ajuda.serasa.com.br Open in urlscan Pro
104.16.51.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cl.s11.exct.net/?qs=e8b1e64cb9cfefc5d0768ec809e97ac1765bb7826b33f85b9b01e0766a72260ec0b7d9dbe39eb5274bcd7534476a...
Effective URL:
https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Sub...
Submission: On March 28 via api (March 28th 2022, 12:58:29 am UTC) from SE — Scanned from DE

Summary HTTP 146 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 26 domains to perform 146 HTTP transactions. The main IP is 104.16.51.111, located in and belongs to CLOUDFLARENET, US. The main domain is ajuda.serasa.com.br.
TLS certificate: Issued by R3 on February 7th 2022. Valid for: 3 months.

This is the only time ajuda.serasa.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.71.12 13.111.71.12	22606 (EXACT-7) (EXACT-7)
4	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1 4	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	45.55.193.240 45.55.193.240	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.29 143.204.98.29	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.98.104 143.204.98.104	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.62 143.204.98.62	16509 (AMAZON-02) (AMAZON-02)
2	54.231.196.241 54.231.196.241	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.28 143.204.98.28	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	54.161.229.54 54.161.229.54	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
7	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
146	36

1 13.111.71.12 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: cl.s11.exct.net

cl.s11.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

ajuda.serasa.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p13.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
theme.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.70.113 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
theme.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.55.193.240 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.agentbot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

serasaconsumidor.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-29.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-62.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.196.241 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

agentcore.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-28.fra50.r.cloudfront.net

adapter.aivo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.242 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.229.54 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-229-54.compute-1.amazonaws.com

apibot.agentbot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Heusenstamm, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1964 p13.zdassets.com — Cisco Umbrella Rank: 29426 theme.zdassets.com — Cisco Umbrella Rank: 10034	3 MB
28	googlesyndication.com 2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	159 KB
15	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	209 KB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	28 KB
7	youtube.com img.youtube.com — Cisco Umbrella Rank: 2831	317 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	181 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	112 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	4 KB
5	agentbot.net cdn.agentbot.net — Cisco Umbrella Rank: 92458 apibot.agentbot.net — Cisco Umbrella Rank: 86063	213 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	2 KB
4	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	166 KB
4	serasa.com.br ajuda.serasa.com.br	29 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	3 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 874	66 KB
2	gstatic.com fonts.gstatic.com	45 KB
2	amazonaws.com agentcore.s3.amazonaws.com — Cisco Umbrella Rank: 123357	30 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6433 adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	17 KB
2	zendesk.com 1 redirects assets.zendesk.com — Cisco Umbrella Rank: 6974 serasaconsumidor.zendesk.com	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 48066	609 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	37 KB
1	aivo.co adapter.aivo.co — Cisco Umbrella Rank: 79612	11 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2052	257 B
1	exct.net 1 redirects cl.s11.exct.net — Cisco Umbrella Rank: 119389	376 B
146	26

	Domain	Requested by
30	theme.zdassets.com	ajuda.serasa.com.br p13.zdassets.com
13	tpc.googlesyndication.com	2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net ajuda.serasa.com.br cdn.ampproject.org
13	pagead2.googlesyndication.com	2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net cdn.agentbot.net www.googletagservices.com
8	cdnjs.cloudflare.com	ajuda.serasa.com.br cdnjs.cloudflare.com
7	img.youtube.com
6	s0.2mdn.net	ajuda.serasa.com.br s0.2mdn.net
6	securepubads.g.doubleclick.net	ajuda.serasa.com.br securepubads.g.doubleclick.net
6	static.zdassets.com	ajuda.serasa.com.br static.zdassets.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	cdn.agentbot.net securepubads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	cdn.agentbot.net	ajuda.serasa.com.br cdn.agentbot.net
4	code.jquery.com	ajuda.serasa.com.br
4	ajuda.serasa.com.br	ajuda.serasa.com.br static.zdassets.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	ajuda.serasa.com.br 2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	googleads4.g.doubleclick.net	ajuda.serasa.com.br
2	googleads.g.doubleclick.net	2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com ajuda.serasa.com.br
2	agentcore.s3.amazonaws.com	ajuda.serasa.com.br
2	2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.jsdelivr.net	ajuda.serasa.com.br cdn.agentbot.net
2	www.google-analytics.com	ajuda.serasa.com.br www.google-analytics.com
2	p13.zdassets.com	ajuda.serasa.com.br
1	portal.o2online.de	ajuda.serasa.com.br
1	apibot.agentbot.net	cdn.agentbot.net
1	www.googletagservices.com	2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com
1	adapter.aivo.co	cdn.agentbot.net
1	vc.hotjar.io	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	static.hotjar.com	ajuda.serasa.com.br
1	www.google.de	ajuda.serasa.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	serasaconsumidor.zendesk.com	ajuda.serasa.com.br
1	assets.zendesk.com	1 redirects
1	cl.s11.exct.net	1 redirects
146	40

This site contains links to these domains. Also see Links.

Domain
serasa.me
ad.doubleclick.net
www.youtube.com
www.facebook.com
www.instagram.com
www.linkedin.com
open.spotify.com

Subject Issuer	Validity	Valid
ajuda.serasa.com.br R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.agentbot.net Sectigo RSA Domain Validation Secure Server CA	`2022-01-19` - `2023-02-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
serasaconsumidor.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
aivo.co Amazon	`2021-12-23` - `2023-01-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2022-02-11` - `2023-03-08`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&
Frame ID: 7AC557ECD0C991B7B9D041A73CFA6EAE
Requests: 94 HTTP requests in this frame

Frame: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2D1905F3727AE394F2A438DCB1CB6D61
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: C1AEE3092273DD1CB774F476A1F3841D
Requests: 1 HTTP requests in this frame

Frame: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A5E08D39DF4ACCDF83264321B89290DF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjm9qO-ATAB&v=APEucNW1L-wbhHAf0zFCycAbtmHYlLOlLlkUeadjK-iMRF2gF7237BlpkG6ENnJxBCytE9d7dmFVGRlu6kkI-PC6wbFcxTW_9OvPhXf1BoxAC9g4tLBSYrOeTrHh45JeV-3Ne36LiyFigWN5rw5YzM0J1efXfuJxatktGRcTv9z1AGmxGEwOcGU
Frame ID: E6EAB66ECCE3BFB8FCFBFA5773708B1B
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9662617309075734528/728x090.html?e=69&leftOffset=0&topOffset=0&c=HeF2hfJyNU&t=1&renderingType=2
Frame ID: 77D7AE005D3757A5741570172DACB029
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2B5B08DFFA7CB792CD798E9851629EA6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Frame ID: E00CE78E62207BA65C555EE7C52F8F33
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 567DC4F2BD94BDA2478F19A27D5EA0CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D3FE5B633A5E878C2742FB72ED2D24C8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: FCFD91CE7F0D815F9A6C318429168C07
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Central de Ajuda - Serasa

Page URL History Show full URLs

https://cl.s11.exct.net/?qs=e8b1e64cb9cfefc5d0768ec809e97ac1765bb7826b33f85b9b01e0766a72260ec0b7d9db... HTTP 302
https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_RE... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

146
Requests

97 %
HTTPS

47 %
IPv6

26
Domains

40
Subdomains

36
IPs

5
Countries

4892 kB
Transfer

8440 kB
Size

22
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://serasa.me/loginecred

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N563003.3105650SERASA/B25233873.311219380;dc_trk_aid=503908245;dc_trk_cid=144162139;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCZxt4ydjJGnV6fieQaVZ7bA
Title: VER MAIS NO YOUTUBE

Search URL Search Domain Scan URL

URL: https://www.facebook.com/serasa.com.br

Search URL Search Domain Scan URL

URL: https://www.instagram.com/serasa/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/serasa

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/5ZTMUau1ssfgmCIyvygpwt

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cl.s11.exct.net/?qs=e8b1e64cb9cfefc5d0768ec809e97ac1765bb7826b33f85b9b01e0766a72260ec0b7d9dbe39eb5274bcd7534476a49fe8c2415fbf266b1f10d48fdc76d192c91 HTTP 302
https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://assets.zendesk.com/assets/apps/conditional_fields/latest/helpcenter.js HTTP 302
https://static.zdassets.com/conditional_fields_app_hc/latest/helpcenter.js

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGngsAbgRkrMWq75PAzEhgM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGngsAbgRkrMWq75PAzEhgM&google_cver=1&C=1

Request Chain 83

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkEIL.1M6fx6ancCRuLXDwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwBU6-dC8D_6yrRsL1mELA&google_cver=1&google_hm=2

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJqJPoEhbXgBGKxeR91Dyts&google_cver=1

Request Chain 85

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0NjIyODQzODYyMjE5NTQ0MA%3D%3D

146 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pt-br Show response
ajuda.serasa.com.br/hc/
Redirect Chain

https://cl.s11.exct.net/?qs=e8b1e64cb9cfefc5d0768ec809e97ac1765bb7826b33f85b9b01e0766a72260ec0b7d9dbe39eb5274bcd7534476a49fe8c2415fbf266b1f10d48fdc76d192c91
https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&...

77 KB
19 KB

465ms
396ms

Document
text/html

104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d4158b3910e040a0ca46ebc6ae30618deb2476ed0eea065c1d5b5dee27b955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-type: text/html; charset=utf-8
cf-ray: 6f2c6abf2e73081c-CDG
cache-control: public, max-age=0
content-language: pt-br
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
protocol: HTTP/1.1
x-content-type-options: nosniff
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-envoy-upstream-service-time: 124
x-frame-options: SAMEORIGIN
x-request-id: 6f2c6abf5306081c-SEA 6f2c6abf5306081c-SEA
x-runtime: 0.120239
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-zendesk-origin-server: help-center-unicorn-d67b7d5f9-5wdjb
x-zendesk-zorg: yes
zendesk-api-version: 2022-01-01
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pqOszZnwzSWU%2B4W9Tlbob9k8eUKTVM6gACmkEEL2LKieS2wjeg2dmyf1NYwcF2CxByZsfKvdnc7F31TU95nlhEHg%2BMpI1ycL1PjPh4JBrYLlyTP2xfIfv%2FomPXL75YlWG2Lqlc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&
Date: Mon, 28 Mar 2022 00:58:21 GMT
Connection: close
Content-Length: 354

GET
H2 200 application-eee6d8d7fa05e7e79d4f3bfce1e548f7.css
static.zdassets.com/hc/assets/ 54 KB
11 KB 77ms
36ms Stylesheet
text/css 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/application-eee6d8d7fa05e7e79d4f3bfce1e548f7.css

Requested by

Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a972b4d1cdb31c6ed98e2b2cdb37aeaf482dedf022c278e8579b44d545b87d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393411
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: V7CJY7NJRM1KV01X
x-amz-id-2: El1ehXQ6j6PHttboBGWxpZrieKjreFV9377fFHUTLXNBplWr4wisAH+Lh9QAOPto7BvLE9U0go0=
last-modified: Wed, 16 Feb 2022 11:38:17 GMT
server: cloudflare
etag: W/"db93d565a4a928bcc3c7f69066f238cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tov%2FolMN97epZORiVg2o0SevCF9p%2FCwik%2FGYzJrCLKgJBoLyWQj05yY0%2FktVRL%2FZuWdWpVYUkCvWjYA1LdnVUUSSU1sw0%2BWZvGteSp8%2FYcOm6RpgG%2FXkgs5kQub%2FbzaT2tyQumE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-amz-version-id: _8zAQbC.eJm5lM4RUl704vubjUGk2xfb
cf-ray: 6f2c6ac21d9b3b73-CDG

GET
H2 200 style.css
p13.zdassets.com/hc/theming_assets/2029595/114094504791/ 132 KB
24 KB 247ms
220ms Stylesheet
text/css 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b2128735e020a2505fa343f3086efdd46c702ee4401da138e6c5a22df7afc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: help-center-unicorn-d67b7d5f9-fgwst
x-envoy-upstream-service-time: 28
zendesk-api-version: 2022-01-01
strict-transport-security: max-age=0
protocol: HTTP/1.1
content-encoding: br
x-zendesk-zorg: yes
x-request-id: 6f11fd04baad91ff-SEA, 6f122fa26a079966-SEA
x-ua-compatible: IE=edge
x-runtime: 0.023757
x-robots-tag: none, noarchive
server: cloudflare
etag: W/"e7b2128735e020a2505fa343f3086efd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K34naJcLaTQIaVk8IJPe5f4LzEdNcvStExD2Sgol2iRZuOxhBl5YXlwD%2F4QHXHeQKXBMYdMjN3sBPwFraUi09DYt6xTNX6xou8oi02STD6jB9Li4nbg9wQ1c7k7a9RQR0HY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=604800, public
cf-ray: 6f2c6ac1f917996f-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3216
date: Mon, 28 Mar 2022 00:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 28 Mar 2022 02:04:46 GMT

GET
H2 200 slick.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
811 B 46ms
18ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 362747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 450
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNJzFxAa61XoMQRXQjYvCx8QEHy4DqqZagNgiPPT3WtlwbzmDMSwgOM4tVzzEed6iyn3arPqVhFNsaG0kkB%2FtpHHC2mkEu6%2BQwzvc4WEcxYmoafO2FkReWnexWJPn7TiLNdTWBwwWx%2BZr6gIHokPJPSZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6ac1ffae2325-ZRH
expires: Sat, 18 Mar 2023 00:58:22 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
974 B 48ms
19ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1135334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 657
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzAh%2FVHCDP57mnmrih1%2BPbAkanZCaqnvxtLmqrA%2B0XIHEGNR%2F0zq0Q10kwk4EM3aca9DcsKO7lfrEmHx1piq3NG7oriNh8RcCOSHYmAt0qrkWb9YHXXWYLFRwZFabdcTctV3JspdUEfW9CfssYB5cS5Q"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6ac1ffb02325-ZRH
expires: Sat, 18 Mar 2023 00:58:22 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ 94 KB
33 KB 34ms
15ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1787d"
vary: Accept-Encoding
x-hw: 1648429102.dop137.fr8.t,1648429102.cds280.fr8.hn,1648429102.cds001.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33357

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 41ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1c1f"
vary: Accept-Encoding
x-hw: 1648429102.dop137.fr8.t,1648429102.cds280.fr8.hn,1648429102.cds161.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3063

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 43 KB
10 KB 47ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 363707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9564
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-ab69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8N3XXDNyYqXuAHX%2FZ7WTdFoFbfG1zCIdl7hYDPfJe%2FOMLbzQBp9twfxybmXzwKvZvgWhOhnWOzncQxiic%2BM2Tv3MqhzM2H2xfX4fBkBYT7b3MT7ZLYRPfqKDpwLo7q4VK%2FcN0btUwIi9omria1U8%2Fu1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6ac1ffb22325-ZRH
expires: Sat, 18 Mar 2023 00:58:22 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 41ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-7f20a"
vary: Accept-Encoding
x-hw: 1648429102.dop137.fr8.t,1648429102.cds280.fr8.hn,1648429102.cds269.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124434

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 33ms
15ms Stylesheet
text/css 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
server: nginx
etag: W/"620cd700-8c85"
vary: Accept-Encoding
x-hw: 1648429102.dop137.fr8.t,1648429102.cds280.fr8.hn,1648429102.cds272.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8323

GET
H2 200 jquery.mask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.9/ 7 KB
3 KB 47ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.9/jquery.mask.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fd6d97c5e1e295a7c66bceaff39daf165a8e65ae8a8dd7228443caaf05f2b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ajuda.serasa.com.br/
Origin: https://ajuda.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6742854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2797
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1d13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNV807p0jXICxNh6bZYRJ%2F%2FIob5ztbbdWJ9i8hQDZ5qZnb3FhjrzUeGVv0lM%2FvMmAtLGqEHiPrrAm5EncOQ8fB1x3TUCy1eXRFAHfUexrIuzpqhEwYQF1m6b%2BJ5ENLHYHQdYt8Xd%2FgbsXRCEjmxnnr6h"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6ac1fdc201e7-ZRH
expires: Sat, 18 Mar 2023 00:58:22 GMT

GET
H2

200

helpcenter.js Show response
static.zdassets.com/conditional_fields_app_hc/latest/
Redirect Chain

https://assets.zendesk.com/assets/apps/conditional_fields/latest/helpcenter.js
https://static.zdassets.com/conditional_fields_app_hc/latest/helpcenter.js

63 KB
19 KB

36ms
36ms

Script
application/javascript

104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/conditional_fields_app_hc/latest/helpcenter.js

Requested by

Protocol

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c1a64732de92fe691f38055f446c114cba9df7e63b2ccc35015e57c7513fc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 548
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: T5GJDQSDGPFC3RD1
x-amz-id-2: sac547lVvjjIZKSz//XyBMemuIED/0kZS4+7trqFIonrpEHxzcIo3UWDvI4y/MILQvnc8oCMa0o=
last-modified: Wed, 05 Dec 2018 23:42:03 GMT
server: cloudflare
etag: W/"06dadc6c7364cf7662b03515664be760"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7EA3%2FENOvpss1qXo8IRQ9Faailhn0v8TwGEIHTkqSQWxFPufmLCbD4jM2XqkIBW2YJTr87KnmB3t3rNe6q64Rhzrb59X2RMkpPx8lUiEFUohioIjcN4F3JJIzc%2Btr0mIz4xpng%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-version-id: 3aS1wWYF1HCvCctTv8qQiOsRRZwVNgEk
cf-ray: 6f2c6ac26dda3b73-CDG
expires: Thu, 05 Dec 2019 23:42:02 GMT

Redirect headers

date: Mon, 28 Mar 2022 00:58:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 483
strict-transport-security: max-age=0
x-zendesk-zorg: yes
x-request-id: 6f2c5ef9e96b084f-CDG
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjXHvZM8z7D2%2F%2FZQ5Qjs02VMS8hiVsw5mRy1iKErpoy4VKqxeoFKSTReb1XYql0jSOazAzFSm3dllP1AI%2BQrynfJOwnt2wgqZLkT45EdCXddimqVPox2IYOor2QDlf7WJwM9Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://static.zdassets.com/conditional_fields_app_hc/latest/helpcenter.js
cache-control: max-age=600
cf-ray: 6f2c6ac22e0940ed-CDG
expires: Mon, 28 Mar 2022 01:00:19 GMT

GET
H2 200 sweetalert2@8 Show response
cdn.jsdelivr.net/npm/ 62 KB
17 KB 284ms
28ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12857
x-jsd-version: 8.19.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19175-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"f9a3-83/dkKMqqE70ruguVvt5jysji+A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6f2c6ac36e9623df-ZRH

GET
H2 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/ 23 KB
5 KB 45ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/jquery.mask.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3edcd35f57ed9849a3f18522017d304c843e75d4c0195b763222ccb06b003313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14796551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4938
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-5a58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I54FsHwHZjxoOBGm%2BcouzOdR4xyDwvr7WD9pZO1CWQRP4A2uHcE9wAo%2BE31glZhq5Kckqn%2B34YtXj%2FwgJDA0aW7nfvJvCqua1BLV7X3IIAB77Y7Gn0w0FsOtyU3kKic%2ByCd7oINdcUYezP%2BEBnrRz9XO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6ac1ffb32325-ZRH
expires: Sat, 18 Mar 2023 00:58:22 GMT

GET
H2 200 mailcheck.js Show response
cdnjs.cloudflare.com/ajax/libs/mailcheck/1.1.2/ 8 KB
3 KB 44ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mailcheck/1.1.2/mailcheck.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffd0f1a8998b84c05b08ff0e234e5b02d69f4fd5982def489be7dc36ed72b44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2699544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2217
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-21cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HV5fvNE411BO3QPieZp%2BWxWO7tvqfzuWNra3O0p3IJecimKcJXoll7RwqvOTMnGLSSS1bpsN8vrE%2FrUr%2BWYWCPzdsOIb3crz%2B3eX8trAm8LEYNg4M0gnyq%2FrHWcwomELWExwcomXubZ8LiuVTP1oFZXu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6ac1ffb42325-ZRH
expires: Sat, 18 Mar 2023 00:58:22 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 1 KB
714 B 46ms
20ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2166914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGj%2F%2F0NuV32Xuc4gr7NBx1scWmEywaQJc8%2B8APdhRQsrPeHonRGBDIDEfxdAGCoXgQiStEHvHhYCiOULgR32%2FxfexZf6nNgckm4sK6lTidOKjLZCp1abmkZ%2BlGzieQutBkt8q%2FicwmSKT4U5V0LgvLLI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6ac1ffb12325-ZRH
expires: Sat, 18 Mar 2023 00:58:22 GMT

GET
H2 200 api.js Show response
ajuda.serasa.com.br/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 23ms
19ms Script
text/javascript 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/cdn-cgi/bm/cv/669835187/api.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhKokXQ9yMnPXMItRIwq9tjshzoGkDKtJcYqCxB6zVHRs%2Bw%2FTZvXANqW1b5eXvRpkIydsJuGr2omxATVGzI3QPiOXOy%2BWmr6q26DxkYMsm8KtoOuXuDnyPq0If3V7c%2BG14q4jK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6f2c6ac3c8bc081c-CDG

GET
H2 200 01129284b936a8b1230fcddd18011ce04437fb0c.png
theme.zdassets.com/theme_assets/2029595/ 1 KB
2 KB 38ms
27ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/01129284b936a8b1230fcddd18011ce04437fb0c.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c49032a60105ae7cd4e4a60a452e7669f6aa316ad2cc8eced748fb0f0355241f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51253
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 1409
last-modified: Sat, 20 Feb 2021 02:56:45 GMT
server: cloudflare
etag: "7a83fa362f13005342c60264ccd21340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeF6GoCHOIz4j7lpIGfIaEmEyaLzCcmEchmDY485n1DctmXCtOPv%2F7kB3Mw9lgbBiEb3zvDuzs1HhN6sV3w0xSgLx1%2B%2BFo48pyLChDVw%2FLm%2BBGHV7PJ%2BRKqRn9YdfyRh%2B5K7Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: TcAnk8mlwFKr6hTy63te9DvnNFiJxLsP
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac3ca70996f-FRA
x-amz-cf-id: xBgmfRKrW25YpLAA4xPT28VQZfe2q4GQRq7qLvnvRutmamEUsjV5Jg==

GET
H/1.1 200
OK dea6c07769c06d2043b5cb74146ddb86.js Show response
cdn.agentbot.net/core/ 802 B
913 B 389ms
94ms Script
application/javascript 45.55.193.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.agentbot.net/core/dea6c07769c06d2043b5cb74146ddb86.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.55.193.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f5cd0d0af73325ea04c9b99435d3d4018dc0a048a41987cc94fcf3eb8a06e698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:58:17 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/javascript
X-Xss-Protection: 1; mode=block
Cache-Control: max-age=259200, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 484
X-Content-Type-Options: nosniff

GET
H2 200 69a88bbc97b6f612454ed33837665cf83a4ba4ee.png
theme.zdassets.com/theme_assets/2029595/ 6 KB
7 KB 29ms
17ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/69a88bbc97b6f612454ed33837665cf83a4ba4ee.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe32d9e8c5b91d60410c08d8fa519796439792744528d5a01bde953a60428712

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51253
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 6231
last-modified: Sun, 28 Feb 2021 00:08:19 GMT
server: cloudflare
etag: "309bf36aefe0731606e5add035e14404"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9t0ZAjgbEzEhGPAa%2FQ17C156CNrKzxCMGwhS2uf3lw1m0yROqy86dbjenVx%2FH7b0zuVLEPttJ%2BSHhw1%2FFaWuB%2F0LTp8YWNp0HmVrX8pv6pCdigcF8NA1vgcj8HXuHYoTPWUREg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: IfHzCRqXvC.j2MAO1sWO8.Xcr9ycjNRz
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6ac3ca71996f-FRA
x-amz-cf-id: QO-5PJ8_AmtO9F0Go713t48uDdCp4UVwyAsBbpkREzPCK2qQ7lRYkw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 67ms
21ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5377b85929b89e53828ca9b7489ea8a9c4a112bd7384c8eadb38b8dea5df6983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28043
x-xss-protection: 0
server: sffe
etag: "1171 / 217 of 1000 / last-modified: 1648245909"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 28 Mar 2022 00:58:22 GMT

GET
H2 200 43e3ea28558c54d666577d53d13f72f0721a15d3.png
theme.zdassets.com/theme_assets/2029595/ 38 KB
39 KB 36ms
25ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/43e3ea28558c54d666577d53d13f72f0721a15d3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01c0761e1e736fff6c81a38c2828f9322dfa72b57f4bfaa11af4000132ef4742

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51253
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 39028
last-modified: Sat, 20 Feb 2021 14:11:36 GMT
server: cloudflare
etag: "cd721be08c39fb48543669c612d3f007"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsXZzcaGjlaVREnR8i9tB1TPgMdzCrYJjCQmntvrjfQM1ulZjRCHxc9qVakzhHG5%2FTUjBD63p%2B9iHfLpL6LFEsc4y2qmeZIZHpMS31R2tAArLr2nVnBWqOnaRd%2BvI%2BCyZumMvg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4AHaLk.OW6KEmOAXVMGSqFeOyfdaXDKb
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac3ca72996f-FRA
x-amz-cf-id: at0w2NDkhbcjDNl02xVeTB30LJBZ6hS5itvmrhorx02eviK9OMxO0g==

GET
H2 200 d6a3e112178bc0e44d5f58a27620ccb37671df2d.png
theme.zdassets.com/theme_assets/2029595/ 4 KB
5 KB 27ms
17ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/d6a3e112178bc0e44d5f58a27620ccb37671df2d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66fec5d3f942100cb5735cbfe51348a53b8aa584a7969f7de339ce35d8d96902

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51253
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 4201
last-modified: Sat, 20 Feb 2021 20:43:19 GMT
server: cloudflare
etag: "64a50e0b89e70399f1c27a1db96c6704"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Jkri080u08ehv%2BbjZ0gy6RxYn30%2FXxnT0kzvft2b8KjzF6D5W%2BWIzcuVXC2mwhNoFuKex%2FYLygqxKj9z2oK2E6Akx%2Bk%2B7C8VswRhJQU9J41mWUEhSbruP2rpm%2FyazezbykZFA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: xROjaW.fOOtNovtoGggL9gOrgKG7Uii2
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac3ca75996f-FRA
x-amz-cf-id: PV2AlAyQKWe9jJE_PyjZk1Qh4008-MGcFvcG89IAPxaawmJH50Veig==

GET
H2 200 9c7002727f6a95437a8e4705934f2ba02a0c6c6b.png
theme.zdassets.com/theme_assets/2029595/ 55 KB
56 KB 28ms
18ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/9c7002727f6a95437a8e4705934f2ba02a0c6c6b.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3242e3f3d2b11cd0da790d29a15a3b8d01160f5b4491b3fc7049527bb57acd73

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51252
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 56466
last-modified: Sat, 20 Feb 2021 20:14:17 GMT
server: cloudflare
etag: "b6afd7c9acbd47cc7f9feacd9c9910e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnudwlIrSRHQGFwD71gvodTLvMeuJ5kHtFaVGKM3aqKXI4rgQv%2BpYtVvakbUHiCtHsYndfCaZ4Gq1gc5tceXuMGrXg6l2T0ayKAVzk%2FYdGHOjBJypDBPyneL1541X7PjT%2BTp%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: iixzyZ8oCv5Iw1i3_Xs2weCLhAxukHWc
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac3ca74996f-FRA
x-amz-cf-id: W6eR0HEI67tumPhom8IAoikcM6-NzhxY9LXmDpofY768wxAd1o_zHA==

GET
H2 200 1d903b0e11f8f745e039543bc5a23331fde40bfc.png
theme.zdassets.com/theme_assets/2029595/ 6 KB
7 KB 36ms
26ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/1d903b0e11f8f745e039543bc5a23331fde40bfc.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b826baf4b1c464fb6f997c20dd47e496f30a58d1efc8432e3b33fb0872a90862

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 29473aa9cc185f2a037ec3a7e2ffd74c.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8265
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 6558
last-modified: Sat, 20 Feb 2021 23:23:13 GMT
server: cloudflare
etag: "7c2306ff2b5eaa7723da25b59b489acb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krJMsyIBV2%2Bjdtb2qEwBv0GxB1Pt6tmvC6gzLXCHL9RI6NKMASiY5ahtrhamdTR3VgAKypVoWIWu6chhiFRbPr6sQay9ItfVNvq2VJ5qGTOG4vnn6ojT11xvs9rykNwCVtAPZA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 8QOe6lFMgT2OoZucvWMrbArkHcees_7j
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6ac3ca76996f-FRA
x-amz-cf-id: YJmhTnZB0VSDfVcopfGzJDnqbBam_BRV5N4cj7WLuWd6ULobq3KcrA==

GET
H2 200 5ae6a2a27c0f986f606c2e576cd74e83f9e68e90.png
theme.zdassets.com/theme_assets/2029595/ 7 KB
8 KB 688ms
684ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/5ae6a2a27c0f986f606c2e576cd74e83f9e68e90.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26186ef31ef35679017179c6639f347c58e4eb941ba9a262a4b8584dcb4e8ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 66ce4848bcf993e3c57b596461cd0b82.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 7200
last-modified: Sat, 20 Feb 2021 23:23:14 GMT
server: cloudflare
etag: "e2b25241cb25e9cefd04a6b299ea90e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxgLeP%2BN9YdxcVDOf94%2BA4B5asVNhv3exN6U3JIovTMqjThKVpsrfPEl8sJEhig4vy4IlVcuwjACemvIuWpIuNi81OTuqOP%2FWXbS4J0%2F4DuSgOtVrXhU8tGKn%2FVSBwQsvK%2BByA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 8ImGdfHBxbBiTt9yqG7IcXOyKAjH0STc
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6f2c6ac3fa9b996f-FRA
x-amz-cf-id: LGuWMJvFI1N0XG1vyrYLC-UXWcps8xtyUDYBxYtASpj_AdyUzJJUrg==

GET
H2 200 ee5cb3e3a6a5d18c0b00d556b92ee7ad74aec850.png
theme.zdassets.com/theme_assets/2029595/ 2 KB
3 KB 18ms
14ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/ee5cb3e3a6a5d18c0b00d556b92ee7ad74aec850.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce61e05539704fb07f314ebadf3e65416ffa784626a3cda98623b84c1cafefe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8264
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 2105
last-modified: Sat, 20 Feb 2021 23:21:12 GMT
server: cloudflare
etag: "3ed26a7e7a65e8fbaac529f3c9c57061"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhsrRqNHAbHzRj0d6i60WEiIPD9Sdj8nTwc%2BJ1zIfZ%2Bi960duWzvv3AJUbI5c5CXmxNbIUo3WIgeV7gMZtpuBEw9QjbzpaDvxlilUaLlRbOQFWAwKan66O9%2BkwXu8Rd%2FPzVfhA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: KwVXwHt_W1gMIVBlj6AXaIwmhj5ADVjW
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6ac3fa9c996f-FRA
x-amz-cf-id: vVxAwzXCbmr4QBpdFXfnmw9EuFDOXNHDfwZ3_8D41O48j0vKVy-lBw==

GET
H2 200 9e0d453da3b5056819631b2b1a9345cf4f9f7258.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
4 KB 17ms
14ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/9e0d453da3b5056819631b2b1a9345cf4f9f7258.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

006aabd877ee1ccdc2bd16cee536f4536a4f3981d9cb76ae6cfd1d3f25129a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8264
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 3295
last-modified: Sat, 20 Feb 2021 23:21:13 GMT
server: cloudflare
etag: "266948f5416e85e42af6f4456a54a483"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNlMlFsDDZlLiwNVv99LmTIoVjSOCMB0LBjWylWSrkPhNVhNQnVQxB1Y8awbK6EDSMmLCdKT9J5WDpH%2BapXWORLnDScIhmyzNmNa4fEcsyD1M6Y2jbtJWUg4wRdgs7USoXJ3%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: RyuMEdegMi8DUY6GLMWr1di1ltvtaVzF
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6ac3fa9d996f-FRA
x-amz-cf-id: nzOQlLRNvM-8r5lF9HzT8IQ1VFuILG3qb3qEKRimcc5W_G6w5URIBQ==

GET
H2 200 dc9c10e062be30c6cfaff2a8e6ba71d122ccecda.png
theme.zdassets.com/theme_assets/2029595/ 1 KB
2 KB 59ms
56ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/dc9c10e062be30c6cfaff2a8e6ba71d122ccecda.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f41c1bfd9141177523d3ba40196be30dc3056fd1fdc5067eca64e9b1b915bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 dcfe318aa268be733627ea7884246be4.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 1372
last-modified: Sat, 20 Feb 2021 23:21:15 GMT
server: cloudflare
etag: "433ca788a305be039c7912db1aa397be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtkMkC5WKL986Ph54volFztEfN%2Fm%2FyDaSBTXUeKEUZPved6E%2FhlUVHmdsZHWJKmgglZCKYTfEr1GbxunVGoV2xzvc%2BlK%2BAFYgCEvmmKbKLpPHgfZApDCuTpq4LW6wjBT%2FLy3GA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: aPeVoYP64gtetXI0YxDG2.oVHZAl.Mom
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6f2c6ac3fa9e996f-FRA
x-amz-cf-id: eSURqFLm4FeSCjHa9x2AMjKTAqmfu1ivn1exNFWpK0v9SqF0i9XxbA==

GET
H2 200 77ef7b9f7c550a060fee3f6e058a2a2e9a4d0e76.png
theme.zdassets.com/theme_assets/2029595/ 1 KB
2 KB 40ms
37ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/77ef7b9f7c550a060fee3f6e058a2a2e9a4d0e76.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1f0c11a70973083a31465b27bd503c6cbcf216f208a2bde6862460a38cf01c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 badff53d2116a4b3d32a2dd1eb918a48.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 1517
last-modified: Sat, 20 Feb 2021 23:21:14 GMT
server: cloudflare
etag: "00ffc9d6a78332984815173bd818d2e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FmVNGa9sT%2Bn%2FQVufScp3b2kFIHVelKoXxfrZ7LRWqb8xT4iT1fiIW3DOEeX%2FdkCd1NwsLqN4QYk6aKl6xTsF4VguvgGY5AhsBzJM0ckfHqQDZXZIfq4ohgpbX17E7UX1HcYkg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: OHPhprL_UD5DM2aYtOe9ZDWS96VVPUYb
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6f2c6ac3fa9f996f-FRA
x-amz-cf-id: c8oCFOyYO1MWdWq4jigTYSk574r4JEF-jUqK1xmVs8fS2yuXslxtLw==

GET
H2 200 334d039b4cb4c53e99f6e9445d1897b2613fc047.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
4 KB 39ms
35ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/334d039b4cb4c53e99f6e9445d1897b2613fc047.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

838823d4fc5054d84fbde32bbeb6cd22f18ea7d96edad521aacf170b0ebca411

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 c414bd1a4ce7ace94cbfdfa8efcbe5a6.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 3133
last-modified: Sat, 20 Feb 2021 23:21:14 GMT
server: cloudflare
etag: "2391b6822e2ef746c5a45a8a7a3e3f56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdowSpprD69hmopRvocJMbjlak4wZbL1uiNSCjE313wmryVMEN3MTpeLq2EKf9DgOrVnOBSP1cpHs17FbqQ6cbwPtAHAZQSCxv9Op85w2Di2VQR%2F2ahyhHdztCQEx1Crc4LTJw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: MtTXFBGl1wGuX9epx5qZXhZHC.g6OT3l
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6f2c6ac3faa0996f-FRA
x-amz-cf-id: l0ftbeopeCZIgovB-dUUggRk4iTM2cgxZS1TyFEW5UyzO7EvQkIByw==

GET
H2 200 4ca996b6cb531f196b790cd0803e5060e1db5118.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
4 KB 57ms
53ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/4ca996b6cb531f196b790cd0803e5060e1db5118.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66d301290c1e9b6e4c9732d4d200f8a33f750f97a75b734fcc82c2ee605b073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 badff53d2116a4b3d32a2dd1eb918a48.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 3521
last-modified: Sat, 20 Feb 2021 23:47:38 GMT
server: cloudflare
etag: "534bfc28d3a2b893053d135c9e7d2159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTTHCKk50wje3VcDKFX5pN61sN3jqFG%2Bv7GyuO4k289VP3RiVksDzba5fxooEH59F7wqJ4aHytPasSPkvuCUY7u53PyESjzsQpCbQyol9rx9W6%2Fokurq8%2FTHXvQn4KK6cgh4ww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LVbjS1CJo4UPZiXNovUmtJa0vGFnej3p
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6f2c6ac3faa3996f-FRA
x-amz-cf-id: cR76Gv1mBxoTuvmH8qFugNPwJVxJQ0Sb2-HRbFTrQWLvvOUxAWBtJg==

GET
H2 200 pt-br.48ceb200af474a2e981d.js Show response
static.zdassets.com/hc/assets/ 198 KB
37 KB 40ms
40ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/pt-br.48ceb200af474a2e981d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a039972b006b4e15619fbf1106b67083d1474334e1b0965968074c171513a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 312154
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 6NBCHX8DBG8XBXX6
x-amz-id-2: rjH13IvNqSj7MD3UFns7ZSBaAkitwexsQDdvuTPGGA8fTcH2NzWM+2/U0k2G+BYY1kR03xl/lYY=
last-modified: Thu, 10 Mar 2022 09:36:41 GMT
server: cloudflare
etag: W/"48ceb200af474a2e981d2e200150428f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzRKMNhEyqigFufR314zxBosUEUAzots%2BHhW7eCmlA6LKbBB%2FsGcNy5Fs76M37r5r8pEZUu1gOtJ6TWYGtJOTBYzOr7a9P%2FPv%2BT5deQTNycM2Y%2BzKYFi3oixwq4y3S5eqOfczog%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: cePIsKB2KNRIdIaIh..4t3cR547UbHbF
cf-ray: 6f2c6ac3bee43b73-CDG

GET
H2 200 host.js Show response
serasaconsumidor.zendesk.com/auth/v2/ 27 KB
11 KB 46ms
24ms Script
text/javascript 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://serasaconsumidor.zendesk.com/auth/v2/host.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46f51dfa02a9f96c84032f9ba066f3881096781bc142b26c98a3e4b947566468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 72479
x-zendesk-zorg: yes
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-zendesk-origin-server: classic-app-server-795dd8dc5d-pbdpj
zendesk-api-version: 2022-01-01
vary: Accept, Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6f1a449fdd9490fa-SEA, 6f1a449fdd9490fa-SEA
x-runtime: 0.044365
server: cloudflare
etag: W/"46f51dfa02a9f96c84032f9ba066f388"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLYbSQODHa6NHu%2FVSzrJIhjsZfPDSy7yACqHOGmdAPYnz4DFrsiQ5C2J5ws7XKapUhI4t5C3g1e8nhqpMFx6l1qTTDWWH0d00KLgOudWvq6kwj1bM5MrCe7Eu47%2FUV7RVH1baQiL22DIYB1iXQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=86400, public
cf-ray: 6f2c6ac3df489b64-FRA

GET
H2 200 hc_enduser-7955c470f9234e0807ae9209fcf364b0.js Show response
static.zdassets.com/hc/assets/ 621 KB
184 KB 51ms
46ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/hc_enduser-7955c470f9234e0807ae9209fcf364b0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f799149454b87ae89fc9de2ec87a238a75fa84b9d703ffc94c28ff85ba35f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 391260
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 1XGJ6F2PM9X34540
x-amz-id-2: MhTU3WTSeArcl5mFTYRgS0YyOj6l9lRYO5+TdPkrMZm814eYa5wEfgSQ6A4GbY3YuN2Z5XqluQ4=
last-modified: Wed, 16 Mar 2022 12:13:55 GMT
server: cloudflare
etag: W/"bf64c8ce30bfd55938d77440e48dbdbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxxGkAL%2FcWZyw4z37JPR3NO1OjuLK23ZL1wnE%2BDWAk8qDajPKgxKkwvWaXGk0nxIstwAK6IIaAyZszsFPxaAXJBOgYS6MrMNPJjxNiRGns8Sn6cvecpdrw6737ViB0sLsxSVTb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: xRg32GB1fkWB.9ILIVtuKviMPtVgIjRJ
cf-ray: 6f2c6ac3cef33b73-CDG

GET
H2 200 script.js Show response
p13.zdassets.com/hc/theming_assets/2029595/114094504791/ 26 KB
7 KB 201ms
197ms Script
text/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/script.js?digest=5042928780301

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30d8b7673f41672185843f69b79543c5eb50d57eecd92fdec573244a8e413ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: help-center-unicorn-d67b7d5f9-7lfd6
x-envoy-upstream-service-time: 19
zendesk-api-version: 2022-01-01
strict-transport-security: max-age=0
protocol: HTTP/1.1
content-encoding: br
x-zendesk-zorg: yes
x-request-id: 6f122fa5b8269966-FRA, 6f122fa5b8269966-FRA
x-ua-compatible: IE=edge
x-runtime: 0.016033
x-robots-tag: none, noarchive
server: cloudflare
etag: W/"30d8b7673f41672185843f69b79543c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwM6AhlrFiADGlwLTzRdLq%2B%2BnS2LH6DOO8gN8L74%2BD9AYWBHBMYJR6M1BqYaiA%2BRJSC%2BHhYZ4s1csJ0nKvEyd7jFPqw5bc5OOgqcAG9WddbutTStLYko%2FyoQNgT%2B6bv96kU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800, public
cf-ray: 6f2c6ac3ba64996f-FRA

GET
H2 200 29891bc44596e4b21da593743de3187c06877d93.png
theme.zdassets.com/theme_assets/2029595/ 75 KB
75 KB 22ms
21ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/29891bc44596e4b21da593743de3187c06877d93.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c067bdf71b81bc125cdd51224737934175d5784c12d979566b7f86de7b5ef13

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51250
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 76582
last-modified: Mon, 07 Mar 2022 19:19:35 GMT
server: cloudflare
etag: "0e9950554c26a34a1c078425cf8a1ac4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AYQd2D9FmQAMkbKccnSZCnSeF7pfpeU3M6qBurkCecI7tQLFz1sCeDUVZKWK0SzMZcQzC2IC4taQBFaw3ix%2FJf%2FNc8H9fgr%2FLbka5DiFTbsA5uYElnr6CbeSYQOykUpgclAOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: RXtW28LoGl9m_Od3snxUhTrVO5AKUmUu
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac3da7a996f-FRA
x-amz-cf-id: A58yTgqD60EwODD7j5HS0qxPbm1RD_QhO-x8z2UpLgMNzkFoYLcViA==

GET
H2 200 0ce37ced9c5fcac9bdc452a432c1258870ba4677.ttf
theme.zdassets.com/theme_assets/2029595/ 167 KB
168 KB 48ms
19ms Font
application/x-font-ttf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/2029595/0ce37ced9c5fcac9bdc452a432c1258870ba4677.ttf

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/
Origin: https://ajuda.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20247
x-amz-server-side-encryption: AES256
cf-ray: 6f2c6ac3ea729a0b-FRA
x-cache: Hit from cloudfront
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
last-modified: Sat, 20 Feb 2021 03:03:17 GMT
server: cloudflare
etag: W/"ee7b96fa85d8fdb8c126409326ac2d2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEASR2Jo4fPmYorT8tOqejHZwjYECkZF2wXNkDYoerKRW8jqYNpNuiUJXBM8vZr3ObGkdQpUdikMwx51yTbII6rD%2BBiRwb7JRhH3a8qrYZwSYaBUJYxuOJewBZUx7CnOqJGTeA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: NxArhaQtkw2wgZXJpzBKcLGt4dOAdttA
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-P1
content-type: application/x-font-ttf
x-amz-cf-id: B0wmGkHOSdawgGWIUbi0onCFvhWuRPlzljIWSG9T6mMCifCSJbh83Q==

GET
H2 200 dd1b1db13ff1f72138c134c62f38fef83749f36a.ttf
theme.zdassets.com/theme_assets/2029595/ 168 KB
168 KB 62ms
34ms Font
application/x-font-ttf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/2029595/dd1b1db13ff1f72138c134c62f38fef83749f36a.ttf

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/
Origin: https://ajuda.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:22 GMT
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51375
x-amz-server-side-encryption: AES256
cf-ray: 6f2c6ac3ea739a0b-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
last-modified: Fri, 14 Dec 2018 12:20:53 GMT
server: cloudflare
etag: W/"3e1af3ef546b9e6ecef9f3ba197bf7d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3EhB4PVCbjA%2B2VhSg6dtj65rLu3FXxxl4u%2F07cRPCD2EkxABxKXpMh7LzzXgICCTSkjgoW%2FZcnkhqcGVQvNWOK9%2Fg3%2FduR2ZO231YBYb1IvCrlv6bi4qnNQ3LMT%2FP7YegNroA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: EuIv9ejf3bymncVwL_gI7qxN48VZpQtR
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P1
content-type: application/x-font-ttf
x-amz-cf-id: 7rWpvCt1QC8C2kDB7KOP55615MxV-qLOkISemBuTTznCzkeeelLPDg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 16ms
16ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2120968709&t=pageview&_s=1&dl=https%3A%2F%2Fajuda.serasa.com.br%2Fhc%2Fpt-br%3Fcm_ven%3DExactTarget%26cm_cat%3DEM_LNO_FEIRAOMAR%25c3%2587O_SEMANA4_MIDKIT_REPIQUE%26cm_pla%3DAll%2BSubscribers%26cm_ite%3Dhttps%253a%252f%252fajuda.serasa.com.br%252fhc%252fpt-br%26cm_ainfo%3D%26%26%26%26%26&ul=en-us&de=UTF-8&dt=Central%20de%20Ajuda%20-%20Serasa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=452172147&gjid=1463243623&cid=558910204.1648429102&tid=UA-34169623-7&_gid=1574561811.1648429102&_r=1&_slc=1&z=1507008247

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ajuda.serasa.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:58:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ajuda.serasa.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-34169623-7&cid=558910204.1648429102&jid=452172147&gjid=1463243623&_gid=1574561811.1648429102&_u=IEBAAEAAAAAAAC~&z=1046369511

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ajuda.serasa.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 28 Mar 2022 00:58:22 GMT
content-type: text/plain
access-control-allow-origin: https://ajuda.serasa.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 41ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34169623-7&cid=558910204.1648429102&jid=452172147&_u=IEBAAEAAAAAAAC~&z=2045279520

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 40ms
18ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34169623-7&cid=558910204.1648429102&jid=452172147&_u=IEBAAEAAAAAAAC~&z=2045279520

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK core.js Show response
cdn.agentbot.net/core/latest/ 778 KB
205 KB 193ms
193ms Script
application/javascript 45.55.193.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/dea6c07769c06d2043b5cb74146ddb86.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.55.193.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

48f06ee1e5c731e2cb399cbb155bf6ddddf9e446b949908ea1a0f94860097903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:58:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 23 Mar 2022 20:10:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "c28e6-5dae851862d2a-gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Accept-Ranges: bytes

GET
H2 200 hotjar-2469592.js Show response
static.hotjar.com/c/ 4 KB
2 KB 86ms
40ms Script
application/javascript 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2469592.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-29.fra50.r.cloudfront.net

Software

Resource Hash

3053f072c299ba5c602a07e0ec60683caa8a28d999e9fae7d83f015e2666fc6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/0e6cdabdc5e0b28d9c7998ee8ce2be1a
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1919
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-id: ibxABOM3pfyL-NK-_H2j8OG0dQkK0TXeDVewI7E1PILXlNNKkYj3Sg==

GET
H2 200 8fad440e59019b71fd5e921ba1cc5b016ed7c5ab.png
theme.zdassets.com/theme_assets/2029595/ 813 KB
814 KB 34ms
33ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/8fad440e59019b71fd5e921ba1cc5b016ed7c5ab.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db281fd66638c9ab7b33a100e64e0de5390f22775b4e2d60ded70b92139b4cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51250
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 832247
last-modified: Thu, 10 Feb 2022 19:23:01 GMT
server: cloudflare
etag: "bd4a4db1c9093aecdad305b13228b7f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5xqHxLdKytfmPk%2BrII2X9CQhnwb6GZ3%2F0mPzYkmK%2B2PfALflUWNXC0%2Bjqgyz81OaUNIb0LfHDlfmXQ6ai0UJVjQ4Lm1QWJMtThJdgmDCTLviQpSnottHI51j2CGYDXvmTU4fg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: OirBz0EkPwo3pOMqGwBRNDfzNtDK3_LJ
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac5dc25996f-FRA
x-amz-cf-id: s9UJUQN_SX6VTvGD7e3s9MJkvpNwPoN8D-hbH4RHFOAqEYSJPj4nXQ==

GET
H2 200 156d8223d35d2a3dbcab01e2f684395c4aaab3b2.png
theme.zdassets.com/theme_assets/2029595/ 534 KB
535 KB 35ms
33ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/156d8223d35d2a3dbcab01e2f684395c4aaab3b2.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

355af7a72abe9d0fddc9f846e1b39227b703cef7841e911a1b456012ef99c1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51250
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 546976
last-modified: Mon, 07 Mar 2022 17:56:22 GMT
server: cloudflare
etag: "aa1cf47d46ccd3117b4d14ca2c74babd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzVkCPaUKxTihWDuNtB0wFqrVsQVhL82DDxK3fTKGN3YfSqztHXzSxBMC7Jh1P09O5SAC87aKT9yT0a%2FzOm2sEKqWxWMNWuMYa6s1Ynz2gFmvFFQNapYUOJm6E6XUOZ6s1M%2BWw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 7.wizvkSBQGwT8mTZE_cDTdwaV8EwopT
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac5dc26996f-FRA
x-amz-cf-id: hbIq6DOT4elj98G1-QNzaA8v9b_g4KAfqFz69SjjL7iWaZPfjTJNWg==

GET
H2 200 5a7bc7b8b5a62dff1d0a093c5b49f24f515b9c62.png
theme.zdassets.com/theme_assets/2029595/ 256 KB
257 KB 17ms
15ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/5a7bc7b8b5a62dff1d0a093c5b49f24f515b9c62.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87a84ff16ce267e0081f72978fa8115b9a6347d2c61e8ed060b477f7bf6d4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51250
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 262301
last-modified: Wed, 08 Dec 2021 17:04:59 GMT
server: cloudflare
etag: "f02666b71c2b3089bb2c55160003fc04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tW%2BbyisAVnfhw%2FpynUEBSSbQbFNwcNvCfOJtRu36XOvHG4llJkeIEj2tmntvMHoyR7HTESspdBJLIF9mhruWViPIczKtmmY1uWF2tULEZcyJ5YKbIJfWp6%2BZD3yeohuEhocTaw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: FeVw2VhDEbaxudLaKsh9EHtmh6KOA7er
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac5dc27996f-FRA
x-amz-cf-id: hA1_YLSCLfhQeAnOK4NwJSjVtrUpMoFgEuQ1gC9tv_UwaJmLrMOEKg==

GET
H2 200 f49d791509d7c2822787ee26a6a7406651a34842.png
theme.zdassets.com/theme_assets/2029595/ 470 KB
471 KB 28ms
27ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/f49d791509d7c2822787ee26a6a7406651a34842.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc76748a38c10368c4acabef5e1209c3f8c01eadef696e1853d62c4238680641

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51250
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 481337
last-modified: Wed, 06 Oct 2021 18:33:58 GMT
server: cloudflare
etag: "5a758a15c946feca410eca92a9a1a5b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvOPQ6JSJC3WQZz10s4JkDFoIOTfpsVrbp2%2F7VUqlNzjWVA%2F5o07wQ%2FF8p6fFx0dbdlVVjCP79g9Kb5iuwBWUlqn%2BiRPCurmkrjn1Cgg5Nfd6ZwRhf79lXvJPKAZqHL4b4fLog%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: H1i6g3CK8zEyHyjePUHibMT8a8cFRD4g
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac5dc28996f-FRA
x-amz-cf-id: ppUwS2zotsnz8Ci2B1sIeU2VZDbhc8U7Mvcu_P4CKb1FhnjtdzEe4w==

GET
H3 200 pubads_impl_2022031601.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 26ms
10ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 21:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126823
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Mar 2023 21:10:14 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 72 B
97 B 37ms
22ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ajuda.serasa.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

dc477ab682fe2729d0dc4fadc416897b131f9209cef31fe5c8b675bdb99663e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72
x-xss-protection: 0
expires: Mon, 28 Mar 2022 00:58:23 GMT

GET
H2 200 037819dec697460dbaf4a0602d48d9fbf7946113.png
theme.zdassets.com/theme_assets/2029595/ 13 KB
14 KB 31ms
30ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/037819dec697460dbaf4a0602d48d9fbf7946113.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9c7baedd06f7f33523eddbcebaf0097fd79fea5ba8cb94708219cdece53c8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51249
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 13795
last-modified: Sat, 20 Feb 2021 18:02:41 GMT
server: cloudflare
etag: "9ca929e1ed6235e9f20888ccf5131aec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sowjJ18Ep%2F0zeGz0XrmPmJiIzbrkAieggRwQ0NXDbNIo1%2Flkbtiv9cdZJir59gqbo3I0XN6PHX2ZWBVwzJzt2juqtlpkZRh4sy2Nf7u%2BpeiuR71XU9Zvb9IbaY17NXJ0jfFjA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: o7pZKKfl.oIOgJ645OyVJnupPJDl.uLq
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac61c5c996f-FRA
x-amz-cf-id: xycyt7RMBn5kSlx7SeGiog8RzqgIvMyyFfzu0a9luFLJQvMlhaXwOQ==

GET
H2 200 e7884c65468981c2ae7d3fd43f0fb0bddf3b2e88.png
theme.zdassets.com/theme_assets/2029595/ 25 KB
25 KB 31ms
28ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/e7884c65468981c2ae7d3fd43f0fb0bddf3b2e88.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09ed48a519c9f3b7dab855482a34777c48bb101bf50a342a5097a8d98ea017fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51249
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 25288
last-modified: Sat, 20 Feb 2021 18:10:53 GMT
server: cloudflare
etag: "c86685546d75e268e16f556a11bf9b14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wJTWf6t%2BwqsqX246whc1fJ6F1ywun3DELsLBKawopl1ecy2%2BUosZYQ3NnK773Xn9kEdPsGRarETbC0x5eeD%2FLmhw1qjvXK%2BQTcYjbmocLFEfh4%2F8Y7z4FoH8ZxdDGA9U1yc3A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: iuFKXFN7iTcBbUOfjJ6xjyXbZJTVPBg0
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac61c5f996f-FRA
x-amz-cf-id: BSdKAxCHNiy3UYuT_zyXOkQJNEsFC2gKSZnitS1TpVKfJR2NYOO9AQ==

GET
H2 200 9902130d726f18ae10abf9ed0c087b096be812a8.png
theme.zdassets.com/theme_assets/2029595/ 6 KB
7 KB 31ms
28ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/9902130d726f18ae10abf9ed0c087b096be812a8.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5373bf741e48c0178dcf50863030fa1879cb1f28598bfb24d477f30711798dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51249
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 6561
last-modified: Sat, 20 Feb 2021 18:10:50 GMT
server: cloudflare
etag: "2ddeb6e2192b6c948961a4c87be6262a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bY7CrhpBIze0nd4EngWdWK%2Fks9jowv26rhqzitl2FoTUc7jPNmXgehx0ufvOmn6LEemiGxpYtndOQQdZsUI1khpqGzWxCjmv6gyv%2BafzphbNFMq2KicHbg8dNkNWb%2FH6GGjnnw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 14xtOyatxwrtOgGUMfqqOUFRxAuPqjPu
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac61c60996f-FRA
x-amz-cf-id: pIbHbWt8cG8HeGjKtyCFAlgR_ZE5FrnL5jRRNv1_S1VUTOtzdnUJOg==

GET
H2 200 4709872311c30887e271ae3aa6850df696959aa5.png
theme.zdassets.com/theme_assets/2029595/ 8 KB
9 KB 31ms
29ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/4709872311c30887e271ae3aa6850df696959aa5.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb7b1796bea6f1b91f79419468d04dec3743cc0f0a3a1b1970bb1ba47119b015

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51249
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 8508
last-modified: Sat, 20 Feb 2021 18:10:53 GMT
server: cloudflare
etag: "dc40cc16b8c731dfbe004211fc6a4956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWnLpsPDP9qtUEHkib5Lma9yIjE3ezsSIyqE6GnxicSFWPJzOqhZY1ME2G6%2FDG9eAvdPi%2FCgLM9j%2FyOOtEAc2KsAbdDaOyHHEDAEf0sGn0vX41deApK4o54P5z5ReV6u%2Fqt%2FlA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: u.G87FhFCdVvgUY9qyz3dNq72rzIgGOP
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac61c61996f-FRA
x-amz-cf-id: P_gVUJ7bMI8AG0JSucM8oChotsnqod57JNR6PwQrGloZ08QRAjO5Fg==

GET
H2 200 ae6fe4481dfb9ffb19b9871a3683906f2e3bb69d.png
theme.zdassets.com/theme_assets/2029595/ 13 KB
13 KB 30ms
29ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/ae6fe4481dfb9ffb19b9871a3683906f2e3bb69d.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbfd09eeeaf14f4585c0756c26991b614241adf5415c73095bdf8bbcd76178b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51249
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 13106
last-modified: Sat, 20 Feb 2021 18:10:51 GMT
server: cloudflare
etag: "9831aea53169d69245f7a999696d1785"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrTGI7JCl8GaPhgu%2B1QhvnNcKmjTLrL3Ao4n%2BMzScGvZc55SXD%2B6CWgiImGHn4nRTLGJ00YxHge7UckbPCyRipTm8L%2FN02jutL12d3Ml1E1NRAZbb%2FM3zVte%2FZZ%2BjYUHJzh17A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: hTvWwOvk.aMaw8pLI5PgeJOqvf4m_sWJ
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac61c62996f-FRA
x-amz-cf-id: g3W0mpP4oTjf-MPe_4OXyfcsC5JFWqR4MzGbfL99O_1ksNqKMFc4-g==

GET
H2 200 7af9998b9af947fa2bbc684baeff051c8ed400c9.png
theme.zdassets.com/theme_assets/2029595/ 20 KB
20 KB 28ms
27ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/7af9998b9af947fa2bbc684baeff051c8ed400c9.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84ff634c98316bf121ca699420497b8b1f6cc2b806c01e54c3b74d5f5de6f92d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51249
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 20004
last-modified: Sat, 20 Feb 2021 18:10:51 GMT
server: cloudflare
etag: "4d33f525d26132e5cb94928fa0c304dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYdVK0mReR3Z6CVJ%2FWrCovv8JuQg%2B3JO0nUn4LpTrKd2mvStCjFYkEFm1BZrI5bXblMcAihl5tg79FxgE4Ca57cwMP8A23om%2F7buov183LpiOIUoxQiwD%2BZEnvNia%2B%2FXNJ4%2FHw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: QV1YI1rbGM_32l6TX0fH8VfYaTtVbq4L
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6ac61c64996f-FRA
x-amz-cf-id: jyhxSlxkK2OipLYsBfLgb-GmfgcC99awau-ED4rahHlj2oYwQ06SGA==

GET
H2 200 a7cf9fd064d4f719e3ed5a0481bb5f5793e11e48.png
theme.zdassets.com/theme_assets/2029595/ 14 KB
14 KB 67ms
66ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/a7cf9fd064d4f719e3ed5a0481bb5f5793e11e48.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05ad3b768943f707a28a890757381563494068df29222c803cb43baba65488b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 a2255db944717fedb0da0026622f7e7a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: TXL50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 14278
last-modified: Wed, 03 Nov 2021 16:48:18 GMT
server: cloudflare
etag: "23940a86a311c5faaeba262d3c726a4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUtrPjLsmVTYl9CX%2FLIgmBtqBqlMdTMNY1gOUUzoSs10K7Dn7Pl6ECXQ2a%2F%2BUpVh52BBEnMtatGBucVc2ekLzbcE7csOs7ItPM5RjgMc7K7pVaWzy%2B8BbwdF%2F%2B3aEzUU08AXog%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 2yIepN3pmCXJZPJP2tDPT111GKuczOT2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6f2c6ac61c65996f-FRA
x-amz-cf-id: G9xd0adyORbFohKn5qREX4l0xKbLpdY_8wuCPIqfuky10kYQsfJnNw==

GET
H3 200 ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 4 KB
4 KB 40ms
21ms Image
image/gif 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ajax-loader.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2253003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3208
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-1052"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrsqTP%2FmPS8L49KKK9p158BLGRIZhAUX%2F5QYZ9O71buQKporBGTAzgLk0ecFjbXz0ZvhydSI3txmglGDK%2BeUqIUIWJjsZdNS%2BJN623V2gij%2BVHY5ptbN3J%2B1yqtsX%2FywEuoEqUJiOQO1mbtvdMGt%2BaZE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6ac658f30229-ZRH
expires: Sat, 18 Mar 2023 00:58:23 GMT

GET
H2 200 f6783010d5def128c4a1539333324f75701d9bab.ttf
theme.zdassets.com/theme_assets/2029595/ 168 KB
168 KB 23ms
22ms Font
application/x-font-ttf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/2029595/f6783010d5def128c4a1539333324f75701d9bab.ttf

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/
Origin: https://ajuda.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 a2255db944717fedb0da0026622f7e7a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51375
x-amz-server-side-encryption: AES256
cf-ray: 6f2c6ac63cd99a0b-FRA
x-cache: Hit from cloudfront
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
last-modified: Sat, 20 Feb 2021 03:03:20 GMT
server: cloudflare
etag: W/"58aef543c97bbaf6a9896e8484456d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHQgzyfrhsck%2FsvFhYEu1ucUTLsg80lMZT%2F9XRQrXadyxAp8m4p8FiXHpc%2FhqZ25qF8CykXAaE4c%2FpvLxYZ4wRI4LohkkbDn8qUyf3rG0G8GXZ40ThXfL6Y1lXOhtyI6YhooAw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: zAM6xFjeT4.7isikbchG3tBx3dFfYhNG
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: TXL50-P1
content-type: application/x-font-ttf
x-amz-cf-id: wi7FujDVmlT_b6vEDy2LFFBnhm8xXT0Rosi9LttUUe6KBY8TkXAmDg==

GET
H2 200 react-5fcaf0bc8b418fffbf611da1260ce6c9.js Show response
static.zdassets.com/hc/assets/ 135 KB
43 KB 32ms
32ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/react-5fcaf0bc8b418fffbf611da1260ce6c9.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-7955c470f9234e0807ae9209fcf364b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1ab87b85f9b4fe02797c9ff8dafbded313b0bde855d1535678619b001be0ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 479056
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: ZHEJRRVZY62RPKHP
x-amz-id-2: YoSBx2sEMcwoP1+c4X2cjABAilRk+qSqjVR3IrlBl8TTOt20AwGjl222TfEsrO3w1j/pYZtaKoA=
last-modified: Tue, 15 Feb 2022 11:51:49 GMT
server: cloudflare
etag: W/"0581f7f4a720b7916d91a4ac9d6e1c69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6khB7BJ2u0jF100%2Fuhut46iq5aP%2FzkXaLiEAXwdhwywTspVTu1VPifeHhZpV75mLMJaD09v5nwSpQLkqNy9WJQr27RZEpeArjvAT433Aho6l0vJyinRJKEp5IXMUpGaYtNbEr9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: hztrmkVtALc5SSxlwMiwdA7I_keHkOhC
cf-ray: 6f2c6ac6f99c3b73-CDG

GET
H2 200 Notifications-63922e28c8bfdf63416b2b41e0ea7f65.js Show response
static.zdassets.com/hc/assets/ 6 KB
3 KB 28ms
28ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/Notifications-63922e28c8bfdf63416b2b41e0ea7f65.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-7955c470f9234e0807ae9209fcf364b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0d698c86182256bf48108d7ac3847b43b5c33f273075cd86061e8fdb7c6fadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 479056
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: ZHEQQ060SKSGSEH6
x-amz-id-2: 9JNFgwe/OIMjiRIOPKecEB3+fBaZjgFSE2/YUwLylkuAWIgQwxyfAETvvmaE7wMHelTcMfBtQ98=
last-modified: Tue, 15 Feb 2022 11:51:41 GMT
server: cloudflare
etag: W/"f13d0cedc4ab82fde720ba3aae9e8f50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keH1dqxAMd6dncac7IjMz%2F04B26AYPjwy%2F8NzGzlQZYVLYen6bATuei6gPCdFnDFcj1%2FzqH9iYnSPYXJU%2Fw%2F4GUJZGtwBRKA0kbg%2FioR2MSWzSkwBf54FU0W%2BNhDk%2F2FmAEis8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: gYPRwt5qn3EUWRTnys531w4pHGJX7kdw
cf-ray: 6f2c6ac6f99d3b73-CDG

POST
H2 200 activity
ajuda.serasa.com.br/hc/ 0
0 218ms
218ms Fetch
text/html 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/hc/activity

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-7955c470f9234e0807ae9209fcf364b0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-envoy-upstream-service-time: 4
zendesk-api-version: 2022-01-01
x-xss-protection: 1; mode=block
x-request-id: 6f2c6ac7246f081c-SEA, 6f2c6ac7246f081c-SEA
cf-ray: 6f2c6ac6fa27081c-CDG
x-runtime: 0.002482
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
x-zendesk-zorg: yes
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rGQlpMJYp95pSSrlezsA9DIQk1L7U4mzS0IkLv0QOgnYixBrAcQGyi5ELYAzyIJcptg4nJ%2F56mGCvDDNieBW0qTDYvtIgqX4UnOlh3qYTY%2BAkh9QYQste6eJDEgViV5t4nXHpc%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
content-type: text/html

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 71ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ajuda.serasa.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 53ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ajuda.serasa.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 41ms
15ms Script
application/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2469592.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-104.fra50.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1526177
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: idDyJYy-B5l-DtmXkfI4dncBu0KzlQ7-pvl9ZbvxHwqhAt78cRAy5g==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 246ms
245ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=617808497185145&correlator=1596495907635752&eid=31064927%2C31065750%2C31065803%2C31060033%2C31065550&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=281426761%2Cserasa_centralajuda%2Ccentral_ajuda_home_anchor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&adks=2448804960&sfv=1-0-38&ecs=20220328&fsapi=false&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1648429102666&lmt=1648429102&dlt=1648429101690&idt=895&biw=1600&bih=1200&adxs=436&adys=1110&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fajuda.serasa.com.br%2Fhc%2Fpt-br%3Fcm_ven%3DExactTarget%26cm_cat%3DEM_LNO_FEIRAOMAR%25c3%2587O_SEMANA4_MIDKIT_REPIQUE%26cm_pla%3DAll%2BSubscribers%26cm_ite%3Dhttps%253a%252f%252fajuda.serasa.com.br%252fhc%252fpt-br%26cm_ainfo%3D%26%26%26%26%26&frm=20&vis=1&scr_x=0&scr_y=0&psz=1160x564&msz=1600x-1&fws=512&ohw=0&ga_vid=558910204.1648429102&ga_sid=1648429103&ga_hid=2120968709&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

26e28ff42e0512e4b9cbe7211265ed6521ac2d171ba2cebe085f68c54a9e7c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8107
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ajuda.serasa.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2D19 6 KB
4 KB 53ms
16ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 28 Mar 2022 00:58:23 GMT
expires: Tue, 28 Mar 2023 00:58:23 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
13 KB 1169ms
1169ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=617808497185145&correlator=1596495907635752&eid=31064927%2C31065750%2C31065803%2C31060033%2C31065550&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=281426761%2Cserasa_centralajuda%2Ccentral_ajuda_home_leadeboard_top&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=2&adks=3459443915&sfv=1-0-38&ecs=20220328&fsapi=false&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1648429102677&lmt=1648429102&dlt=1648429101690&idt=895&biw=1600&bih=1200&adxs=436&adys=912&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fajuda.serasa.com.br%2Fhc%2Fpt-br%3Fcm_ven%3DExactTarget%26cm_cat%3DEM_LNO_FEIRAOMAR%25c3%2587O_SEMANA4_MIDKIT_REPIQUE%26cm_pla%3DAll%2BSubscribers%26cm_ite%3Dhttps%253a%252f%252fajuda.serasa.com.br%252fhc%252fpt-br%26cm_ainfo%3D%26%26%26%26%26&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x2836&msz=1600x0&fws=0&ohw=0&ga_vid=558910204.1648429102&ga_sid=1648429103&ga_hid=2120968709&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

022c42f4d38c83e28b31096049d84e4280455cf5e29035fa4d051b7830cf4878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13079
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ajuda.serasa.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame C1AE 2 KB
1 KB 33ms
7ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2469592.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: WzVQ7iPxPPCs-p2Nw0jf1fcMfPmRyrGc6EdTbMZ-kcJo7Y6Pc8fN0Q==
age: 4464377

POST
H2 204 result Show response
ajuda.serasa.com.br/cdn-cgi/bm/cv/ 0
488 B 20ms
19ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ajuda.serasa.com.br/cdn-cgi/bm/cv/result?req_id=6f2c6abf2e73081c
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f2c6ac84ab9081c-CDG
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmjA0Px3vt4Be%2FLCcbZba6%2B3B6MFCH0U0QcTuE4RDbN1NljF8SldbjKE13bqN9GQQrCETCylBqLloAhMIwvtmljvW42yaXDMnFKDA2dpCK9pssf5t3IVJMG0JVcoHHoEG3ilPW8%3D"}],"group":"cf-nel","max_age":604800}

GET
H2 204 2469592 Show response
vc.hotjar.io/sessions/ 0
257 B 75ms
38ms XHR
text/plain 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2469592?s=0.25&r=0.11456801948735973
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: uPGUrZfo1kUh-xJUAFiwbz9vo5bi8HyzDxk3sjn3l2Mx3MYsIYlpDg==

GET
H/1.1 206
Partial Content notify.mp3
agentcore.s3.amazonaws.com/production/assets/ 25 KB
26 KB 435ms
129ms Media
audio/mpeg 54.231.196.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agentcore.s3.amazonaws.com/production/assets/notify.mp3
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.196.241 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 87d98603dabb39384e5aecd9614fe72adcf8f60670e5efc1262a2596b680a519

Request headers

Referer: https://ajuda.serasa.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 28 Mar 2022 00:58:24 GMT
Last-Modified: Fri, 04 Nov 2016 18:53:08 GMT
Server: AmazonS3
x-amz-request-id: 9T0XJBZTFKB18TY8
ETag: "2a368218786dd80e3802ef4e5396686d"
Content-Type: audio/mpeg
Content-Range: bytes 0-26068/26069
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 26069
x-amz-id-2: i104J9Qxvsu++UiAOZNgJYewTmEseTKfvvIujABcbZ9oTEvbEacUZYm9hliSlvGTBPR6vFE4vlo=

GET
H2 200 u Show response
adapter.aivo.co/api/v1/dea6c07769c06d2043b5cb74146ddb86/settings/ 14 KB
11 KB 165ms
127ms XHR
application/json 143.204.98.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adapter.aivo.co/api/v1/dea6c07769c06d2043b5cb74146ddb86/settings/u?host=https%253A%252F%252Fajuda.serasa.com.br%252Fhc%252Fpt-br%253Fcm_ven%253DExactTarget%2526cm_cat%253DEM_LNO_FEIRAOMAR%2525c3%252587O_SEMANA4_MIDKIT_REPIQUE%2526cm_pla%253DAll%252BSubscribers%2526cm_ite%253Dhttps%25253a%25252f%25252fajuda.serasa.com.br%25252fhc%25252fpt-br%2526cm_ainfo%253D%2526%2526%2526%2526%2526
Requested by: Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-28.fra50.r.cloudfront.net
Software: nginx / PHP/7.4.28
Resource Hash: e6d6d991f87745c3b43c21176cd9d3b0993fb03bc25387b44b15ab7a95a06b6d

Request headers

Accept: application/json, text/plain, */*
Referer: https://ajuda.serasa.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PHP/7.4.28
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization, X-TS-AJAX-Request, X-Token
x-amz-cf-id: kiySHQAzwPHrvtkwCf9sYKN10PvL80Q9YvKd2dI1aqS_nAwJvJQfww==
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)

GET
H3 200 container.html Show response
2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A5E0 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Mar 2022 00:58:23 GMT
expires: Tue, 28 Mar 2023 00:58:23 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E6EA 624 B
974 B 40ms
17ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjm9qO-ATAB&v=APEucNW1L-wbhHAf0zFCycAbtmHYlLOlLlkUeadjK-iMRF2gF7237BlpkG6ENnJxBCytE9d7dmFVGRlu6kkI-PC6wbFcxTW_9OvPhXf1BoxAC9g4tLBSYrOeTrHh45JeV-3Ne36LiyFigWN5rw5YzM0J1efXfuJxatktGRcTv9z1AGmxGEwOcGU

Requested by

Host: 2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com
URL: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 28 Mar 2022 00:58:23 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Mar 2022 00:58:23 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A5E0 82 KB
33 KB 76ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8xtyzgf4JH3kFDv5SviKLKcEehisq7XS52TZMAIEYZ4pOuHKCtJM0ZNm9POtwfv8OP7sArNcQQzdqu4OmgO_gBMzrLVUbbABKM6tgPAxug3EPbQSHZS97IXZ2zm9jun57wvX3chu8Y_FvXbufSk7X-k8Uvw&dbm_d=AKAmf-DhTsgEZjTGGdkSO4k4CZ1Nlfg_ozpKKz0MtuBuSfSKq8lCYNy2W_jO8ZddceLWZKx51WJ4wMug-ThZMdSl2YqCc-ZKsMRpe2rSo8qrFEn5T1jr_XlyPds0NKlQ0YuVJCXGcIlJygfviuVKj2_QALSViaMJACtzXCJeRL8SMZL4ReBG-e9HsCfixyEHyu1ExOn91UEHziGdlwVYisUpK7hPrNRwZ3ZT4ARk9OFpr-xjSPcomX30_uDA5FyqOk_mPWIiauMNYUMFsEr4U8mMGE22pZv0XoU87Ie_ocR1r3_ePtoHf4MYz647RIXw7t8NkXGX94IcputNEoK84rOH7uHQIU2yFt7pGmaCmju8QjjiplbDZ-JN4EeBRWD63FdIylrwj7iMgYomnq6CzbKjWSVZk45PyERRN0iTGlQ44z3eWKCyIMF9Dk3EjXdP1IO5pbqEnstLdVXBKNQ_eK745caBPSdrcsG_ApRRgIAbvb-zj54vbI7Wv1J9ELrIcIPiS3lM2AzdDhKlgBsQumBgL4IHTV-dSedsVx9qTX0YLj9BaJpnf3WPrCt0hA94Ldws6GnE0Q9zb-SVS4IT6RQZSyLG3bm7aPjCtBB1cc7AIZw_mRC-k2N2Q22-nHf9yVLdGkQwoWfeZ7QVubz8y6YKTw_st4b_S5YWcxiHc5ksyIlNBg3BF4xEB5iUoXn4fLiN-VM7kD7-o0fu-Ve7voMxPoHxO1TkbQzccF04JN0WH_cScIN1noli4df8kLMyUyRsLhqMLx37yDwpMKkIMBf84E7sFayiYhARzSqR_K6ff8Md3QP61gdRXwnnJYFaig-8RJaQUK5zvDlF8xiD0t73dO_bGGoKOFpQlvAmPZc1cOKBjyfinGZL3caFGCHTTjzt0PRskYFv2NNjtz3V_NVKbQRjpaUaXfBPBBmo0BxzEYoEF447GMskS5bAn5rY7HpN7eY33MDUVn2stSWw_Piexvl4UMT0JkwqxL4dX64Ybotuz5epkAdM_4yVJWtBKVsAcv27j5eZhYLd7jBLOGkg-1v0242QCb0PYbyZKOcU3IDzejk9_1K1yyl7_UT2LFGnlZAVJlZfYYAlosnSc_ToAu6vtJt9kBTmtuy22mkYpomCOB-A-sHuv__FtG1xC-_44qtB0Wylm4eb4kiYEAfF975ZVOwGANotXyfdOWuszztbeI0PovtbndFPUyZfKDE0s7JnB5HVFaRTB648Jv-BSoLzJKnqFi7KDH-3u7lWkofUaCT7kPZwzUDQSkxQcQbbWjxumXCJe1rWeiT-mG1Bs7Rw0oYU8REQQDMfGt1GKhQHi4ph0yi6OVOoQY5iw8vLYTNKnM-OjRy9aGfH62X-FBsuBn8hTCsR7OwFyHEGw3IjJycwrtmCTwW5CpfZYiI6-AJ3ixiSE5tDmum5FkXBvHiHAvX8mFbZFfF9MSDh6QuvZ1EexMYoxDSNEVRW5ba9dxyp1uzaWNiEG-2tFvYDeR8fhZlZ5ORZPQ9xEyQE-r2dA2T0bnw-sgr23MGy9bBZP4i0z0C6AP9Xmjp4HWblOHXrLEwO6rboB6zA0M0Y-TobZu9szP7yeqP_G2cWOa3lD6QkZKmyZfpWA_st4yE29C80BJFFKVJZbTIBJ2aVk2HAs8VaJtQkdpiz7T-DNL374ykuwQcf2ELF20KZn3RcoPaIc3A8rJAsx4mema0vxM39F-2RCT_LPc8JqYoGs3NpLWXeRCzyz5KxuawpyQBKtH7aaBAqCn0lUJ6E3i8Zloi-MPy3TzLYHPFkohUpBP_v-tQ9PJ-jlHlHVqHHrs0WHw_vqcF8EV03-gj1lfi9dKOyWOpVuXQsbYJn-A9BmOm6kQ7pas0shy8FI23R-SBXUKjBBFYVDHT5Qw0yK055plhFf10zZ_G-BmOWpo10Cg2t1F93rjoFaEvpPh_6MSIzIUVwrcm9WgwLz-zOO9WjRkLY52PTahMbaBp-4QOaUVopxsORnUI1v4c7peRfPR-cbn3Nwjirsk3eC6VrSGceWQru6jdR-HswOLVQU_TACW1BeCNnemfJw6K2cRuAKw78n3we0s94-_omOlnbrhfV8RDko5vCeWWtmiVYnS2KoF9rqhb2Lmyli9otEH-ayGgMiO3nc7vTJ2OFrO1zU9fMqKliBHuTQIDod7yl2x9CLiSTA9PEBMkmRDuGhfiYyCoUJ3XMxQ6UhzvS-LkEAJIPr6DUF844gc71T-Woymwgxqr1kYZU144cQStXWt8fy8LQE3uTXHyD5me6IFnHQjQPdJx_sz31ollsBN_ki8Uj0kYGcTWbbXmHpKkqRoB5xZQ1gnDX5plg4Y3v3smxfXAXF79hU2g5Q1yRzEERPrFirlgwPa4Ie9CkBZuDPmkm-_cm-0JhE5qxCgAHJPuo6R-GBZVRd4PjD9IvEx9apELB0DvNYhbCBCWrXkYNVpsdD9jvBwARpuxicAKL_QvJ0cd4vwOjI5pYBTvKqF_DAzUioKC9A1CQiAWuBQ-69hJyz_0g0xVPEPGTNj7RHtD_MILSJ1ahrRUifaZufXy6kxZHO1ktKcmL1g5BmTjOGK6tfo5__NHGAlIuy217akS238R9Oe3T4zosqPajjk5aP8Qa-QR7KsbcLKjEkJozG-ZQITvAw48i9cLF2jOmo-L_s1NzeVNAMRQVKliMrtavC6sRHkty4opqBbErpGvKD4bcJoyItT4wJKUGnBSFLOuYh9GXYv8oPsBieLmdVRjOwXQpVqIYxKD2eMiYCcjQpxuA5yy4iDo7MBeiMXIO_tNMsIlJyq_Bq2Bs9T9YZ5xXmNeBD_LZL8GJgwBjPe2ElxItWVaD_n2F7ZdBjPVWhE1TcwPPMjeto2JhAOkl8mIXzXQqIW3GopdtW-oeTGrJSZhQHg5N7y74mWFYLl_PtVdhSMCDAXo1168Dm5YHjjFfeR-BoKybLynkDAwCyJ8QZOB1uoHjDaRcC574wVaHkPNhp2PHf0OPjmAEmgknQg5rBYHNLXiwhZIoN_H_uA41v6i2VH8kKqI7dOSthgMNJ9e8kWaJwvXyOMCK6Tm0O-oNdQku9NuRZphQpgr8NsUEHypSXMKyufib1WqeIv8krNdvlPfVWH0Jqtl_0aF6TY3D-Bogy2okZtaxgTQtr8M_2bujzVBqTEkLZQtUHi4XzRodhD-g-NrVMSojR45v99sTbCFc33G2zNpT8XECA_rBqdSaO6lhZ82_9Vyf8c_DeX1bRZwOGlG4XViRbNrR23_TFDbpmg6dMqooBuaiCzmXegXiHkDxLcT1i1meZA&cid=CAASJ-RoHBtVzvgYJV-HLyQZi8Dk8C4Bc8Ujwir5-Z8CHiSnyWzn1YGz7w&rfl=1%2Chttps%253A%252F%252Fajuda.serasa.com.br%252F%240

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d62902c1b51c35c475d8ecff58e6704db694cb3267aae663bb4a0b57a040e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33495
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A5E0 42 B
494 B 63ms
27ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bwoj-Wn83YRBYCsjFHvPwTm48--5wBPtJwCVn8AZQwjE99lwgKylKlmZFUy6n4eerJGkG7rDhMZ99Gk0rW6PLIP9yWWxEZabAunFI9dQhuBkBxsbI

Requested by

Host: 2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com
URL: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:58:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame A5E0 2 KB
1 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com
URL: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:40:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5E0 119 KB
37 KB 51ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com
URL: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Mar 2022 00:58:23 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame A5E0 15 KB
7 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com
URL: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:56:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A5E0 0
0 31ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaShweY2K06EtflATSCwb4KblPbmmsQS40uat44iUaXT9cg4heRnM8Rx6JMwf5EtclaoTzQbfBVvNu4aM1W5MrezBFakrw
Requested by: Host: 2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com
URL: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E6EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGngsAbgRkrMWq75PAzEhgM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGngsAbgRkrMWq75PAzEhgM&google_cver=1&C=1

43 B
894 B

24ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGngsAbgRkrMWq75PAzEhgM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjm9qO-ATAB&v=APEucNW1L-wbhHAf0zFCycAbtmHYlLOlLlkUeadjK-iMRF2gF7237BlpkG6ENnJxBCytE9d7dmFVGRlu6kkI-PC6wbFcxTW_9OvPhXf1BoxAC9g4tLBSYrOeTrHh45JeV-3Ne36LiyFigWN5rw5YzM0J1efXfuJxatktGRcTv9z1AGmxGEwOcGU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:58:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:58:23 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:58:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGngsAbgRkrMWq75PAzEhgM&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 28 Mar 2022 00:58:23 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E6EA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkEIL.1M6fx6ancCRuLXDwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwBU6-dC8D_6yrRsL1mELA&google_cver=1&google_hm=2

43 B
894 B

23ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwBU6-dC8D_6yrRsL1mELA&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjm9qO-ATAB&v=APEucNW1L-wbhHAf0zFCycAbtmHYlLOlLlkUeadjK-iMRF2gF7237BlpkG6ENnJxBCytE9d7dmFVGRlu6kkI-PC6wbFcxTW_9OvPhXf1BoxAC9g4tLBSYrOeTrHh45JeV-3Ne36LiyFigWN5rw5YzM0J1efXfuJxatktGRcTv9z1AGmxGEwOcGU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:58:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:58:23 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:58:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwBU6-dC8D_6yrRsL1mELA&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E6EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJqJPoEhbXgBGKxeR91Dyts&google_cver=1

43 B
1002 B

39ms
13ms

Image
image/gif

185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJqJPoEhbXgBGKxeR91Dyts&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjm9qO-ATAB&v=APEucNW1L-wbhHAf0zFCycAbtmHYlLOlLlkUeadjK-iMRF2gF7237BlpkG6ENnJxBCytE9d7dmFVGRlu6kkI-PC6wbFcxTW_9OvPhXf1BoxAC9g4tLBSYrOeTrHh45JeV-3Ne36LiyFigWN5rw5YzM0J1efXfuJxatktGRcTv9z1AGmxGEwOcGU

Protocol

HTTP/1.1

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:58:23 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8f186922-4516-426c-81d8-23e2faf420f1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:58:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJqJPoEhbXgBGKxeR91Dyts&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E6EA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0NjIyODQzODYyMjE5NTQ0MA%3D%3D

170 B
188 B

32ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0NjIyODQzODYyMjE5NTQ0MA%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:58:23 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6c0f371d-e833-45f6-a310-6a950dc96b89
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0NjIyODQzODYyMjE5NTQ0MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame A5E0 169 KB
59 KB 64ms
8ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
Origin: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 19:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Mar 2022 19:19:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/ Frame A5E0 8 KB
3 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8xtyzgf4JH3kFDv5SviKLKcEehisq7XS52TZMAIEYZ4pOuHKCtJM0ZNm9POtwfv8OP7sArNcQQzdqu4OmgO_gBMzrLVUbbABKM6tgPAxug3EPbQSHZS97IXZ2zm9jun57wvX3chu8Y_FvXbufSk7X-k8Uvw&dbm_d=AKAmf-DhTsgEZjTGGdkSO4k4CZ1Nlfg_ozpKKz0MtuBuSfSKq8lCYNy2W_jO8ZddceLWZKx51WJ4wMug-ThZMdSl2YqCc-ZKsMRpe2rSo8qrFEn5T1jr_XlyPds0NKlQ0YuVJCXGcIlJygfviuVKj2_QALSViaMJACtzXCJeRL8SMZL4ReBG-e9HsCfixyEHyu1ExOn91UEHziGdlwVYisUpK7hPrNRwZ3ZT4ARk9OFpr-xjSPcomX30_uDA5FyqOk_mPWIiauMNYUMFsEr4U8mMGE22pZv0XoU87Ie_ocR1r3_ePtoHf4MYz647RIXw7t8NkXGX94IcputNEoK84rOH7uHQIU2yFt7pGmaCmju8QjjiplbDZ-JN4EeBRWD63FdIylrwj7iMgYomnq6CzbKjWSVZk45PyERRN0iTGlQ44z3eWKCyIMF9Dk3EjXdP1IO5pbqEnstLdVXBKNQ_eK745caBPSdrcsG_ApRRgIAbvb-zj54vbI7Wv1J9ELrIcIPiS3lM2AzdDhKlgBsQumBgL4IHTV-dSedsVx9qTX0YLj9BaJpnf3WPrCt0hA94Ldws6GnE0Q9zb-SVS4IT6RQZSyLG3bm7aPjCtBB1cc7AIZw_mRC-k2N2Q22-nHf9yVLdGkQwoWfeZ7QVubz8y6YKTw_st4b_S5YWcxiHc5ksyIlNBg3BF4xEB5iUoXn4fLiN-VM7kD7-o0fu-Ve7voMxPoHxO1TkbQzccF04JN0WH_cScIN1noli4df8kLMyUyRsLhqMLx37yDwpMKkIMBf84E7sFayiYhARzSqR_K6ff8Md3QP61gdRXwnnJYFaig-8RJaQUK5zvDlF8xiD0t73dO_bGGoKOFpQlvAmPZc1cOKBjyfinGZL3caFGCHTTjzt0PRskYFv2NNjtz3V_NVKbQRjpaUaXfBPBBmo0BxzEYoEF447GMskS5bAn5rY7HpN7eY33MDUVn2stSWw_Piexvl4UMT0JkwqxL4dX64Ybotuz5epkAdM_4yVJWtBKVsAcv27j5eZhYLd7jBLOGkg-1v0242QCb0PYbyZKOcU3IDzejk9_1K1yyl7_UT2LFGnlZAVJlZfYYAlosnSc_ToAu6vtJt9kBTmtuy22mkYpomCOB-A-sHuv__FtG1xC-_44qtB0Wylm4eb4kiYEAfF975ZVOwGANotXyfdOWuszztbeI0PovtbndFPUyZfKDE0s7JnB5HVFaRTB648Jv-BSoLzJKnqFi7KDH-3u7lWkofUaCT7kPZwzUDQSkxQcQbbWjxumXCJe1rWeiT-mG1Bs7Rw0oYU8REQQDMfGt1GKhQHi4ph0yi6OVOoQY5iw8vLYTNKnM-OjRy9aGfH62X-FBsuBn8hTCsR7OwFyHEGw3IjJycwrtmCTwW5CpfZYiI6-AJ3ixiSE5tDmum5FkXBvHiHAvX8mFbZFfF9MSDh6QuvZ1EexMYoxDSNEVRW5ba9dxyp1uzaWNiEG-2tFvYDeR8fhZlZ5ORZPQ9xEyQE-r2dA2T0bnw-sgr23MGy9bBZP4i0z0C6AP9Xmjp4HWblOHXrLEwO6rboB6zA0M0Y-TobZu9szP7yeqP_G2cWOa3lD6QkZKmyZfpWA_st4yE29C80BJFFKVJZbTIBJ2aVk2HAs8VaJtQkdpiz7T-DNL374ykuwQcf2ELF20KZn3RcoPaIc3A8rJAsx4mema0vxM39F-2RCT_LPc8JqYoGs3NpLWXeRCzyz5KxuawpyQBKtH7aaBAqCn0lUJ6E3i8Zloi-MPy3TzLYHPFkohUpBP_v-tQ9PJ-jlHlHVqHHrs0WHw_vqcF8EV03-gj1lfi9dKOyWOpVuXQsbYJn-A9BmOm6kQ7pas0shy8FI23R-SBXUKjBBFYVDHT5Qw0yK055plhFf10zZ_G-BmOWpo10Cg2t1F93rjoFaEvpPh_6MSIzIUVwrcm9WgwLz-zOO9WjRkLY52PTahMbaBp-4QOaUVopxsORnUI1v4c7peRfPR-cbn3Nwjirsk3eC6VrSGceWQru6jdR-HswOLVQU_TACW1BeCNnemfJw6K2cRuAKw78n3we0s94-_omOlnbrhfV8RDko5vCeWWtmiVYnS2KoF9rqhb2Lmyli9otEH-ayGgMiO3nc7vTJ2OFrO1zU9fMqKliBHuTQIDod7yl2x9CLiSTA9PEBMkmRDuGhfiYyCoUJ3XMxQ6UhzvS-LkEAJIPr6DUF844gc71T-Woymwgxqr1kYZU144cQStXWt8fy8LQE3uTXHyD5me6IFnHQjQPdJx_sz31ollsBN_ki8Uj0kYGcTWbbXmHpKkqRoB5xZQ1gnDX5plg4Y3v3smxfXAXF79hU2g5Q1yRzEERPrFirlgwPa4Ie9CkBZuDPmkm-_cm-0JhE5qxCgAHJPuo6R-GBZVRd4PjD9IvEx9apELB0DvNYhbCBCWrXkYNVpsdD9jvBwARpuxicAKL_QvJ0cd4vwOjI5pYBTvKqF_DAzUioKC9A1CQiAWuBQ-69hJyz_0g0xVPEPGTNj7RHtD_MILSJ1ahrRUifaZufXy6kxZHO1ktKcmL1g5BmTjOGK6tfo5__NHGAlIuy217akS238R9Oe3T4zosqPajjk5aP8Qa-QR7KsbcLKjEkJozG-ZQITvAw48i9cLF2jOmo-L_s1NzeVNAMRQVKliMrtavC6sRHkty4opqBbErpGvKD4bcJoyItT4wJKUGnBSFLOuYh9GXYv8oPsBieLmdVRjOwXQpVqIYxKD2eMiYCcjQpxuA5yy4iDo7MBeiMXIO_tNMsIlJyq_Bq2Bs9T9YZ5xXmNeBD_LZL8GJgwBjPe2ElxItWVaD_n2F7ZdBjPVWhE1TcwPPMjeto2JhAOkl8mIXzXQqIW3GopdtW-oeTGrJSZhQHg5N7y74mWFYLl_PtVdhSMCDAXo1168Dm5YHjjFfeR-BoKybLynkDAwCyJ8QZOB1uoHjDaRcC574wVaHkPNhp2PHf0OPjmAEmgknQg5rBYHNLXiwhZIoN_H_uA41v6i2VH8kKqI7dOSthgMNJ9e8kWaJwvXyOMCK6Tm0O-oNdQku9NuRZphQpgr8NsUEHypSXMKyufib1WqeIv8krNdvlPfVWH0Jqtl_0aF6TY3D-Bogy2okZtaxgTQtr8M_2bujzVBqTEkLZQtUHi4XzRodhD-g-NrVMSojR45v99sTbCFc33G2zNpT8XECA_rBqdSaO6lhZ82_9Vyf8c_DeX1bRZwOGlG4XViRbNrR23_TFDbpmg6dMqooBuaiCzmXegXiHkDxLcT1i1meZA&cid=CAASJ-RoHBtVzvgYJV-HLyQZi8Dk8C4Bc8Ujwir5-Z8CHiSnyWzn1YGz7w&rfl=1%2Chttps%253A%252F%252Fajuda.serasa.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:52:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:52:18 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame A5E0 25 KB
9 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:51:50 GMT

GET
H/1.1 200
OK core.10.9e97a1b6a7cdde34a848.js Show response
cdn.agentbot.net/core/6.6.0/ 15 KB
5 KB 203ms
203ms Script
application/javascript 45.55.193.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.agentbot.net/core/6.6.0/core.10.9e97a1b6a7cdde34a848.js

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.55.193.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a79823d2f8bafee2203c97bc65c9ccd8db935bec598b3f66aa07b1874b282adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:58:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4103
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 23 Mar 2022 20:10:17 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "3b2f-5dae85177584a-gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Accept-Ranges: bytes

GET
H/1.1 200
OK core.9.9e97a1b6a7cdde34a848.js Show response
cdn.agentbot.net/core/6.6.0/ 7 KB
3 KB 284ms
96ms Script
application/javascript 45.55.193.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.agentbot.net/core/6.6.0/core.9.9e97a1b6a7cdde34a848.js

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.55.193.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

147081d0991bf7a44054f9336f60082a2af9637d551c3a02e1536ae292252a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:58:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2307
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 23 Mar 2022 20:10:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "1c74-5dae8518419ea-gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Accept-Ranges: bytes

GET
H2 200 icon
fonts.googleapis.com/ 569 B
868 B 40ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:58:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 00:58:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 00:58:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
700 B 41ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:44:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 00:58:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 00:58:23 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
691 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@600&display=swap

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abbd3d9df6edb6982ac43bbeb61514366582e777e1b501e55f3f9071ffd15f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:58:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 00:58:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 00:58:23 GMT

GET
H3 200 emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ 192 B
560 B 36ms
19ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 574590
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19137-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f2c6acadc860219-ZRH

GET
H2 200 / Show response
apibot.agentbot.net/REST/loadscript/ 16 B
232 B 334ms
108ms XHR
application/json 54.161.229.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apibot.agentbot.net/REST/loadscript/?token=dea6c07769c06d2043b5cb74146ddb86&hash=d5f78e56e27f70f2c2dbadaea0089f33&_=L9UOJVWN-MRZM-PLGW-HXYW-1648429103132
Requested by: Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.229.54 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-229-54.compute-1.amazonaws.com
Software: Apache /
Resource Hash: fba8081592823cd3fc4cf67ce7b816c03e9937eab2a96be9796d2b9c5bbad553

Request headers

Accept: application/json, text/plain, */*
Referer: https://ajuda.serasa.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
server: Apache
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://ajuda.serasa.com.br
access-control-allow-headers: Content-Type
content-length: 16

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A5E0 41 KB
15 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com
URL: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 15:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Mar 2023 15:10:47 GMT

GET
DATA 200
OK truncated
/ Frame A5E0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2aa290fb06dfad80246b49a16dc682222d974001ec6311ba2e40fb76ce3a01c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/9662617309075734528/ Frame 77D7 47 KB
11 KB 41ms
15ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9662617309075734528/728x090.html?e=69&leftOffset=0&topOffset=0&c=HeF2hfJyNU&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b156b80987d17638caf5a185b8d11df46f6c5fb5b7478c9976dd889c2767965d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Mon, 28 Mar 2022 00:58:23 GMT
expires: Tue, 28 Mar 2023 00:58:23 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 11 Jun 2021 18:35:36 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A5E0 0
571 B 71ms
29ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv36zDCBN5AHFmrXQXGUvRS6-yUBJUguLhM-hHn_zuaAtq_JmUWW8U6_vBz1zVWJzy2m8PNHh0vm67Rl3uJpzi_EUstTti-vlQ-HYHzw34lTgbv7Dsslb5qsLkuR1zfQAqq4NLJC1dZ76hYfr64q9UHKd8lySS9hu5SdUpern7Hq0bsPEZYpLPzk6ppsbVVaKYq91YgOSYlNso7XZhLnwklOmPS0WbsHbRUvtccQJKMyj0JrVWPwdlPtgB_d0LnRXFzOuUb5uzh1IBHjuIN5FbT0Xf4qKr1a0lURAitmjw2sekN7-PyAD61T2uRMjzwZpEEJ7GwAt80c0tC9Ln8UMvVKqlJWbbYB5dMFwLN7GDqnyCMCC7BsA_8d8mVXoknpqYIC4IPyaIMfDw7SoDNGmDUd-8G8VH7NlUVGbRD1b_4G7KD69V9sgur_7pZNUb1JjahEmSTgGDcbyiHm2FHY1js9DKh0EKJGG6O8Bion_iZlh_qNbdAJdiglW5I59vsd7Mfei1v3Vzs3FUCMloSPRXodcJ1wxFri_yDt1As7UiigoPn4Zt-JAba-1zfwAN5C6VyS37mA52X_njaL3GWIIfooqsMd9Hj7We1bPC89CdFqNlKfDDLaUcdPxjWQpUWeVKtYTQLhrefnj8yDoBMze0A-oxOpn6ZhIgmj8iemZtSH5KqMR835KY9lbQu8XpR8iPQCv_ZprEBBfl52FG7-WuSvfI5LeQZSZbg1CTMcYgMw8_tntHucUR2huxavSQ69OHb3fNvjdAmbso_BPcAQujY1omrKrmB0EgkqVnIuqSAJjzg3YDjFJ2VbaujwE6Iu6zN2TWkw29rlhJfFq4Et6AT0d8mMrAvIq8a93Ev4xh_HWbJDxUvGb0fFqTbyrCo3DpvC-MxHjXrxZCb2JlKPEtGFH_B6nOp3BAfZOwrXrW0qKCpUKUc-7tmWN4H9sUPuy6x9m9c6woDCio_1AjsAlnlVq8UNsidAO-5qJIfF-QS6qzHnwbRvx7K7OOdNOZd-VjQvYoZstzc7FroS8muZ3zYyVlegORjIa4_6987ZYrADKmQ-fh4amP7eUPpwhXOIAkaCxezCbk10dloX9yX7pSPQb-VZ5j4KH33_Yqa9Ip-88RiVUHxBDzfeuZZ4Lqm7-vmFRI0-EsGg_3PlMzdn47aOV4BWRDx2Zvk3nhiIc28kKA6UyXUCSEW&sai=AMfl-YSX8J170N2WNkPP1LugJQNHUzUn2F69XX46ju49oMrogYz4VblKFNlGpYUfGMB384eq3c6iNHa_O_euM3L_HVuM2y2IAINtZDLIZwE_Z0nraXXqUR8IgDhhFQFzpln1slsh-vJFmeDfwRTo3uX0nZo2X8DYi81khFW-sfJKTq6gkxFQI1yX6JwfoCW3t9RwTdIii04syg-0gpekyhKnryXA_IvEq_o&sig=Cg0ArKJSzP7dCphjZAhlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=139&cbvp=1&cstd=131&cisv=r20220323.21446&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 28 Mar 2022 00:58:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2B5B 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Mar 2022 09:34:28 GMT
expires: Fri, 24 Mar 2023 09:34:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 314635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 77D7 110 KB
38 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9662617309075734528/728x090.html?e=69&leftOffset=0&topOffset=0&c=HeF2hfJyNU&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9662617309075734528/728x090.html?e=69&leftOffset=0&topOffset=0&c=HeF2hfJyNU&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 14:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Mar 2022 14:21:34 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 77D7 60 KB
24 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9662617309075734528/728x090.html?e=69&leftOffset=0&topOffset=0&c=HeF2hfJyNU&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9662617309075734528/728x090.html?e=69&leftOffset=0&topOffset=0&c=HeF2hfJyNU&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Mar 2022 00:58:23 GMT

GET
H3 200 njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B5B 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 21:10:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13638
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 21:10:24 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A5E0 0
23 B 36ms
19ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv36zDCBN5AHFmrXQXGUvRS6-yUBJUguLhM-hHn_zuaAtq_JmUWW8U6_vBz1zVWJzy2m8PNHh0vm67Rl3uJpzi_EUstTti-vlQ-HYHzw34lTgbv7Dsslb5qsLkuR1zfQAqq4NLJC1dZ76hYfr64q9UHKd8lySS9hu5SdUpern7Hq0bsPEZYpLPzk6ppsbVVaKYq91YgOSYlNso7XZhLnwklOmPS0WbsHbRUvtccQJKMyj0JrVWPwdlPtgB_d0LnRXFzOuUb5uzh1IBHjuIN5FbT0Xf4qKr1a0lURAitmjw2sekN7-PyAD61T2uRMjzwZpEEJ7GwAt80c0tC9Ln8UMvVKqlJWbbYB5dMFwLN7GDqnyCMCC7BsA_8d8mVXoknpqYIC4IPyaIMfDw7SoDNGmDUd-8G8VH7NlUVGbRD1b_4G7KD69V9sgur_7pZNUb1JjahEmSTgGDcbyiHm2FHY1js9DKh0EKJGG6O8Bion_iZlh_qNbdAJdiglW5I59vsd7Mfei1v3Vzs3FUCMloSPRXodcJ1wxFri_yDt1As7UiigoPn4Zt-JAba-1zfwAN5C6VyS37mA52X_njaL3GWIIfooqsMd9Hj7We1bPC89CdFqNlKfDDLaUcdPxjWQpUWeVKtYTQLhrefnj8yDoBMze0A-oxOpn6ZhIgmj8iemZtSH5KqMR835KY9lbQu8XpR8iPQCv_ZprEBBfl52FG7-WuSvfI5LeQZSZbg1CTMcYgMw8_tntHucUR2huxavSQ69OHb3fNvjdAmbso_BPcAQujY1omrKrmB0EgkqVnIuqSAJjzg3YDjFJ2VbaujwE6Iu6zN2TWkw29rlhJfFq4Et6AT0d8mMrAvIq8a93Ev4xh_HWbJDxUvGb0fFqTbyrCo3DpvC-MxHjXrxZCb2JlKPEtGFH_B6nOp3BAfZOwrXrW0qKCpUKUc-7tmWN4H9sUPuy6x9m9c6woDCio_1AjsAlnlVq8UNsidAO-5qJIfF-QS6qzHnwbRvx7K7OOdNOZd-VjQvYoZstzc7FroS8muZ3zYyVlegORjIa4_6987ZYrADKmQ-fh4amP7eUPpwhXOIAkaCxezCbk10dloX9yX7pSPQb-VZ5j4KH33_Yqa9Ip-88RiVUHxBDzfeuZZ4Lqm7-vmFRI0-EsGg_3PlMzdn47aOV4BWRDx2Zvk3nhiIc28kKA6UyXUCSEW&sai=AMfl-YSX8J170N2WNkPP1LugJQNHUzUn2F69XX46ju49oMrogYz4VblKFNlGpYUfGMB384eq3c6iNHa_O_euM3L_HVuM2y2IAINtZDLIZwE_Z0nraXXqUR8IgDhhFQFzpln1slsh-vJFmeDfwRTo3uX0nZo2X8DYi81khFW-sfJKTq6gkxFQI1yX6JwfoCW3t9RwTdIii04syg-0gpekyhKnryXA_IvEq_o&sig=Cg0ArKJSzP7dCphjZAhlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=274&vt=11&dtpt=135&dett=3&cstd=131&cisv=r20220323.21446&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 00:58:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 77D7 7 KB
5 KB 36ms
20ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b881a91f599e60d42432a65b2b87bc91b33bdffc56a05f92c43d8ae2f747a744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 00:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5381
x-xss-protection: 0

GET
H3 200 60005582_20210429075333085_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 77D7 25 KB
25 KB 10ms
8ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210429075333085_728x090_LOOK-01.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d81dc7c7b5a5b00927d080ae3a4c8d135000c0b758c73ca7596426b357f291cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9662617309075734528/728x090.html?e=69&leftOffset=0&topOffset=0&c=HeF2hfJyNU&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 13:23:53 GMT
x-content-type-options: nosniff
age: 41671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25644
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 14:53:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Mar 2022 13:23:53 GMT

GET
H3 200 60005582_20210429075336002_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 77D7 24 KB
24 KB 10ms
9ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210429075336002_728x090_LOOK-02.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb4b866900308d1ee320329c870c7e99a1d841031c8dcb5d9ee19264a4464242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9662617309075734528/728x090.html?e=69&leftOffset=0&topOffset=0&c=HeF2hfJyNU&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 13:23:53 GMT
x-content-type-options: nosniff
age: 41671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24951
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 14:53:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Mar 2022 13:23:53 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 77D7 43 B
609 B 34ms
10ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324455314_146032165_-0&ref=27008872_4307561_324455314_146032165_-0
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Heusenstamm, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:58:24 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 77D7 17 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Mar 2022 00:58:24 GMT

GET
H2 200 263644879655d1b0f5c2ecf9fd9c61f717346519.png
theme.zdassets.com/theme_assets/2029595/ 2 KB
2 KB 22ms
21ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/263644879655d1b0f5c2ecf9fd9c61f717346519.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

996a2695758daf6111f775e0faafe8f1fec2383fec0691c20a071ccf1d62d8ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51239
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 1637
last-modified: Sat, 20 Feb 2021 17:03:27 GMT
server: cloudflare
etag: "3e628d027fdd99844d3d3622004894c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnV2uJUShIsMajqwbRK0vypEeZrGRrnW%2BQFWtaSLEWsk9FGxq1K6hQaMq4iGft0L2p0TEfxoCuKXoHswmuiMxUkyHAAMffu%2B2kGn0B%2FhRXJCXFpQsvafNRSvB66LeePo563eYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 54J8GC2feba5oYYtFswOidfnPnhctJXJ
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6accda01996f-FRA
x-amz-cf-id: kwPZFwT0duQzg033fP363uBHFi2NWfK3Y08f0XLIKIJ73u6aVZZpCA==

GET
H2 200 d2867f3743cebe467595ce7df2f01aecc5f3ecdd.png
theme.zdassets.com/theme_assets/2029595/ 2 KB
2 KB 19ms
19ms Image
image/png 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/d2867f3743cebe467595ce7df2f01aecc5f3ecdd.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f33cb5bd7e280058bcccf44a5ebe9aa5be594d9186de079f3b187a3239514b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
via: 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51239
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 1650
last-modified: Sat, 20 Feb 2021 17:03:26 GMT
server: cloudflare
etag: "e93a68314f769298c10f28057212a303"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nU42bAETk6SP8AD3PcEpBFjxmcz%2BUTmn1nQp1otzSDgP1JQIDTrwcv0XlbDztJT%2FQH%2FguL%2BLe6YNNLnL21ZEqcgdGcS8rdfLuzV7YPErzhHe%2B3aJE5i4oHdv9KOjh8DP%2BTkmGw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: mZ5uLQEYCS9sdNa0jnzi4Mvr3IlHivcc
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6f2c6accda03996f-FRA
x-amz-cf-id: M9708lbUoY3EXKeLNsEN1JtEKklH-e1REp9sQxnSJxMTwZpkswFfPg==

GET
H2 200 sddefault.jpg
img.youtube.com/vi/4zARCdtho5M/ 33 KB
33 KB 97ms
41ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/4zARCdtho5M/sddefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e9cb709cfc907bbf789309f765e90e0ad6408489e8ee66853bbb102e5fbe6b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33860
x-xss-protection: 0
server: sffe
etag: "1615491262"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 28 Mar 2022 02:58:24 GMT

GET
H2 200 sddefault.jpg
img.youtube.com/vi/OPZ4WMJxX2s/ 35 KB
35 KB 86ms
31ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/OPZ4WMJxX2s/sddefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d87c10886def9c5a0cbd370730c40418d375a6eafa98c62dac94bd47f88110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35566
x-xss-protection: 0
server: sffe
etag: "1614289865"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 28 Mar 2022 02:58:24 GMT

GET
H2 200 sddefault.jpg
img.youtube.com/vi/WkhWUa_Nh4w/ 54 KB
54 KB 104ms
49ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/WkhWUa_Nh4w/sddefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be524cc680c4cccaaeed37edd11cee1ec2ded3ee3191eb0afc37d1a22cdd51b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54971
x-xss-protection: 0
server: sffe
etag: "1541607073"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 28 Mar 2022 02:58:24 GMT

GET
H2 200 sddefault.jpg
img.youtube.com/vi/BB5NnPtwXQY/ 56 KB
56 KB 72ms
17ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BB5NnPtwXQY/sddefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9441e2c91b141fde08e147669f3d05565eaae32fecda1f479c097eac02a2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56980
x-xss-protection: 0
server: sffe
etag: "1533037404"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 28 Mar 2022 02:58:24 GMT

GET
H2 200 sddefault.jpg
img.youtube.com/vi/uHV2rIhydBs/ 50 KB
50 KB 110ms
55ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/uHV2rIhydBs/sddefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa015ec26388ee9adc1605d5fdf766ddc6ef549a670974f1d57f2873e770fefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51110
x-xss-protection: 0
server: sffe
etag: "1608326915"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 28 Mar 2022 02:58:24 GMT

GET
H2 200 sddefault.jpg
img.youtube.com/vi/9xZlJqHVE1s/ 42 KB
42 KB 97ms
43ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/9xZlJqHVE1s/sddefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

334482e693c2d6011ca995593675f272e69170f79e49eb579ceaa332cc9d4af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42705
x-xss-protection: 0
server: sffe
etag: "1605733907"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 28 Mar 2022 02:58:24 GMT

GET
H2 200 sddefault.jpg
img.youtube.com/vi/ZWOhUilI7Pw/ 48 KB
48 KB 50ms
50ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ZWOhUilI7Pw/sddefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

772862761d6679731fb3f38c9da15c2ac6553eea14006ff26b5c141d24b27af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48799
x-xss-protection: 0
server: sffe
etag: "1606518920"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 28 Mar 2022 02:58:24 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 23ms
22ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6b5e248ab47c9823094fc4698449848404471b277ae71ebc3e2c52141165d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 00:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10637
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Mar 2022 00:58:24 GMT

GET
H3 200 njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response
pagead2.googlesyndication.com/bg/ Frame E00C 35 KB
13 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 21:10:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13638
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 21:10:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 567D 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Mar 2022 21:19:18 GMT
expires: Mon, 27 Mar 2023 21:19:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 13146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D3FE 783 B
537 B 24ms
23ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c9b660f256febc57927e49f5c52f543ca15f626ac2bacc68c91383bf7c0fb777

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9JPf2jH3MNpU9wZzMUKw4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 28 Mar 2022 00:58:24 GMT
date: Mon, 28 Mar 2022 00:58:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9JPf2jH3MNpU9wZzMUKw4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B5B 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Br3lmLwhBYu6BKfDH7_UP9ea8GAAAAAA4AeAEAg&bg=!oaKloubNAAbzJazn0yU7ACkAdvg8WluT0jnEr4aq2-Qx9GJZ9oiqMyFY-guBCdzicfTP-3GhIMNL9gIAAAETUgAAAAxoAQeZAyV84htgL8v4NXgJ6_H9AprlCsXZ_BYGOqDz-Osj5JciuCffZ5c8XE7wiKgPbtKKEuwLmwrbVooMpE6Cgv8L-15mRDthHGoiwfnh3T-zobgPQkx_4P4KWO7mlz3rfUV7lKwYIHQcuIrznFnJrV0LrFPLwsiTeIieL9wS8BVX34_qbZWO_WKriwJEb8KuBWLXUFYq-BtRQaqFLOz_ncLX8I5n_BEpInUPSpGq9FhTOt5mqoptWoppVa94KTq_G8GCnpf4U9-74yuuFh9kw6lpGOiSigRn8_3L4gjdOK2ofjqoiqicK1ZsAe7T2fX25QzBTvxv2CYhEtN_CTvsvw6oYJCXZjIzrobwimUI80HLMdKLdIitqau2ouKLyIVvmqFAYioQCeiy3o1Tw-9-MIYXGCgf_n-tKq0u8wZ6mrXCfSWaejzKor634YBdYu18k7a6RQItRolZdVQdf4E832yS9Km3Qok-tymPo3STB134qtMFFdoxgdvthoLBaH-P7FonmJwKpjZGujyA84y3K7mnZXDlqi5mrP8sikJ6hZp7SbeGPwJ1v2NgP5PLDRjuGpqnHixp2QFfID6yCye0oFIAzeKzm2L9NBa7aKuCb1AAx1UusuInhrQWJ7vsH3RSUQbmcINb0dBlbjOm0TO8DUFkDupsKhFvsIx4RkYNy91MarMUjkCWLZMQklemvJgDNy_6dn8qmp-JrblsKeKC8TLsIdTZo5_nUvRG7A3oAuQza2FS10xY6Jrne0cZ2-KrLiIfLRrCyamgfIR1BAvle85bz-7E6VbKgKry5GQf6K897Qe_xgBL8-YTb_5EkkaNIm5JkovaAGqvfyN7mTTKfZsZ3pPQ6Z3d3p4vfapvSTwBcWrgOQ3BpM_RpgmAgSiuge-R7ddnp_3UhzNQqXl_f6xn75C8EEe63CaQqzzxfyLPZd0skL-9r3tNStJN3E5OrdVuNZWIEeMxPJZGTrSitCExO1Y77FZoJ7Uo7EOxQd0cBpEJycgWjrPu86Izd8M_ERj323yrnm0rGDjsf8pyQoO-a8hBNc5-KLvd4sspwa9ox5aPtF8wYEwO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:58:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D3FE 0
0 103ms
103ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=617808497185145&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response
pagead2.googlesyndication.com/bg/ Frame 567D 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 21:10:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13638
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 21:10:24 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame FCFD 222 KB
62 KB 66ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 546478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame FCFD 16 KB
6 KB 82ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 546478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame FCFD 96 KB
29 KB 83ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 546478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame FCFD 5 KB
2 KB 85ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 256382
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 25 Mar 2023 01:45:22 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame FCFD 42 KB
13 KB 86ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 34449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sun, 27 Mar 2022 15:24:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 27 Mar 2023 15:24:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FCFD 8 KB
892 B 33ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:48:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 00:58:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 00:58:24 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FCFD 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 13:28:14 GMT
x-content-type-options: nosniff
server: cafe
age: 41410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Mon, 28 Mar 2022 13:28:14 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FCFD 344 B
368 B 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 28759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 28 Mar 2022 16:59:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FCFD 0
0 54ms
53ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFyxULwhBYuyiIpjQgQe61ZbQAqHLlstlhZOz9MYP5rO1iIcfEAEg4e7KQGCVgoCAtAegAbebzr4DyAEJqQKNYEMGJ22yPuACAKgDAcgDCqoEjANP0GkDxzr8-RXK_XbXOZ9sLscbDnGRxniTJPNEG_4Sz_mMu55ftMQ6knD8O1UrFENJoG55nsqLwYldNdDFLsDQNLKl7i7SWulgkHhgwScT9spgDrJ7D8eYZi4fcFgKua5JoPCS6d9lukt_ql7GwfsPU_Kay7rI8G4p-uOXVeG9OeQRqFAzubTLLpT-94jPA9ilroBUK56FNIP3rycUdvH3Ee11TvAoQzVjxpvFEk8rC5OlrNgL-6PlH-Rjsa3ihLedB6JVGx_VZK-o3WWV-L9rOTJMYcY60iEwtwaHKa3GJ5NJH9NR9Ltlnw6whB5AliQ2tGrRe2O08myTaNvxy7F17n55YPRCYSz0Z5eS7uvtQMxAV-jI3uNvtauMB2iEh1t6BhlqOUTfZtZnazT294bmrj22wEop8XhBqdLLjQcJXiiVD1bBrSMo6sjEhCN2EAMxCVDNwZtbUboC7fqUsPd9P_Wn8m8ZiZzcT7oWPJ3HOhAYyVd3L87VXsEMeGDxVCE-sk3n241QpkZQ8e7ABMyAz4uvA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAex5LFBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQrdZX0ggJCIjhgBAQARgdgAoDyAsBuBOIJ9gTDIgUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi05NjUwNDA4OTgwNzkxNTMyGOH-HQ&sigh=cNUwkgZyBR8&uach_m=[UACH]&template_id=5000
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br&cm_ainfo=&&&&&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8910466402921090424/ Frame FCFD 28 KB
28 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8910466402921090424/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

282d69cb91dad0c00815eb4d4ab86c44d269d3a6f00d1715d870713b9f96d641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 07:49:23 GMT
x-content-type-options: nosniff
age: 493741
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28959
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 15:08:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Mar 2023 07:49:23 GMT

GET
DATA 200
OK truncated
/ Frame FCFD 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FCFD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcdb8a1d08b3fecea9b8650fd7651a8e161b313b4240eb181dbdeaec96da5f4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FCFD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc1e71f230fb6ce547b576e561ab00db7c1752363dfec853341985e7eb935b1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame FCFD 28 KB
28 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ajuda.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 439847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:47:37 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 567D 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bJ6GgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:58:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FCFD 3 KB
3 KB 10ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 13:28:14 GMT
x-content-type-options: nosniff
server: cafe
age: 41410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Mon, 28 Mar 2022 13:28:14 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FCFD 344 B
368 B 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 28759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 28 Mar 2022 16:59:05 GMT

GET
H/1.1 200
OK cta_icon.png
agentcore.s3.amazonaws.com/production/assets/ 3 KB
4 KB 117ms
111ms Image
image/png 54.231.196.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agentcore.s3.amazonaws.com/production/assets/cta_icon.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.196.241 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe9000c6bb9ceb2b14e71f018a2dbed0ac8d3b572b2a932ba5f216841c3d6faf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:58:25 GMT
Last-Modified: Thu, 22 Mar 2018 18:03:40 GMT
Server: AmazonS3
x-amz-request-id: Z6HKZBCPTFYF18F2
ETag: "c595c26dd8a406dbc990dce963f42abb"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 3427
x-amz-id-2: wn2FWvBGDRSOgEDHRsVs8FfvBFHVvkIK3ZEJsxKU1D/9ViIoZyY04vBrU7QwqD2WO+vUwTdwYXc=

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 16 KB
16 KB 34ms
12ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ajuda.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:49:09 GMT
x-content-type-options: nosniff
age: 439755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16712
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:06:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:49:09 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A5E0 42 B
64 B 33ms
30ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZhPDELyQa18wnB8cx8cCFrDoJ-f1jfp9-AJSvVF0nxABExyVjmP9O7Zk6852a3AGAvm6_QDz84gBk5WR1vU48RVm_GqXLwgovvE_J7EU5_D4TtUxdyQ&sai=AMfl-YSrQRS2E-NzPRvt3PgskodKGSrma3zYl60Ic5FUS68jnboDRfy-wyCrigkwdCDw75OezcQazf8_KY7jn8Hidek_C4inud56fTTRcE8638vvc5kZaN5XE34hZpQLizw&sig=Cg0ArKJSzIAEHoti87NiEAE&cid=CAASJ-RoHBtVzvgYJV-HLyQZi8Dk8C4Bc8Ujwir5-Z8CHiSnyWzn1YGz7w&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2448804960&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648429102940&rpt=229&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:58:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
30ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=617808497185145&bg=!z8ylzIjNAAbzJazn0yU7ACkAdvg8WkkWShsqYiB8FjZFS49HhREd1fg4U44IiQ8noJ3-2ZdvdEDTwQIAAAF5UgAAAAJoAQeZAuxOewyjcwIgRKVnqPDw1cpkJtIDO3VmfIkguMPJ6w68z29BHh0RmF2Py_t0BujQWYqYhG7BocEtMkeWs8k4jyVNjZ-lwSnDx_0gdlLT6HarAqY8NKqb276a4aBa1FYdDXz02VKDyTu_c02i39emTj3C3EgnoxmAumWFxPY1flp_59HfCrqJEni6Tsu-ncpUxek7K-OkKxKZCpCpuKml-st6dNq2eT7JucxgyZpRlOOGAqK340AdTdqgV9NKBeEuQFRC17nccsztOZR2cQIIpjZen8E8lImn0qGW5rrPlCrxlOReKTjuzXVzoYCaB_pdVRlyqr2ia9_Vi_0ItVsS3_mbLbHoAweV0wNF_s8c92j_nxz3q7QmPVvTtDgUKbLAK_E6Mse3n5ezIbxB5jRGCze5SN6mkOkbZxLlLVwttRtZA2kB8Bjjmf_FUZvJb5HwKD450kMqLVvrqea82d5hpo-7slNIFQEIo7v8jXF0rHZhgPVal6CyNVRZ3Bf_X4OIWRjirPsl4UDXrKQzpeX824ubExvuxVDhphi9XZC91Rl6iTCvNLq8q_fP0OBNpZ54LLQPka1BUR1O28-oiqQEe9eKmRO09RIfBpXJsbZWAPKM7AxfA0oeo18l63omPo_2vEf7zLkYxpjUf8z3_VD3lgXEi243BQ1XY5cDfypc7yNP7XB6a-BHVP4RKu7Y__6qmiSA9XirOgG88nonm2KXk_mBm6VlSTLcpoOCzHguX8FWHjJhf_ItaLzRi5sHTBL4XSjZRShnL2LGvtvF5LAkiITGrwMZMVhcDLfmPo4yRuWFPTkMAsOvgc3UhFSEMnWLVsj6yimB8WRzVoM_BgX4WhUYlrMBBxVUqOxKFs2rAWdFMtLqA-awI7BXAO8OkoY8Lfycty38qOvQB_sCgAvJJpSeZIAK_n4gYz5hAALZGXuoAIAOcwZK5FYnv9PkNclN8_gPjaaS8WBzDMcsCSxz1De4Zy5erY6F_UZbFM6L

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:58:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FCFD 42 B
64 B 31ms
30ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutnzpKHjlklieT_4FX8MDipindKuCnZFh6DoYABOtIGTkKH25O4IN66XCREO8o6tW7p6G7LaNQE5eDsS77_75mmL2bVjREDqHep53FcqZjKCc5Xw-eqw&sai=AMfl-YRGHehpAP8PlvUTLjtLAaYzBjMinRFxuzrERBkjbRofUl-ndC8FMNXl97pj65pe1S8JVNtmsnSAYfLJLu_RLnDVI0aTvt0q1P1U0WmU8cE2cjeGyb-vTnikRHhS4Tzr&sig=Cg0ArKJSzJrVbybPZOQDEAE&id=ampim&o=315,912&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=277&tls=1277&g=100&h=100&tt=1277&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:58:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ajuda.serasa.com.br/	1969-12-31 23:59:59	Name: __cfruid Value: b8f12da6fa05b09e3b0255bfbd67dafdaa120730-1648429102
.serasaconsumidor.zendesk.com/	1969-12-31 23:59:59	Name: __cfruid Value: b8f12da6fa05b09e3b0255bfbd67dafdaa120730-1648429102
.serasa.com.br/	1970-01-20 19:25:01	Name: _ga Value: GA1.3.558910204.1648429102
.serasa.com.br/	1970-01-20 01:55:15	Name: _gid Value: GA1.3.1574561811.1648429102
.serasa.com.br/	1970-01-20 01:53:49	Name: _gat Value: 1
.ajuda.serasa.com.br/	1970-01-20 01:53:50	Name: __cf_bm Value: ifVGA.b68hW3NNLcg3aI2hR70FXqvG9ueEABJvyx8l0-1648429103-0-ARloBbRHT9XkOXTWuOGJVWjXuTTZ9rjnWwvRIZZRtjB1FVBGu3alJPVvVhxS50uvPLJxR+oeasIigyQ+eMKFbkCJuvqftrjvZxYzbLaUtbqFdXwIhWvb4g1AxG+5cg/LdA==
.serasa.com.br/	1970-01-20 10:39:25	Name: _hjSessionUser_2469592 Value: eyJpZCI6Ijc4MzdiYmRkLTlmMDYtNTgwMS04YjU3LWY5NzE2N2QwNjIwNyIsImNyZWF0ZWQiOjE2NDg0MjkxMDI3NzcsImV4aXN0aW5nIjpmYWxzZX0=
.serasa.com.br/	1970-01-20 01:53:50	Name: _hjFirstSeen Value: 1
ajuda.serasa.com.br/	1970-01-20 01:53:49	Name: _hjIncludedInSessionSample Value: 0
.serasa.com.br/	1970-01-20 01:53:50	Name: _hjSession_2469592 Value: eyJpZCI6IjdjMTUwMzZmLTM1ZmQtNGFjNS1hNThhLTQyNDFjYzk4NDI5MiIsImNyZWF0ZWQiOjE2NDg0MjkxMDI3OTcsImluU2FtcGxlIjpmYWxzZX0=
.serasa.com.br/	1970-01-20 01:53:50	Name: _hjAbsoluteSessionInProgress Value: 1
.doubleclick.net/	1970-01-20 11:15:25	Name: IDE Value: AHWqTUlOSEmkiRL7vjFYhamqLV9TmOTbDmcb-a7HJzxxTw9FuGTqXJVJ8T2XFPCvE-Q
.adnxs.com/	1970-01-20 04:03:25	Name: uuid2 Value: 6546228438622195440
.adnxs.com/	1970-01-20 04:03:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>@9/xX_!@wnfH8K6pQK`!5=E<*L5?%L`hru9w5)]Stm=#Og.zVLni(#'HAGH+aU>^r-%nugO%v4VB%nmBd)q!cO
.casalemedia.com/	1970-01-20 04:03:25	Name: CMPS Value: 3228
.casalemedia.com/	1970-01-20 10:39:25	Name: CMID Value: YkEIL.1M6fx6ancCRuLXDwAA
.casalemedia.com/	1970-01-20 04:03:25	Name: CMPRO Value: 1102
.casalemedia.com/	1970-01-20 01:55:15	Name: CMST Value: YkEIL2JBCC8A
.casalemedia.com/	1970-01-20 10:39:25	Name: CMRUM3 Value: 2d6241082f2760CAESELwBU6-dC8D_6yrRsL1mELA
.o2online.de/	1970-01-20 02:03:53	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324455314_146032165_-0&ref=27008872_4307561_324455314_146032165_-0
.doubleclick.net/	1970-01-20 01:53:50	Name: test_cookie Value: CheckForPermission
.serasa.com.br/	1970-01-20 11:15:25	Name: __gads Value: ID=a6fae4c76bf5694e-2210720266cd00a7:T=1648429103:S=ALNI_MY3KsjpNDGFgLf8t22S_Lj-qxWtDw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ce4792cf061bcc032a4ac607a3a9678.safeframe.googlesyndication.com
adapter.aivo.co
adservice.google.com
adservice.google.de
agentcore.s3.amazonaws.com
ajuda.serasa.com.br
apibot.agentbot.net
assets.zendesk.com
cdn.agentbot.net
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cl.s11.exct.net
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.youtube.com
p13.zdassets.com
pagead2.googlesyndication.com
portal.o2online.de
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
serasaconsumidor.zendesk.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
theme.zdassets.com
tpc.googlesyndication.com
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.16.51.111
104.16.53.111
104.18.70.113
104.18.72.113
13.111.71.12
142.250.181.226
142.250.185.130
142.250.186.162
143.204.98.104
143.204.98.28
143.204.98.29
143.204.98.32
143.204.98.62
185.33.220.242
2.18.234.21
2001:4de0:ac18::1:a:2b
2606:4700::6810:125e
2606:4700::6810:5614
2a00:1450:4001:808::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9d
45.55.193.240
54.161.229.54
54.231.196.241
82.113.101.132
006aabd877ee1ccdc2bd16cee536f4536a4f3981d9cb76ae6cfd1d3f25129a29
01c0761e1e736fff6c81a38c2828f9322dfa72b57f4bfaa11af4000132ef4742
022c42f4d38c83e28b31096049d84e4280455cf5e29035fa4d051b7830cf4878
05ad3b768943f707a28a890757381563494068df29222c803cb43baba65488b3
07d87c10886def9c5a0cbd370730c40418d375a6eafa98c62dac94bd47f88110
09ed48a519c9f3b7dab855482a34777c48bb101bf50a342a5097a8d98ea017fa
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1a64732de92fe691f38055f446c114cba9df7e63b2ccc35015e57c7513fc34
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147081d0991bf7a44054f9336f60082a2af9637d551c3a02e1536ae292252a33
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1e9cb709cfc907bbf789309f765e90e0ad6408489e8ee66853bbb102e5fbe6b6
1f41c1bfd9141177523d3ba40196be30dc3056fd1fdc5067eca64e9b1b915bad
1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
26186ef31ef35679017179c6639f347c58e4eb941ba9a262a4b8584dcb4e8ac9
26e28ff42e0512e4b9cbe7211265ed6521ac2d171ba2cebe085f68c54a9e7c06
282d69cb91dad0c00815eb4d4ab86c44d269d3a6f00d1715d870713b9f96d641
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
3053f072c299ba5c602a07e0ec60683caa8a28d999e9fae7d83f015e2666fc6d
30d8b7673f41672185843f69b79543c5eb50d57eecd92fdec573244a8e413ad9
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
3242e3f3d2b11cd0da790d29a15a3b8d01160f5b4491b3fc7049527bb57acd73
334482e693c2d6011ca995593675f272e69170f79e49eb579ceaa332cc9d4af5
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
355af7a72abe9d0fddc9f846e1b39227b703cef7841e911a1b456012ef99c1ff
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
3edcd35f57ed9849a3f18522017d304c843e75d4c0195b763222ccb06b003313
3f33cb5bd7e280058bcccf44a5ebe9aa5be594d9186de079f3b187a3239514b0
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
46f51dfa02a9f96c84032f9ba066f3881096781bc142b26c98a3e4b947566468
48f06ee1e5c731e2cb399cbb155bf6ddddf9e446b949908ea1a0f94860097903
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
5373bf741e48c0178dcf50863030fa1879cb1f28598bfb24d477f30711798dd3
5377b85929b89e53828ca9b7489ea8a9c4a112bd7384c8eadb38b8dea5df6983
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66d301290c1e9b6e4c9732d4d200f8a33f750f97a75b734fcc82c2ee605b073a
66fec5d3f942100cb5735cbfe51348a53b8aa584a7969f7de339ce35d8d96902
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
772862761d6679731fb3f38c9da15c2ac6553eea14006ff26b5c141d24b27af7
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7c067bdf71b81bc125cdd51224737934175d5784c12d979566b7f86de7b5ef13
7c9441e2c91b141fde08e147669f3d05565eaae32fecda1f479c097eac02a2c0
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
838823d4fc5054d84fbde32bbeb6cd22f18ea7d96edad521aacf170b0ebca411
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ff634c98316bf121ca699420497b8b1f6cc2b806c01e54c3b74d5f5de6f92d
87d4158b3910e040a0ca46ebc6ae30618deb2476ed0eea065c1d5b5dee27b955
87d98603dabb39384e5aecd9614fe72adcf8f60670e5efc1262a2596b680a519
8d62902c1b51c35c475d8ecff58e6704db694cb3267aae663bb4a0b57a040e1b
8fd6d97c5e1e295a7c66bceaff39daf165a8e65ae8a8dd7228443caaf05f2b50
996a2695758daf6111f775e0faafe8f1fec2383fec0691c20a071ccf1d62d8ff
9a039972b006b4e15619fbf1106b67083d1474334e1b0965968074c171513a9f
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f0c11a70973083a31465b27bd503c6cbcf216f208a2bde6862460a38cf01c9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79823d2f8bafee2203c97bc65c9ccd8db935bec598b3f66aa07b1874b282adf
a972b4d1cdb31c6ed98e2b2cdb37aeaf482dedf022c278e8579b44d545b87d8d
abbd3d9df6edb6982ac43bbeb61514366582e777e1b501e55f3f9071ffd15f68
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b156b80987d17638caf5a185b8d11df46f6c5fb5b7478c9976dd889c2767965d
b1ab87b85f9b4fe02797c9ff8dafbded313b0bde855d1535678619b001be0ffa
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2aa290fb06dfad80246b49a16dc682222d974001ec6311ba2e40fb76ce3a01c
b826baf4b1c464fb6f997c20dd47e496f30a58d1efc8432e3b33fb0872a90862
b881a91f599e60d42432a65b2b87bc91b33bdffc56a05f92c43d8ae2f747a744
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bc1e71f230fb6ce547b576e561ab00db7c1752363dfec853341985e7eb935b1c
be524cc680c4cccaaeed37edd11cee1ec2ded3ee3191eb0afc37d1a22cdd51b8
c49032a60105ae7cd4e4a60a452e7669f6aa316ad2cc8eced748fb0f0355241f
c6b5e248ab47c9823094fc4698449848404471b277ae71ebc3e2c52141165d34
c9b660f256febc57927e49f5c52f543ca15f626ac2bacc68c91383bf7c0fb777
cb4b866900308d1ee320329c870c7e99a1d841031c8dcb5d9ee19264a4464242
ce61e05539704fb07f314ebadf3e65416ffa784626a3cda98623b84c1cafefe1
d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815
d81dc7c7b5a5b00927d080ae3a4c8d135000c0b758c73ca7596426b357f291cd
db281fd66638c9ab7b33a100e64e0de5390f22775b4e2d60ded70b92139b4cd2
dbfd09eeeaf14f4585c0756c26991b614241adf5415c73095bdf8bbcd76178b0
dc477ab682fe2729d0dc4fadc416897b131f9209cef31fe5c8b675bdb99663e5
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391
e0d698c86182256bf48108d7ac3847b43b5c33f273075cd86061e8fdb7c6fadc
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e6d6d991f87745c3b43c21176cd9d3b0993fb03bc25387b44b15ab7a95a06b6d
e7b2128735e020a2505fa343f3086efdd46c702ee4401da138e6c5a22df7afc4
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e87a84ff16ce267e0081f72978fa8115b9a6347d2c61e8ed060b477f7bf6d4b5
eb7b1796bea6f1b91f79419468d04dec3743cc0f0a3a1b1970bb1ba47119b015
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5cd0d0af73325ea04c9b99435d3d4018dc0a048a41987cc94fcf3eb8a06e698
f799149454b87ae89fc9de2ec87a238a75fa84b9d703ffc94c28ff85ba35f21d
f9c7baedd06f7f33523eddbcebaf0097fd79fea5ba8cb94708219cdece53c8c1
fa015ec26388ee9adc1605d5fdf766ddc6ef549a670974f1d57f2873e770fefb
fba8081592823cd3fc4cf67ce7b816c03e9937eab2a96be9796d2b9c5bbad553
fc76748a38c10368c4acabef5e1209c3f8c01eadef696e1853d62c4238680641
fcdb8a1d08b3fecea9b8650fd7651a8e161b313b4240eb181dbdeaec96da5f4f
fe32d9e8c5b91d60410c08d8fa519796439792744528d5a01bde953a60428712
fe9000c6bb9ceb2b14e71f018a2dbed0ac8d3b572b2a932ba5f216841c3d6faf
ffd0f1a8998b84c05b08ff0e234e5b02d69f4fd5982def489be7dc36ed72b44f

ajuda.serasa.com.br Open in urlscan Pro 104.16.51.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

146 Requests

97 %HTTPS

47 %IPv6

26 Domains

40 Subdomains

36 IPs

5 Countries

4892 kBTransfer

8440 kBSize

22 Cookies

7 Outgoing links

Page URL History

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ajuda.serasa.com.br Open in urlscan Pro
104.16.51.111 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

97 %
HTTPS

47 %
IPv6

26
Domains

40
Subdomains

36
IPs

5
Countries

4892 kB
Transfer

8440 kB
Size

22
Cookies

146 HTTP transactions
4 data transactions