&vhc=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400f:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	HdsydzJK.js Show response tpc.googlesyndication.com/sodar/ Frame 4BD7	41 KB 15 KB	55ms 54ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/HdsydzJK.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 20 Jul 2023 04:59:33 GMT content-encoding gzip x-content-type-options nosniff age 557609 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15407 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 19 Jul 2024 04:59:33 GMT
HEAD H/1.1	200 OK	file.mp4 r5---sn-5hne6nsy.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4BD7 Redirect Chain https://gcdn.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa... https://r5---sn-5hne6nsy.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,ita...	0 0	174ms 33ms	Fetch video/mp4	2a00:1450:400e:7::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r5---sn-5hne6nsy.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5A000745A89CA684F7596E55C9802ED5405279CD.185C48BBF2DDEC3990923D83B165002B5189E832/key/cms1/cms_redirect/yes/mh/NA/mip/2a03:1b20:b:f011::4e/mm/42/mn/sn-5hne6nsy/ms/onc/mt/1690385372/mv/u/mvi/5/pl/48/file/file.mp4 Protocol HTTP/1.1 Server 2a00:1450:400e:7::a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Date Wed, 26 Jul 2023 15:53:02 GMT X-Content-Type-Options nosniff Connection close Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 5227658 Last-Modified Thu, 11 May 2023 05:26:02 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin null Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin null Expires Wed, 26 Jul 2023 15:53:02 GMT Redirect headers date Wed, 26 Jul 2023 15:53:02 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 650 x-xss-protection 0 pragma no-cache server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com location https://r5---sn-5hne6nsy.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5A000745A89CA684F7596E55C9802ED5405279CD.185C48BBF2DDEC3990923D83B165002B5189E832/key/cms1/cms_redirect/yes/mh/NA/mip/2a03:1b20:b:f011::4e/mm/42/mn/sn-5hne6nsy/ms/onc/mt/1690385372/mv/u/mvi/5/pl/48/file/file.mp4 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	csi csi.gstatic.com/ Frame 4BD7	0 17 B	60ms 59ms	Ping image/gif	2a00:1450:400f:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lkjwn906&c=1703064373553&slotId=851532186776.5&qqid=CMKewrzdrIADFUmYhQodwwsN9w&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=793&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1wi~videopreviewvisible.1x2&ape=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400f:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/ Frame 2E41	165 KB 92 KB	102ms 62ms	Document text/html	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e204206dca6b6780ce9f167b5fd0bbaab8c23b98f4029b02466d28fbe68d746 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 36075 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 94081 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Wed, 26 Jul 2023 05:51:47 GMT expires Thu, 25 Jul 2024 05:51:47 GMT last-modified Wed, 08 Feb 2023 09:20:44 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 0A6E	0 0	178ms 101ms	Fetch image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1iJ8xRcAzMjYV14cCPaoZSZgMnxsPbqsq19tLb6FspX7mhwRiL_Vaya4kP_Y08tSBYLUC2tuUTZF7nyoDQCcpWN3gpX_f9yXT9jOKXBgck8Eza1Y846ortkQvkGwNV1V2NEtbHLsuhnTs-w_7h3HxhfrEFKlkAmpnkrvaehAXciVuvDUAi6W7_he0k5Yy9dLleezJVejklXPzQas&sai=AMfl-YRMib8q6mVz4EbYjA8Swl_SsRLh75PXkM5_VgRhFAOXlyR3ORkQ095cZaNuwwbUKfvWHSf-EwbmdwtAEXhKbD7GeTkxN7fhwiFgokJWaBOENwbGtWtyLW5uAV2CvbXCnpxijleAyrNUr_va3ximGa-SSw&sig=Cg0ArKJSzEFW-HhwwGE8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=247&cbvp=1&cstd=245&cisv=r20230724.10205&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:02 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 26 Jul 2023 15:53:02 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame ACEB	43 B 215 B	205ms 197ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=353e14a6-5db3-05e2-fad7-4f50fe2502f1&tv=%7Bc:juocIQ,pingTime:-10,time:855,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE1LjAuNTc5MC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1690386782668%7C%7C1c9a68c446265dc706f1d8f227283035%7C%7Cd0bbb78e6e470472c335369488825264%7C%7Cf22c59e8298ee73ea7ad742fe27b7b58%7C%7Ce6c6970fd05b7dd21fefe69ec720b5f5%7C%7C57f3a7c16ad0889945c2ea47d482fb11%7C%7C5e96eaf91d5ad98bbbfb67fa0eb76c16%7C%7Cb6baf3ed3a0de4136d3012d7727337c6%7C%7C1663701684,im:%7Bpci:%7Btdr:538%7D%7D%7D Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server nginx x-server-name dt02.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	H0ZEmIz7.html Show response tpc.googlesyndication.com/sodar/ Frame 7777	23 KB 8 KB	57ms 54ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 205894 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 7799 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 24 Jul 2023 06:41:28 GMT expires Tue, 23 Jul 2024 06:41:28 GMT last-modified Sun, 25 Jun 2023 02:58:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	le2YPggbZzItL0QEOL0b-qj8mR5LAKEe68FtvWAdFZ0.js Show response pagead2.googlesyndication.com/bg/ Frame 7777	37 KB 14 KB	61ms 60ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/le2YPggbZzItL0QEOL0b-qj8mR5LAKEe68FtvWAdFZ0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 95ed983e081b67322d2f440438bd1bfaa8fc991e4b00a11eebc16dbd601d159d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:21:44 GMT content-encoding br x-content-type-options nosniff age 1878 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14655 x-xss-protection 0 last-modified Wed, 19 Jul 2023 16:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 25 Jul 2024 15:21:44 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A6E	43 B 215 B	199ms 198ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=dfa96b88-e5ec-97f9-255d-812c31a3aa47&tv=%7Bc:juocLI,time:854,type:e,im:%7Bpci:%7Btdr:575%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:154,o:700,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B693~0%5D,as:%5B693~300.600%5D%7D%7D,%7Bsl:i,t:700,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B155~100%5D,as:%5B155~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:638,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16.1135760-69474528%7C161%7C162%7C17%7C18*.1135760-69474508%7C181%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:22,sis:386%7D&br=c Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server nginx x-server-name dt26.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	Cisco_Logo_no_TM_White-RGB.svg.js Show response s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/ Frame 2E41	2 KB 931 B	69ms 63ms	Script application/x-javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/Cisco_Logo_no_TM_White-RGB.svg.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0ec058db34cc59a88a28a614511985cd3629885c221e962499640dd6cb46a2fc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Mon, 24 Jul 2023 04:03:03 GMT content-encoding gzip x-content-type-options nosniff age 215399 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 902 x-xss-protection 0 last-modified Wed, 08 Feb 2023 09:20:44 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 Jul 2024 04:03:03 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A6E	43 B 215 B	198ms 198ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=dfa96b88-e5ec-97f9-255d-812c31a3aa47&tv=%7Bc:juocMw,pingTime:-10,time:904,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE1LjAuNTc5MC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1690386782668%7C%7C1c9a68c446265dc706f1d8f227283035%7C%7Cd0bbb78e6e470472c335369488825264%7C%7Cf22c59e8298ee73ea7ad742fe27b7b58%7C%7Ce6c6970fd05b7dd21fefe69ec720b5f5%7C%7C57f3a7c16ad0889945c2ea47d482fb11%7C%7C5e96eaf91d5ad98bbbfb67fa0eb76c16%7C%7Cb6baf3ed3a0de4136d3012d7727337c6%7C%7C1663701684,sca:%7Bspg:353e14a6-5db3-05e2-fad7-4f50fe2502f1%7D%7D Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:02 GMT server nginx x-server-name dt16.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	Cisco_Logo_no_TM_White-RGB.svg.js Show response s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/ Frame 6BBD	2 KB 931 B	59ms 58ms	Script application/x-javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/Cisco_Logo_no_TM_White-RGB.svg.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0ec058db34cc59a88a28a614511985cd3629885c221e962499640dd6cb46a2fc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 10:12:12 GMT content-encoding gzip x-content-type-options nosniff age 20450 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 902 x-xss-protection 0 last-modified Wed, 08 Feb 2023 09:21:21 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 25 Jul 2024 10:12:12 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2293	0 20 B	96ms 95ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgxsQXUHBZNr-K9qG-gaE3pvIBgAAAAA4AeAEAg&bg=!MzClMGTNAAa0yfNklMk7ADkAdvg8WoKi1VFC_oLeljtkdWXmXpOgVsPS2HCWF9h-Y8X6PgepZxNWT8EqCnCV3Hag162QMBT86NACAAAB11IAAAAHaAEHmQL3novixirDw-nY_QPS_1x_2e8qeSjd2ouEaZxFo_puR272vIp4loYy6iDjfYfLQMTLSA1QV4g5PqsoxoqlbfyqQ2jRFOAuUyg4pWYyzPFskit8WJrkOZ1xRuDrgBFp4P0ASlJhdcuiuWdnohd0f4xFsZ8fjmJ8pFuT5m6SpuR5fUtycKZBKZ9bBFWGzjO4UNMwCzHy7Y99gbaYFFG33ff13yzJ-Oq0yEQXvGoYCzBbrCMX9QsKcOBDW4F5XHo_1wPIerF4vMu5fo0cwbIjVv3muMtoG3lKZJ8L7wRutGTLX-hb-FXTUoBa3Ck16G5UkhC8YFmVRFgXefIF1ghH6qmP0Wle3NbkRlcA9wKHQ2vMZsPb7Wdi6zjEROQ95mlypTWQJs7wUBYizvt6Lz2gS-ZvuI5v8l585rTWyDDm0OZt4FYQ2v-4a3Xk_gG21X6RF1sGOuKWv2uo-Nfxb4RtjSZRK6uOprrOiO4MavO8eUpJUvAIUPuIeS0XquOVUotbE8_PCa65P9TC2zXEefEs1P-MZt8VQhEJxG-RVIVt-m4SuYAG1XnKTakESikI5mLIxp751BCnaZ_1gOlTCdN8UrvokxAvXlQaaoam61wGhvxB1qvsA6wEdkfUdYHUW03yt6qzS0PObLexzFzBmXrLdSisEh-FI0Fsdv60Ui6RhH5nexK67H9xIyBftWV29zxRZIXj56uDmkU3wFl3brldE3ZnssGAUhfrOaAFxUyk6C_Nlaf0znrE0-hCD1glzu4gewtzbwPTMar-lol1UyJ7gLgsdCfM9kaGLMbC5-pyVfiR2G0d4AaIV8coIKobZsAGpUsI9ZnzA-LdRQdQGU1DxOvbc_s43vMc-h7tK8PguwNkqVdsdFjG1M_E5-KhYR2XD1mrUaZnb52e2v0zME4IjhXXIX7Ti0JOy_TClKnriDlP1vawoRaAHlitiplMTMqaCBAC8nGvFpdwRpZqm3lRaoTdmF9lRHfwTZflDEQFFYR3SfoQkxgQmBlU Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	206	file.mp4 r5---sn-5hne6nsy.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4BD7	3 MB 0	70ms 36ms	Media video/mp4	2a00:1450:400e:7::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r5---sn-5hne6nsy.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5A000745A89CA684F7596E55C9802ED5405279CD.185C48BBF2DDEC3990923D83B165002B5189E832/key/cms1/cms_redirect/yes/mh/NA/mip/2a03:1b20:b:f011::4e/mm/42/mn/sn-5hne6nsy/ms/onc/mt/1690385372/mv/u/mvi/5/pl/48/file/file.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400e:7::a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Range bytes=0- Response headers expires Wed, 26 Jul 2023 15:53:03 GMT date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff Content-Range bytes 0-5227657/5227658 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 5227658 last-modified Thu, 11 May 2023 05:26:02 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=86400 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com client-protocol quic
POST H3	204	csi csi.gstatic.com/ Frame 4BD7	0 17 B	64ms 64ms	Ping image/gif	2a00:1450:400f:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lkjwn90u&c=1703064373553&slotId=851532186776.5&qqid=CMKewrzdrIADFUmYhQodwwsN9w&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=793&mt=video%2Fmp4&vs=640x360&ple=0&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1014661%252F71364485%253Fmon%253D71364486%2526omidPartner%253DGoogle2%2526apiframeworks%253D7%2526bundleId%253D%2526ias_xappb%253D%2526ias_dspId%253D3%2526ias_campId%253D%2526ias_pubId%253D%2526ias_chanId%253D%2526ias_placementId%253D%2526bidurl%253D%2526ias_dealId%253D%2526adsafe_par%2526ias_impId%253Dv4~~%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN7442.1972103DOUBLECLICKBIDMANAG%252FB27601193.367223508%25253Bsz%25253D0x0%25253BAUCTIONID%25253DABAjH0g7irQ-fgjaYurqUwxeb2OW%25253BEXCHANGEID%25253D1%25253BSELLERID%25253D834298991907%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Futua.com.br%252Fbr-cc-caixa-simples-p1%252F%2525253Futm_source%2525253Dclevertap%25252526utm_medium%2525253Demail%25252526utm_campaign%2525253Dbr-utua-ct-email-cc%25252526utm_content%2525253Dbr-utua-ct-email-cc-ag%25252526utm_term%2525253Dbr-utua-ct-email-cc-ag-2374%25253Fves%25253DdGltZXN0YW1wOiAxNjkwMzg2NzgyMDg1CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdEF4MklUSnRKbXIyb1BjbGYzVkFUcTBRZkdMY0Q4NGZwUDg4Y0p5R2Zjd2RXbUVzTFZJcldMak03Q2h0WkFsU0JRS1RkX0RJaTBLT1hGTFRDWEVudmd4d3FyWVlYNUx4VVBmYzBPbWdyT1dMUS1taEY3NnZ1MERIZWliYjhUWld1akE4NHZnS0VPMTNYdFBGOGNORzVoWXd5aU5yZnhvTGxoTVRHZlZ1OWpRNElzZzlZaVhlVXJxMGZ4eXN3MmRqOURXS01pdFM2cHVhRUtlYU15TXFSMEFsWG5IeHBnUTVsVC1vM1J2M2ZzcTBydTh4WndYa3BQTE44bHU4U2ZIVE4zeXlIU1pWcjEteURMVm4tcXVUOHR0a0pXWVlEMHhrVi1qRlBSRmZLT0ZHU1RCYkkwSzc3R1ZLTUxXZFRnTTU2MWE1eFAwR1FLWmhMbWVTVWlxalVUR2RqSjZaZzdhdlhQdU9WS2xCTGxWeWNhU0YxV3FaS1pLX29nMHRjMm1nanZsTEE0MG90a2tZWHBhNm52RTBBNVN4MXdpSkwzeVhOa1ZzMXVjN0tYRmowWl9sdEdEUmdia3hhMVBuLW1sNzB1eC1VRWREb2ZTZTZWSkNDNHdDbnN3U2N0RmJMN042ekVpNzJWTlk2LWxGM1UwT1NFZEZ0ZmF4N0tmRGNBVjlmOFNWaDE1ajNuaVAtU2RtbXlDRldFdEV2dHpNUU5PTzNIRWhmcVFNc1c0U0x3OWNXZnFDaVV5SGhvcThXbDdRMHdDekFZUU5JNTEyaUxwNXVkeDFzQ3l6LVFtajAzX1pIaUFOc28xdlg5UXdfb0dIcVhyLTNSdU1EZ3R6dHZUOXpxVGJCLXF2UEVxV1Q4NXRQNjBFTWJuYXpZTmZqSXJJVnRHZlpjeHVYRDRXbUFXWFFUZkN4eDBHWnN4cHNrcVlpaUhKVUJING5Uai1GREFSRjVfMVFoUnNHUUhNV3J0M09NUXhsMDFqc2pOSzZTNGpaM2FObl83S0hYNEEzYXVJZFF6MnBqTHJidWJubGNKeGJ0Mi1GN2VIbDRnNE9XRkh3UGxnZDY3bDh5dXhDNkJ0bWl2QkttMV81NnpPSnk3TEdIWWJYbmpwem1aeUs0SFhGVHo5b3lqSDlBSFlxNGF4d1J2SFNTUUN1UHk3MllRLUhVU3ZrZkhzSkZSc0ZUenBQNWM0MV82Zl9fa0xKQ090ejh2QWlnQVpmVG5wcGlKbzRqYjJaR2x5aWhscVRfRlp3YlNWQnFxcnhlRDdPNjNPUko0NmJHdVlDTThzUUdmVzMwbUdobGZ2bUlGQ0o5WkhTZE1ud1Y4V0gyNmt4N0ZGTTBZM042ZDVlRXlwLTFnNlNHc09IYVotWXMwMmltZUVDLW5INk5sc1dRMWxIazNWSFlOX2lDTFFDTk5xdWlMVG1mV3k2aGpjaUN6Sm9ZbEg2SnN4cVZDempOUDhlanhobG5ENS00d1doMUtPMFdybkxOb2hITlI2bzhaMVBsM0d4bHBkYkhmaGNmbTNOVXNvM1ZNU0NDclVDUmNaN1A1X3BJc0tWWW4yMG5tVlZ4elk5WldjbDU0dUhkTkNfenZob0VMQkFLdU1xVmhzUEhaUEZyWWlQMVNtZDdiajlucHh1ejAyQmRVd3daVEZ5QmVGVEh3NkZERFktb3l3M3ZLMEsxYmZnRHhIMWtoUGZGZDd3QWpVODZUc2Mmc2FpPUFNZmwtWVRfb1hKM2ZUT3dfbzQ0ZlpoR1JYQjBZQnB1cm5RRnRWS0E1aWk3MHk1WXliWk8xVG54cHVBNTFFTkVTT3VJcll3dmlWMFVuMnZ2Q2hCUnVfUC1DSVdIbDQ3OXVxUkxTZ1gwcVFHdDlZMVkwMTJ0eWRFTk5RSU92My1kMGw5SEl1YnVPUm85Tm04SDdCcHBNLVhFWWVLZFQxZVFEUE1OMUxLUjRvTllpQ3FncDZWVXItRjF6WVhrZFotb0R1SGhnYXgtak5nOUhOMURYTHI5bC1nY3pRSkR6MVd1VkxGNHpKaldkVkl0d2c4MkVZSzAxbmpaalhVOHFnVmYxU1RZcXNiM0xsU0xQRl9JRFdGU1NOWUVBZ3JaT0QwaFoweVNLYmdQLVBHS2tGZURjb3hZeXlMbW1jQnhCLVFmZ2RidjhBZyZzaWc9Q2cwQXJLSlN6Q1IzNXlFNi1xUzJFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LmNpc2NvLmNvbS9jL2RlX2RlL3NvbHV0aW9ucy9oeWJyaWQtd29yay9yZXF1ZXN0LWRlbW8uaHRtbCUzRkNDSUQlM0RjYzAwMjQ2NCUyNk9JRCUzRGRtb2NvMDI4NjEwJTI2RFRJRCUzRHBkaXByZzAwMDAwMSUyNmRjbGlkJTNEJTI1ZWRjbGlkISIK%252526dc_cid%25253D191547418%252526dc_adid%25253D557904688&encoded_body_size=0&transfer_size=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400f:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 2E41	73 KB 73 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956 Request headers Referer Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET DATA	200 OK	truncated / Frame 6BBD	73 KB 73 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956 Request headers Referer Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 0A6E	0 0	100ms 98ms	Fetch image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1iJ8xRcAzMjYV14cCPaoZSZgMnxsPbqsq19tLb6FspX7mhwRiL_Vaya4kP_Y08tSBYLUC2tuUTZF7nyoDQCcpWN3gpX_f9yXT9jOKXBgck8Eza1Y846ortkQvkGwNV1V2NEtbHLsuhnTs-w_7h3HxhfrEFKlkAmpnkrvaehAXciVuvDUAi6W7_he0k5Yy9dLleezJVejklXPzQas&sai=AMfl-YRMib8q6mVz4EbYjA8Swl_SsRLh75PXkM5_VgRhFAOXlyR3ORkQ095cZaNuwwbUKfvWHSf-EwbmdwtAEXhKbD7GeTkxN7fhwiFgokJWaBOENwbGtWtyLW5uAV2CvbXCnpxijleAyrNUr_va3ximGa-SSw&sig=Cg0ArKJSzEFW-HhwwGE8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=689&vt=11&dtpt=442&dett=3&cstd=245&cisv=r20230724.10205&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 26 Jul 2023 15:53:03 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame ACEB	0 0	122ms 95ms	Fetch image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsublA3i7Bq4VfStaJ6wdM-zpwDO769A9CXIxPOEQVDgdXKwYwO9XXSYnhLh81S7lWwI2Fp8ECAtIy1VKCNhGbxm8FkNmura8sU5KmLPM6aezsris31K8AxKwIYPFrCDK_fd0f6P-bCGI6lUpGv0VG61sy8n8fzHcQ5CYsGhhmcbVFBRSEjqGzpBFNIAKYLZZIU3CGtIxSeB_UaLxgw&sai=AMfl-YSWynvPZvtw8ffhg0RUmbpnadlXBePzwbnEUwoBOSBmTI1rO0jl_GD4UBH4a2t1EbmTeAB3ww8P2sIfNL8e1upd3sAEWPymY-jj6pFYcj6DZ0hTT_koiwGA6x-dZGAALrrYvc3DJMUtU87QSg2lxcPBZQ&sig=Cg0ArKJSzLeXpNcNDsWlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=911&vt=11&dtpt=524&dett=3&cstd=383&cisv=r20230724.83724&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: utua.com.br URL: https://utua.com.br/br-cc-caixa-simples-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=br-utua-ct-email-cc&utm_content=br-utua-ct-email-cc-ag&utm_term=br-utua-ct-email-cc-ag-2374&an_uid=22c6d7999e5934e8cf4ff3621ac2477d95cb414d257f173e436a4e9b1877c33c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 26 Jul 2023 15:53:03 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame DDFB	0 20 B	112ms 93ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSYGeXUHBZNfYL82KgAer6IPAAQAAAAA4AeAEAg&bg=!qqmlqf3NAAa0yfNklMk7ADkAdvg8WsIUno4WHfiS67_it4ZIpmQPpL4D532EUAXZRV5EUni0ZmH6l0NORgO-xPsmoHHcLLK4FPsCAAABTVIAAAAHaAEHmQLxEpu3cnUd4dH3o13UXTDNjylxqeMoQ_nIIw4VbCHI1iZbSWgHJRUCAI8o3DTiU-47XQsd0Yc21Vya6lDw86lZTWWimWyJ799JJLj2Y5K6MumqLzOn5ggJuFf0gLBBq4Z-fbod5tazlmB9eS_G0cu23MFNrkvO8yR8AECVsOQH_shYnc-ixq8oRuWfM70G5pG56o8z5CxM5E0QMiqy-ONMVaLHbxR-sCd0X_QT2zrgp7TwTU8CwwIW99vnT9ziKtMg1-tQZqyp4zQ9j5VIelw8XExVnfew4ZvazAEl6ZG-nVWUm77ijXG0fGJeqjEorksNdL3z0XoGwjrch8CB-Uex8Ved6hyV9fozn-h5hTtwkprYX4NEdRPdOwLrhmETGaodV8OvhfA4k-BatoLdV7occuzfCj5KEwYoFC2kzc4S1L0WDr3lTQ-em0YUUtNGn8R8Ei70jgVD60d71Kbe6B3IoW3wGq_GRSYmIO7pA-0infVaV91jpnQuySukkZ9CbCqa5g6oWcFTdoGZDiBLd-DHXPZXPz1uBEP8c04ePYT9as6vFWwgHSQssEnRpv_I-e0SHcfpxg1_nPVIUIH4hMXOQOn1yJEYebKK3cGCbpqYus4l-AD-BlbBVF3kX4mIIADVrvMzH5dIKqIE_S4cDaqb_tIc53-wHxWOza-EQq0LMXfp2kMRiHHoGXw2p4e7Ftmr4R3BT0JxQTaq269ZVl_Nt0u82mQ4jGK2LJIKM8lONPbCjt13cEgR5HrPoykQOXjn1SJ8awq0A4FsvLB-gjkE2nOHDX9ypaG_RLJXnSZNvSvhiHn9pbNMUWjwhHKB02imxldEvmvXjP2fU2MpiF7Z2dv2jcZHbuiiGxWdHmtw80pp83OJN39P6j73qbtiOAQXFsH_caBiVX4KH-AGig1xMHOJ8Nna_Vxh-w3k37Fu16N_CIJ91MyZ51U45-6amr1fyu7olvPcnN_ZIdc7dQYtwkjPQ4XuAWGl3eTE9-KGt3Ji Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	GettyImages-1014150936black.png s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/ Frame 2E41	192 KB 193 KB	60ms 58ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/GettyImages-1014150936black.png? Requested by Host: 7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com URL: https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 183f0167528a6980cbd18446905a4cac7c2fda1933df60cd37d36865655eb19f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Mon, 24 Jul 2023 04:03:04 GMT x-content-type-options nosniff age 215399 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 197072 x-xss-protection 0 last-modified Wed, 08 Feb 2023 09:20:44 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 Jul 2024 04:03:04 GMT
GET H3	200	GettyImages-1014150936black.png s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/ Frame 6BBD	588 KB 588 KB	66ms 66ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/GettyImages-1014150936black.png? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 73704be22424a88a12d15dc4833636229b3e4c330d0f4e02af33e97d57baf93a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Mon, 24 Jul 2023 04:05:41 GMT x-content-type-options nosniff age 215242 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 602452 x-xss-protection 0 last-modified Wed, 08 Feb 2023 09:21:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 Jul 2024 04:05:41 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 4BD7 Redirect Chain https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ... https://dt.adsafeprotected.com/dt?anId=10173&asId=27aa905e-bc21-4981-b6b7-5c811d16d450&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...	43 B 215 B	209ms 192ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10173&asId=27aa905e-bc21-4981-b6b7-5c811d16d450&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A-949672960%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D Protocol H2 Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT server nginx x-server-name dt20.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43 Redirect headers Location https://dt.adsafeprotected.com/dt?anId=10173&asId=27aa905e-bc21-4981-b6b7-5c811d16d450&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A-949672960%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D Date Wed, 26 Jul 2023 15:53:03 GMT Connection keep-alive Content-Length 0 Vary Origin Content-Type image/png
GET H2	200	dc_oe=ChMI9Zq2vd2sgAMVz7FRCh3kNQAXEAAYACCakKtbQhMIwp7CvN2sgAMVSZiFCh3DCw33;met=1;acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%... ade.googlesyndication.com/ddm/activity/ Frame 4BD7	42 B 401 B	369ms 95ms	Image image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9Zq2vd2sgAMVz7FRCh3kNQAXEAAYACCakKtbQhMIwp7CvN2sgAMVSZiFCh3DCw33;met=1;acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D42304%26vmtime%3D14%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D451563346%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1690386783206;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11; Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ googleads.g.doubleclick.net/pagead/interaction/ Frame 4BD7	42 B 64 B	119ms 97ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/interaction/?ai=CarGkXEHBZMKACsmwlgTDl7S4D4Dph81wn4GZ4bMRpebAs4owEAEgn872fWCV-vCBjAegAd78oIMDyAEFqQKph_i025SyPqgDAcgDmwSqBOkBT9DAag8RUrOwA10qo3KRGo8VLJI-aE9xQJ6FUsDSRh9dfAv9NnDHCCj-s0Z8iHVLaWTQ1XGedauOL_fD6qQ2yreO4A-gQFKSc6xtJYxEUtPkZuoGfImrcuwsHp1_XvzobkoF7LhTM86bB9V-aL_H4HnWdvEKxnwhTAyugmd1rpyftdR1pBq-PjpIy9lY9QXWtDaA2OS-dosIyiqzzBbXm-HwXA2dwagO6n27demm3Qktw8ZcUQOE3hiE9Cg8fUhscQnZX3Gb4HBJ3EY-_drCwqlJ2J1o3DJ21Znuch4rwxHj33q5LezYnIfABLWasbf_A-AEA5AGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBP33ZoU0BMA2BMNiBQE2BQB0BUB-BYBgBcB&sigh=fJTTL_ao46A&label=part2viewed&ad_mt=14&acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D42304%26vmtime%3D14%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D451563346%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1690386783206 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dot.gif s0.2mdn.net/ Frame 4BD7	43 B 66 B	90ms 69ms	Image image/gif	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 05:44:04 GMT x-content-type-options nosniff age 36539 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-xss-protection 0 last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 27 Jul 2023 05:44:04 GMT
GET H/1.1	200 OK	pixel.png unified.adsafeprotected.com/ Frame 4BD7	35 B 174 B	143ms 52ms	Image image/gif	46.137.161.173 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vN2E1NmVlNjFjODVjMjZkN2YzNWEyYWQxYjFkZjBlNjkuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTAxNDY2MSIsImN1c3RvbTgiOiI3MTM2NDQ4NSIsInJlZ2lvbiI6ImllIiwieHNpZCI6IjI3YWE5MDVlLWJjMjEtNDk4MS1iNmI3LTVjODExZDE2ZDQ1MCJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY3JlYXRpdmVJZCI6IjE5MTU0NzQxOCIsImNiIjoiMTY5MDM4Njc4MjQ1MTA0Mzg2OCIsImFkRHVyYXRpb24iOi0xLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1014661&pubEntityId=71364485 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.137.161.173 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-46-137-161-173.eu-west-1.compute.amazonaws.com Software / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Date Wed, 26 Jul 2023 15:53:03 GMT Connection keep-alive Content-Length 35 Vary Origin Content-Type image/gif
GET H2	200	skeleton.js static.adsafeprotected.com/ Frame 4BD7 Redirect Chain https://pixel.adsafeprotected.com/rfw/st/1014661/71364486/skeleton.gif?xmtp=v&xmapp=0&xsId=27aa905e-bc21-4981-b6b7-5c811d16d450&bidurl=&ias_campId=&ias_pubId=&ias_placementId=&ias_chanId=&ias_dealI... https://static.adsafeprotected.com/skeleton.js	17 B 17 B	38ms 37ms	Image application/javascript	2600:9000:2450:5c00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/skeleton.js Protocol H2 Server 2600:9000:2450:5c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 20 Sep 2022 03:50:24 GMT x-amz-version-id nylqTweorRThFHMBJSrf_fHcWx3KVKN3 via 1.1 4bc6e08d9495b312ae3b91e801107f80.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P4 age 26740960 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 17 last-modified Mon, 17 Aug 2020 23:54:35 GMT server AmazonS3 etag "53fab767ecbd3bf07990b10246befbd4" content-type application/javascript cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id kUL0KLthxGCg5GgF6_HDgGWYzdG8X2Aa9sh6vRckDh5jUOFwTM5Abw== Redirect headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT server nginx x-server-name app21.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/skeleton.js cache-control no-cache content-length 0
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 4BD7	0 28 B	243ms 106ms	Image image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYWDG6KgjjRgxqiI0VboMdDqdTbMvPkEAjvigIlvW1DcOFiaT7F_gYTD5Wpgquk4AUGjThS3c8o5Zrfbd-evQ0TdRtR1tAQwNQFAO0P7fJjQZI1uD5Ra8LlG3lQOMZtLjG6jZT89p7zRYOHVFMS53-Ko7o3d3lFBTbIOEM5LcvdsP28tOTJ-1XO56v9cK64Knhkyq9wvdeaVIJprBoLiXq8yAD5ODuKAprKB97r9Vgf2yYeHR6TVMU5xc5Q-6w8ygfDf1Lbk_OEX0ApQTqo9iQVgu3TR78byM1z-56RfVnac3iW7EKgHC3euHfN-d4J7ZpuqsOOPGsu6dxzpp2tZ1sOxR3MMZcWZpzcSLyBgI2RxILYUliXXxsQimS_2ewoZ2UGtUrnfO6GYLiKll9aXzrZc_X2JvrDzpZ0cIShhvLNZhbbR9pEfcLYWWyrS88V6_ouhEv-e-njM9sNlXl3H5DpxdM9Wh0yMqhsGC5R_BnbV0vu4csWUnt9wOstT7ZvF2zJBozvKl57slnMRGWgb4RsKhDyC64ZpEM7KozQljBLhzpnH4khGZAW3kFYbt3ivYRS3a9C3dUW2rWdDIWg6RngViqLQBoLvF2LhCYYZqJfgoj5kLV0WreIxkx7oo3EJ-RLaRmaX8EYjRPh0mAlQ3rOa1nxqEu7rpNcjVO4IoBEYC3rfTu76fcAwx55vcA2Iw926HQbhNeRrqOgGamdbuc9NdeLjehslPf1PXMN-XHRRHdT6_NgzBfVLsMk3LukAFpSXpaJc9EqLy2T7c2ihKWBTfXQwEdmufwIMM21XHwoSncnp5T_-rF49D-9c88HvK9JDOHxua8CS9QNhNwwAk6VhkR1VsSWEhDhMW0WlwL8-6U7axXgfoH4UhZ4AjPs8RAQ0BS5v-7FGlXcbpRTP_ND7AmqTsnvfrexRkXNNATaH-VUKDId9HIiiUJ5stwCPc2MxoejEM5dieTuXRkiGgoPRVkTS77keovKrPfe54mKU6rREzPBFn2kWIFvI_UePWMAExe8M3-HrWEFOevUXJx8fcr6Ou07xO9xpPuyeWlyXuo81AHttyG1XxDl4mMV3PJ_6CVYYIgim56H5S7cAV63orWiza1ZN2o0BdVpHf3GlmXKZEFEROUtO7keXGvlQb3FZ1pq1jjef_cE69CKj_me7vV3GCiAdonc1FFpN8ZMyNYbbYafm2JJgTCqbBzPr8auhk4EvTP3m8Eq42rsDciC_Mmfy9mQ_P8mqY&sai=AMfl-YRFuV0VYd0BHAtsyIhFef7vRe6eqKuWOUeP0mrq9oa4rTSIUhTzkJlEKqDr6u42bdlsW2E0We75-ggNQtz1UInBhDxLLV2FUR_dRCw9C4w-eZp_FgOWejlYmR9nVLx4uLWsQmltvshXbTWVc1624Ji9zo9bRzG0JnR3RIKYnERnHUBuu6VSOc3WwI_4kH-bHE54FJ7WOiYlCLo7HzLRj-oUrYz8fY2IhXahmzq357LiazBeMxXetld_ZYKFyT--NSQUxRR8wBjRlOIEkP3z9cAFFQYUsPs8ozc0hQ1TWn4mc_ibZBwDspLW&sig=Cg0ArKJSzPG6oQKBLiXbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	pixel googleads.g.doubleclick.net/xbbe/ Frame 4BD7	0 0	118ms 105ms	Image text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjpzPLpASABMAE&v=APEucNXd0EzE-QzPczEnDwK8Cpo-cjvJJCW5QWPp8Z31bZWsLU4TF5UqIevuHicT3gwy3pYBK05xpGLxAzPnPm44IOyV96Ix8A Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4BD7	0 20 B	105ms 92ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 4BD7	42 B 64 B	104ms 93ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhddRcYybuuB8E2meJBCJ6WKKnPwEmhREfe6hPXXSbXYYSsoBLoAeokoJbWg5Tqe21P3vjgOX3xgQiCYDOJA_lsUHdGe58bWL_SCmpNIaqK6JRW_PjH2U4oe-Gs9zr8S4iPfjtBWTpDo0O&sai=AMfl-YRohXZ0X5kEyZdCQS6DbI0BDDA_EZXOgDBIKQ-U6EYYuRcqYOTGqVquzN0pfLF50zgfMM55mZRt0VignYqYKIrSbdct9AsIg6vhHn4VvhPH7oMIAZ3grgQEcJkSe-TY6s29zAmaWlemcHMp&sig=Cg0ArKJSzC_AdMFCo4UgEAE&cid=CAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgB&id=lidarv&acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D42304%26vmtime%3D14%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D451563346%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1690386783206&avm=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ googleads.g.doubleclick.net/pagead/interaction/ Frame 4BD7	42 B 64 B	114ms 103ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/interaction/?ai=CarGkXEHBZMKACsmwlgTDl7S4D4Dph81wn4GZ4bMRpebAs4owEAEgn872fWCV-vCBjAegAd78oIMDyAEFqQKph_i025SyPqgDAcgDmwSqBOkBT9DAag8RUrOwA10qo3KRGo8VLJI-aE9xQJ6FUsDSRh9dfAv9NnDHCCj-s0Z8iHVLaWTQ1XGedauOL_fD6qQ2yreO4A-gQFKSc6xtJYxEUtPkZuoGfImrcuwsHp1_XvzobkoF7LhTM86bB9V-aL_H4HnWdvEKxnwhTAyugmd1rpyftdR1pBq-PjpIy9lY9QXWtDaA2OS-dosIyiqzzBbXm-HwXA2dwagO6n27demm3Qktw8ZcUQOE3hiE9Cg8fUhscQnZX3Gb4HBJ3EY-_drCwqlJ2J1o3DJ21Znuch4rwxHj33q5LezYnIfABLWasbf_A-AEA5AGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBP33ZoU0BMA2BMNiBQE2BQB0BUB-BYBgBcB&sigh=fJTTL_ao46A&label=vast_creativeview&ad_mt=14&acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D42304%26vmtime%3D14%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D451563346%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1690386783206 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	csi csi.gstatic.com/ Frame 4BD7	0 17 B	76ms 70ms	Ping image/gif	2a00:1450:400f:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lkjwn9ct&c=1703064373553&slotId=851532186776.5&qqid=CMKewrzdrIADFUmYhQodwwsN9w&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=793&mt=video%2Fmp4&vs=640x360&dm=42000&event_name=first_play&asset_bytes=195489&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.2ek~ff.2f4~videopreviewstarted.2f6 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400f:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame ACEB	42 B 174 B	99ms 96ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_TbQcrb7v6Q5e8sJ_kzpMsgByjaUvUG3YREf0ZOSdDAxQfvPdu3v57lgBcf3Axv8tFiobD5ujk-PYNs8n3--HoAqdKdOpQzpxu8JqCXOy6tPp4zgzwm35m9_bREWXcddu-W9-EnqaOkIS&sai=AMfl-YRAUy7dw5ZjQhtDHh9E4JnkplUVL5z-oCKoZeDAuvfntyowy3OPdeLsQkM6ukd78JVs8XvLju847FumJMkmZyzYn3OQuQmrSzlBqp8yrp9vNfSLgQoam1AhHkqQCapPgN-lZ10zn5oPdVQ7&sig=Cg0ArKJSzIlLdH1TFAnvEAE&cid=CAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgB&id=lidar2&mcvt=1036&p=122,315,372,1285&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3399986936&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690386781322&rpt=887&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	GettyImages-1014150936black.png s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/ Frame 2E41	192 KB 193 KB	64ms 64ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/GettyImages-1014150936black.png? Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 183f0167528a6980cbd18446905a4cac7c2fda1933df60cd37d36865655eb19f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/769732471668729150/DE-DEU_XA-10_0_300x600_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Mon, 24 Jul 2023 04:03:04 GMT x-content-type-options nosniff age 215399 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 197072 x-xss-protection 0 last-modified Wed, 08 Feb 2023 09:20:44 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 Jul 2024 04:03:04 GMT
GET H3	200	GettyImages-1014150936black.png s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/ Frame 6BBD	588 KB 588 KB	62ms 59ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/GettyImages-1014150936black.png? Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 73704be22424a88a12d15dc4833636229b3e4c330d0f4e02af33e97d57baf93a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/14811183392013726729/DE-DEU_XA-10_0_970x250_BAN-A_HTML5%20_BOFU-no-Security-FirewallSubHubBanners-Security-ALL_0_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Mon, 24 Jul 2023 04:05:41 GMT x-content-type-options nosniff age 215242 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 602452 x-xss-protection 0 last-modified Wed, 08 Feb 2023 09:21:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 Jul 2024 04:05:41 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7777	0 20 B	94ms 93ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BS1vxXkHBZPXzA8_jxgLk64C4AQAAAAA4AeAEAg&bg=!vr2lvenNAAa0yfNklMk7ADkAdvg8WkTBN-Lm4tDxAp4SiEFgwf6cS1guE30bGYEd2nJl-Mmy4Y3VIb1fBt9JUtAJ5PqwBPn-dJkCAAABllIAAAAuaAEHCgAEK2W41ZkC8X2uAxQNgNRrI7dLEhPe-Srcfpaq5WWrHIZfo1Mbjslb0FbTKbBkfU6_tNU0-NHB2nJIfYacvP13Pejso9KGTRDXOlkkCb526aIX0r975O-MLKTJ7_KIRzlbnJwpRtuIEztAXos4hISBHZbBA5VkgTMJY42oFhEoYkjoY0P1OlOScXTKe8W0erow2oePubmjsvmYezmWXmRSszof_I6peyc-up6DlBOczLOSMYv13PN0p-Z3BSVPAAJJkC63mU4M9CT-3z4rJEjX6GbQ6eRURgQKhFbOHREdTxJxnfrxmEKon5qvLy6oX7hydCyMMkcnhP7hPgpEOe4RDUK16wxA0KaLsKpQU2nHP1Qkd_z0bTCupdRuIIn0CAZ9y3x__7pJRqTQfQjt4kv9jnJ0SHRNaLOEyOGDquNtLKNZykLXboSYi-EbvdJC5ivMq7MVm_uXk9mwM6_GuzRg2JOrqYDsWn9Pltqr-3HltnioS9p8GxGFyKuRCFQQNHPJi7MTvYyt8yhe2GrJMjjBrvTS7hB4MbT2EHlB1v_uxnKEo1MIvHjMlcsZz5XoknQbYDacWhmHcL2YwQdCK7G4gHYE-0Jh6TBgmjZ0cksgdRBQJHSbUeUXJPI731d1_XzsvS-Z46Ng4T59q5X0l_bAmE9ffRa7TsZYvbhvWe0rGOb3JYDzQE5hDR-a6d0fqWIOIumQTylm_8GsVcp6FELPbwvjMraSPGVTJVzGvr6G3axeZpAi-jtbFsjRMJ2weDm0Rf3LMywohOfZWtTSMPLvjT8rBiRaD48rkcDWisXs4JCOkSXjNcG7Ptf2I9jcbtJvYR8oy2eCgSaouMtDxDD5C5YbFFX5iG-xDsDrM0JXWYYp-7j8JGilRF71jkDhTobqUV3TL0fw3F4JdBy_Og3U7vrnr4LHeD07lsQ_uU7GQ9ohwmlGk6Y3uXkWoul__goQwY-qRcOIhNuNG9ZSIfJrsHBJ9ix5zq8CbY458cE_Y6dBpVNhdsBhng Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame ACEB	43 B 215 B	204ms 199ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=353e14a6-5db3-05e2-fad7-4f50fe2502f1&tv=%7Bc:juocX6,pingTime:1,time:1739,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:22%7D,%7Bpiv:100,vs:i,r:,t:712%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1027,o:712,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B706~0%5D,as:%5B706~970.250%5D%7D%7D,%7Bsl:i,t:712,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1026~100%5D,as:%5B1026~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:259,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16*.1135760-69474528%7C161%7C17%7C18.1135760-69474508%7C181%7C191,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:349%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT server nginx x-server-name dt25.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame ACEB	43 B 215 B	202ms 197ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=353e14a6-5db3-05e2-fad7-4f50fe2502f1&tv=%7Bc:juocX7,pingTime:1,time:1740,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:22%7D,%7Bpiv:100,vs:i,r:,t:712%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1028,o:712,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B706~0%5D,as:%5B706~970.250%5D%7D%7D,%7Bsl:i,t:712,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1027~100%5D,as:%5B1027~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:259,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16*.1135760-69474528%7C161%7C17%7C18.1135760-69474508%7C181%7C191,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:349%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT server nginx x-server-name dt24.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0A6E	42 B 64 B	96ms 95ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCj4-a-thpoE2lhHjZLXirjgnoRoDaVb4k_e580KYlJgO9f4LopZv04Q5MoyENQdLnGx3VzrfjyLEbH6WZCsrJQd5cS0VzmaQ7xTwSbeas9hUgI7D61DyryeHyE2CALRNv1Qtp4MAwIGHT&sai=AMfl-YQm8w3pmbMB4V2UGVDHNDtEodb176ygzuy2Vd2ChvtEgt2nQ1xelSbI1-XqWNkEHK81htOwc1k7eZSrFcjV24nu6dDVYRTPTmmcMgOLAicZ6l1joDjGzsUyXsE-aHUCrCsf6lwKphIbZ9g9&sig=Cg0ArKJSzEYpxiquznwzEAE&cid=CAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgB&id=lidar2&mcvt=1000&p=420,1547,460,1588&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=695725469&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690386781391&rpt=1019&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A6E	43 B 215 B	203ms 200ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=dfa96b88-e5ec-97f9-255d-812c31a3aa47&tv=%7Bc:juocZH,pingTime:1,time:1721,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:21%7D,%7Bpiv:100,vs:i,r:,t:700%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1021,o:700,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B693~0%5D,as:%5B693~300.600%5D%7D%7D,%7Bsl:i,t:700,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1021~100%5D,as:%5B1021~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:244,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16.1135760-69474528%7C161%7C162%7C17%7C18*.1135760-69474508%7C181%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:22,sis:386%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT server nginx x-server-name dt31.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A6E	43 B 215 B	198ms 196ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=dfa96b88-e5ec-97f9-255d-812c31a3aa47&tv=%7Bc:juocZH,pingTime:1,time:1721,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:21%7D,%7Bpiv:100,vs:i,r:,t:700%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1021,o:700,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B693~0%5D,as:%5B693~300.600%5D%7D%7D,%7Bsl:i,t:700,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1021~100%5D,as:%5B1021~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:244,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16.1135760-69474528%7C161%7C162%7C17%7C18*.1135760-69474508%7C181%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:22,sis:386%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:03 GMT server nginx x-server-name dt16.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame ACEB	0 20 B	90ms 89ms	Ping image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9572797897140&version=m202306200101&ct=76&x=1&cor=7094442829068886000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0A6E	0 20 B	89ms 89ms	Ping image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6255354152437&version=m202306200101&ct=76&x=1&cor=15359261502279098000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 4BD7	42 B 64 B	92ms 91ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhddRcYybuuB8E2meJBCJ6WKKnPwEmhREfe6hPXXSbXYYSsoBLoAeokoJbWg5Tqe21P3vjgOX3xgQiCYDOJA_lsUHdGe58bWL_SCmpNIaqK6JRW_PjH2U4oe-Gs9zr8S4iPfjtBWTpDo0O&sai=AMfl-YRohXZ0X5kEyZdCQS6DbI0BDDA_EZXOgDBIKQ-U6EYYuRcqYOTGqVquzN0pfLF50zgfMM55mZRt0VignYqYKIrSbdct9AsIg6vhHn4VvhPH7oMIAZ3grgQEcJkSe-TY6s29zAmaWlemcHMp&sig=Cg0ArKJSzC_AdMFCo4UgEAE&cid=CAQSSwBpAlJWHKB7PeAtVQpZqmTlKGC0XSl2-dIR81JHvrw5-mUZiexqbs4ARoXbNxpV8aRCWEwN8WQ0nNXheJ004KJDbqlfk8tE3dYjQhgB&id=lidarv&acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,100,273,573%26tos%3D0,0,2043,0,0%26mtos%3D0,0,2043,2043,2043%26amtos%3D0,0,0,0,0%26mcvt%3D2043%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2210%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D206%26dur%3D42304%26vmtime%3D2228%26dtos%3D2043%26dtoss%3D1%26dvs%3D2043%26dfvs%3D0%26dvpt%3D2210%26is%3D33554707%26i0%3D33554450%26ic%3D257%26cs%3D33554707%26c%3D0.58%26mc%3D0.58%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D451563346%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2043&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1690386783206 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:05 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame ACEB	43 B 215 B	196ms 196ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=353e14a6-5db3-05e2-fad7-4f50fe2502f1&tv=%7Bc:juodZB,pingTime:5,time:5738,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:22%7D,%7Bpiv:100,vs:i,r:,t:712%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5026,o:712,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B706~0%5D,as:%5B706~970.250%5D%7D%7D,%7Bsl:i,t:712,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5025~100%5D,as:%5B5025~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:208,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16*.1135760-69474528%7C161%7C17%7C18.1135760-69474508%7C181%7C191,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:349%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:07 GMT server nginx x-server-name dt04.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame ACEB	43 B 215 B	195ms 195ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=353e14a6-5db3-05e2-fad7-4f50fe2502f1&tv=%7Bc:juodZB,pingTime:5,time:5738,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:22%7D,%7Bpiv:100,vs:i,r:,t:712%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5026,o:712,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B706~0%5D,as:%5B706~970.250%5D%7D%7D,%7Bsl:i,t:712,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5025~100%5D,as:%5B5025~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:208,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16*.1135760-69474528%7C161%7C17%7C18.1135760-69474508%7C181%7C191,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:349%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:07 GMT server nginx x-server-name dt27.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A6E	43 B 215 B	199ms 198ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=dfa96b88-e5ec-97f9-255d-812c31a3aa47&tv=%7Bc:juoe2e,pingTime:5,time:5722,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:21%7D,%7Bpiv:100,vs:i,r:,t:700%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5022,o:700,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B693~0%5D,as:%5B693~300.600%5D%7D%7D,%7Bsl:i,t:700,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5023~100%5D,as:%5B5023~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:207,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16.1135760-69474528%7C161%7C162%7C17%7C18*.1135760-69474508%7C181%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:22,sis:386%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:07 GMT server nginx x-server-name dt14.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A6E	43 B 215 B	199ms 199ms	Image image/gif	2600:1f13:800:7781:a8b5:465d:2736:7bd8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=dfa96b88-e5ec-97f9-255d-812c31a3aa47&tv=%7Bc:juoe2f,pingTime:5,time:5723,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:21%7D,%7Bpiv:100,vs:i,r:,t:700%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5023,o:700,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B693~0%5D,as:%5B693~300.600%5D%7D%7D,%7Bsl:i,t:700,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5023~100%5D,as:%5B5023~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:207,fm:tL8eFut+11%7C12%7C13%7C14%7C15%7C16.1135760-69474528%7C161%7C162%7C17%7C18*.1135760-69474508%7C181%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:22,sis:386%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:a8b5:465d:2736:7bd8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://7a56ee61c85c26d7f35a2ad1b1df0e69.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 15:53:07 GMT server nginx x-server-name dt13.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43