ajuda.serasa.com.br Open in urlscan Pro
104.16.53.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cl.s11.exct.net/?qs=e8b1e64cb9cfefc52a8f9be7437206c5e3e6087aadef43e6fc781113288ae067997c1cb21195fd335160d53abe8c...
Effective URL:
https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A...
Submission: On March 28 via api (March 28th 2022, 1:00:27 am UTC) from SE — Scanned from DE

Summary HTTP 170 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 44 IPs in 7 countries across 34 domains to perform 170 HTTP transactions. The main IP is 104.16.53.111, located in and belongs to CLOUDFLARENET, US. The main domain is ajuda.serasa.com.br.
TLS certificate: Issued by R3 on February 7th 2022. Valid for: 3 months.

This is the only time ajuda.serasa.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.71.12 13.111.71.12	22606 (EXACT-7) (EXACT-7)
1 10	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 28	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4	45.55.193.240 45.55.193.240	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	143.204.98.29 143.204.98.29	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.39 143.204.98.39	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
2	52.216.98.51 52.216.98.51	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.118 143.204.98.118	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	54.161.229.54 54.161.229.54	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5 6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
4	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.89.28.165 104.89.28.165	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	85.239.105.10 85.239.105.10	16097 (HLKOMM 04...) (HLKOMM 04107 Leipzig)
5	2606:4700::68... 2606:4700::6813:b979	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:cc16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.220.62.151 54.220.62.151	16509 (AMAZON-02) (AMAZON-02)
170	44

1 13.111.71.12 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: cl.s11.exct.net

cl.s11.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.16.53.111 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ajuda.serasa.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
serasaconsumidor.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.18.70.113 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p13.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
theme.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.55.193.240 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.agentbot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-29.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.98.51 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

agentcore.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-118.fra50.r.cloudfront.net

adapter.aivo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.229.54 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-229-54.compute-1.amazonaws.com

apibot.agentbot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.62 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.149 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.145 (Reilingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

hal900010.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Hamburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.94.3 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.239.105.10 (Leipzig, Germany) 1 redirects

ASN16097 (HLKOMM 04107 Leipzig, DE)

trf.greatviews.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:b979 (United States)

ASN13335 (CLOUDFLARENET, US)

singles.parship.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.62.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-62-151.eu-west-1.compute.amazonaws.com

eum-eu-west-1.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122 pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	159 KB
27	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1964 p13.zdassets.com — Cisco Umbrella Rank: 29426 theme.zdassets.com — Cisco Umbrella Rank: 10034	910 KB
22	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	232 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 28803 hal900010.redintelligence.net — Cisco Umbrella Rank: 227094	51 KB
9	serasa.com.br 1 redirects ajuda.serasa.com.br	30 KB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	27 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	537 KB
6	gstatic.com fonts.gstatic.com	101 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	5 KB
5	parship.de singles.parship.de — Cisco Umbrella Rank: 370411	15 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	112 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	2 KB
5	agentbot.net cdn.agentbot.net — Cisco Umbrella Rank: 92458 apibot.agentbot.net — Cisco Umbrella Rank: 86063	213 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	4 KB
4	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	166 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 39406 medialead.de — Cisco Umbrella Rank: 38865	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	3 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 874	66 KB
2	instana.io eum.instana.io — Cisco Umbrella Rank: 6447 eum-eu-west-1.instana.io — Cisco Umbrella Rank: 24770	10 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 13937	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 870	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 323	366 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	73 KB
2	amazonaws.com agentcore.s3.amazonaws.com — Cisco Umbrella Rank: 123357	30 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6433 adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	17 KB
2	zendesk.com 1 redirects assets.zendesk.com — Cisco Umbrella Rank: 6974 serasaconsumidor.zendesk.com	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1207	5 KB
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 64653	312 B
1	greatviews.de 1 redirects trf.greatviews.de — Cisco Umbrella Rank: 303635	1 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 39676	629 B
1	aivo.co adapter.aivo.co — Cisco Umbrella Rank: 79612	11 KB
1	exct.net 1 redirects cl.s11.exct.net — Cisco Umbrella Rank: 119389	618 B
170	34

	Domain	Requested by
16	pagead2.googlesyndication.com	cdn.agentbot.net tpc.googlesyndication.com cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
16	theme.zdassets.com	ajuda.serasa.com.br p13.zdassets.com
13	tpc.googlesyndication.com	ajuda.serasa.com.br securepubads.g.doubleclick.net tpc.googlesyndication.com cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com googleads.g.doubleclick.net
9	static.zdassets.com	ajuda.serasa.com.br static.zdassets.com
9	ajuda.serasa.com.br	1 redirects ajuda.serasa.com.br static.zdassets.com
8	securepubads.g.doubleclick.net	ajuda.serasa.com.br securepubads.g.doubleclick.net
8	cdnjs.cloudflare.com	ajuda.serasa.com.br cdnjs.cloudflare.com
7	s0.2mdn.net	ajuda.serasa.com.br s0.2mdn.net
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	cdn.agentbot.net securepubads.g.doubleclick.net hal900010.redintelligence.net s0.2mdn.net
5	singles.parship.de	hal900010.redintelligence.net singles.parship.de eum.instana.io
5	hal900010.redintelligence.net	1 redirects cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com hal900010.redintelligence.net
5	googleads.g.doubleclick.net	ajuda.serasa.com.br cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	hal9000.redintelligence.net	cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com hal900010.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.com	1 redirects ajuda.serasa.com.br tpc.googlesyndication.com cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
4	cdn.agentbot.net	ajuda.serasa.com.br cdn.agentbot.net
4	code.jquery.com	ajuda.serasa.com.br
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	ajuda.serasa.com.br
2	www.awin1.com	1 redirects cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
2	pv.medialead.de	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.googletagservices.com	cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
2	agentcore.s3.amazonaws.com	ajuda.serasa.com.br
2	cdn.jsdelivr.net	ajuda.serasa.com.br cdn.agentbot.net
2	www.google-analytics.com	ajuda.serasa.com.br www.google-analytics.com
2	p13.zdassets.com	ajuda.serasa.com.br
1	eum-eu-west-1.instana.io	eum.instana.io
1	eum.instana.io	singles.parship.de
1	static.cloudflareinsights.com	singles.parship.de
1	ad-server.eu	cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	trf.greatviews.de	1 redirects
1	pb.media01.eu	hal900010.redintelligence.net
1	apibot.agentbot.net	cdn.agentbot.net
1	adapter.aivo.co	cdn.agentbot.net
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	ajuda.serasa.com.br
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	ajuda.serasa.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	serasaconsumidor.zendesk.com	ajuda.serasa.com.br
1	assets.zendesk.com	1 redirects
1	cl.s11.exct.net	1 redirects
170	51

This site contains links to these domains. Also see Links.

Domain
sitenet05.serasa.com.br
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com
open.spotify.com

Subject Issuer	Validity	Valid
ajuda.serasa.com.br R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.agentbot.net Sectigo RSA Domain Validation Secure Server CA	`2022-01-19` - `2023-02-19`	a year	crt.sh
serasaconsumidor.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
aivo.co Amazon	`2021-12-23` - `2023-01-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
redintelligence.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
singles.parship.de Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.instana.io DigiCert TLS RSA SHA256 2020 CA1	`2021-11-09` - `2022-12-10`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Frame ID: F038CCBFA08625CD791F161E8E0D754D
Requests: 80 HTTP requests in this frame

Frame: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B50A81A0724C680C953B8C824B9B5BB1
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: DFF81CA4F16BDC76FF9B3ACB7AEADEEE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: BCA2A0F13D2D949837B77A929722127F
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77BCF0CD39048483B313C31C1A539998
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A99F1CFEB224F6E50150ED80EE0E1D72
Requests: 2 HTTP requests in this frame

Frame: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 66EFC320306DB0FC8D978362C7F1D2D2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNXRF54Db3s-MKiT2-gwYiFn9HEiqfzPQD2U4mrGvWtjGB6EjQcOEqUZpdHrpt6f5RoNKbNp0Tr_QbfqQyufl8bmL4b9tj35mBYTQ1tR6nOBSc4GxTYOTQzD0XtfUemqquFS2lgwyjPFGWMZ36tj1H4WLn_0MieoAsCO2j7mzNNA9MsCXJg
Frame ID: 7ACDDFCFA4862DA3A3B7EE5A1CD4DCA6
Requests: 5 HTTP requests in this frame

Frame: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2C9729B679A1FCC94F6D0E2513D7EA05
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 783BA7887BCDEED91F99B6E859366044
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYxNPDmAEwAQ&v=APEucNVtJNfh3DnLbPIeRdjzbexGiVMcdUruNSXpsKVPLa_YYE-48dnvOonj5QjNJ5TUdR4ZSqrz-HmtEpgvXrsQQ4Y8S2PK4jL8DdyH9Et3p-6XlrbHbmZ9vcByq19lAVbnzLaP7QyHGb1hMhjh_pUVHZLNT4ZwaexPwBBqDEeUumunjfKbznA
Frame ID: 64DA7D5363FE77CB35BBB37757B31C54
Requests: 5 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25249300010051000710632011912010&actionid=981741&produktid=&dt_url=
Frame ID: FADA7C37C46973AE0A9AA62FF93D143D
Requests: 1 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID
Frame ID: 8F89636DA76F69D5CA87C0E32D115859
Requests: 8 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=25249300010051000710632011912010&a=25be310e
Frame ID: 6A2E3CEB485F4B0B43AE1806C75181F0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5DB4A0A1CCEA10B1477CC0C234F79EBB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13179925603047686728/index.html
Frame ID: 78905755FD77CEC6C67213C6123D95F0
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Como acionar o Alerta Provisório? – Central de Ajuda - Serasa

Page URL History Show full URLs

https://cl.s11.exct.net/?qs=e8b1e64cb9cfefc52a8f9be7437206c5e3e6087aadef43e6fc781113288ae067997c1cb2... HTTP 302
https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-l... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

170
Requests

94 %
HTTPS

45 %
IPv6

34
Domains

51
Subdomains

44
IPs

7
Countries

2805 kB
Transfer

6523 kB
Size

35
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://sitenet05.serasa.com.br/chequedocroubados/CadastroCPF.aspx
Title: Quero me cadastrar

Search URL Search Domain Scan URL

URL: https://www.facebook.com/serasa.com.br

Search URL Search Domain Scan URL

URL: https://www.instagram.com/serasa/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCZxt4ydjJGnV6fieQaVZ7bA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/serasa

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/5ZTMUau1ssfgmCIyvygpwt

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cl.s11.exct.net/?qs=e8b1e64cb9cfefc52a8f9be7437206c5e3e6087aadef43e6fc781113288ae067997c1cb21195fd335160d53abe8c2e01be1c005a848b3dfd21889771eaf53653 HTTP 302
https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://assets.zendesk.com/assets/apps/conditional_fields/latest/helpcenter.js HTTP 302
https://static.zdassets.com/conditional_fields_app_hc/latest/helpcenter.js

Request Chain 58

https://ajuda.serasa.com.br/api/v2/help_center/articles/360012553371.json HTTP 301
https://ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/360012553371.json

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwVGI10dtjQml0Hdnq9f7E&google_cver=1

Request Chain 105

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkEIpgzmosZO2EIKW3ZtRgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwVGI10dtjQml0Hdnq9f7E&google_cver=1

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECq3F6zdRr8VMt2sVJ9DFw8&google_cver=1

Request Chain 107

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg1Njk1NDcxNTU3NDAwODYzOA%3D%3D

Request Chain 120

https://hal900010.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=c9b38a9802&subid=&uid=be1abb15763f3284&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7ryCpQhBYsLNDoik3wOGgp2ACLXN-YNXnNC5q-UM8C4QASDh7spAYJXikIKgB8gBCakCjWBDBidtsj6oAwGqBIQCT9CdQU5OhAijTt0t3ipeaWn6gCQRujWWZgOyY1mEUvh2Jsa7B--w-L35tTP3eIuYetYbPITd9D6vafRT8zMJ1pbLnbmINRiFgnAfCikMhHg9lmlAFPamW_AJd8euf2Nr8j04IqulLGsThySS3Ovv-CrPt2LF7jYp6xpYT13PyEni8lS17t-RN3-daxVI_AYD2fGeJ93I4sHShHI2BDqu34J2UFCedC_e-7f2tvHqGjTOkw_WY7hho9fziDvTEVLjd-pf7wHe7hy23I4VNnsQzvI2-s9wmdCNsF1vdrG_n89-e4RMhnD7jbSXr09CpFwsvtguEctOBs_h4vRHP6UGiLtk1GjABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoYC9jcj51sSXU8Z6zumgUNJVUhZGHUpqygOahismc5igbzXrBqg%26sig%3DAOD64_0SYzorOQ3H29ZICwj9fjjzivA_iA%26client%3Dca-pub-9650408980791532%26dbm_c%3DAKAmf-DzSF0RVVrpw6JZTRhHX2X2mXhq2p6HrNX_u3eYG68PMaqcIdYnUFcm0vKjyqhOL4Kcll5AoTjhffQs3PNdwTNmOZV6t_BI6bF0sPu6gwh3b9k4mV7A1j3c2BMtVcSVT_6CNAfFuNwSzyWZmYHlqSbCmVhN-Q%26cry%3D1%26dbm_d%3DAKAmf-BF5KmoUj7h48xAlpFAu_tTA_FqzWDCCXhUki1yODDnyOfmOBWFXzF4JMRLAxBWmhNkIOT37JdpU7nhfayyjv6QTnqaP3eht_hLWvX9pl-wFgPc09ZLwPLD3PZo9A4dOAA_bZl7wg4sP348YC8mzALiV8h0ySkCBS69CbKXCLCHy7lEPx_9AVlJw8w4dVFvUjY9PhTZoKFj_VxzbE7uV7AomWfhavbqmVzLuFFyMdtBBeaHsLxeUcRBjdNb22MFdjLO5pZJn_c7X0IxiKpPiTUOCLMdHIWgagOfQd21eCpbuLoipcIHW0dTFqbxyXXjVMOUsd3Z0B8CGW43Q1QbLDObDHT1k_t05R0U9fUZLFlp2GD4MaHpJ12Ap3UJ0d2Enmi2r_OjkIv5Mpw-fxsIV31kV5l3rgX79-599_L2ZTZzNvN1ZkGQp2x74r3VfG7zfEde3C7gc3BwceZJ5uVPPqdy3aMXYMc2IZKx3mCeTRY7pVO6JgDZ44z_RhQ9oIhyYuY8buO-qeHSd6h7THntcvDwKCVDgDpTTM2-OVzojSnajUlvZskxSKwZRE1h2_zMbnaeebx8tSkRD1W7tkWtzLzuDDFdgmzOlsGwn6rxYW1TqardIthjIK1XkTAk0Kpn8a6MkjJt3YgGmXwc00Cx0oAB7S2_e47FCmpyTus5GKhy8sGaCqQPuUYN8pXjDYAcWzA0IucKSFaRefgMN7TpkYeIqfAHYGZ2UMlqxHqtK4CYYbis-wwFXoSsYYW26j92-HtR4fmpRc-xOpJNInA8poonFfuwsAE8MUn4TmY8TSZB4gPmyyMs4wUyiYsrkLHcxS5Ioe94%26adurl%3D&documentReferer=https%3A%2F%2Fajuda.serasa.com.br%2F&ancestorOrigins=https%3A%2F%2Fajuda.serasa.com.br&random=8030656589087&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900010.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=c9b38a9802&subid=&uid=be1abb15763f3284&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7ryCpQhBYsLNDoik3wOGgp2ACLXN-YNXnNC5q-UM8C4QASDh7spAYJXikIKgB8gBCakCjWBDBidtsj6oAwGqBIQCT9CdQU5OhAijTt0t3ipeaWn6gCQRujWWZgOyY1mEUvh2Jsa7B--w-L35tTP3eIuYetYbPITd9D6vafRT8zMJ1pbLnbmINRiFgnAfCikMhHg9lmlAFPamW_AJd8euf2Nr8j04IqulLGsThySS3Ovv-CrPt2LF7jYp6xpYT13PyEni8lS17t-RN3-daxVI_AYD2fGeJ93I4sHShHI2BDqu34J2UFCedC_e-7f2tvHqGjTOkw_WY7hho9fziDvTEVLjd-pf7wHe7hy23I4VNnsQzvI2-s9wmdCNsF1vdrG_n89-e4RMhnD7jbSXr09CpFwsvtguEctOBs_h4vRHP6UGiLtk1GjABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoYC9jcj51sSXU8Z6zumgUNJVUhZGHUpqygOahismc5igbzXrBqg%26sig%3DAOD64_0SYzorOQ3H29ZICwj9fjjzivA_iA%26client%3Dca-pub-9650408980791532%26dbm_c%3DAKAmf-DzSF0RVVrpw6JZTRhHX2X2mXhq2p6HrNX_u3eYG68PMaqcIdYnUFcm0vKjyqhOL4Kcll5AoTjhffQs3PNdwTNmOZV6t_BI6bF0sPu6gwh3b9k4mV7A1j3c2BMtVcSVT_6CNAfFuNwSzyWZmYHlqSbCmVhN-Q%26cry%3D1%26dbm_d%3DAKAmf-BF5KmoUj7h48xAlpFAu_tTA_FqzWDCCXhUki1yODDnyOfmOBWFXzF4JMRLAxBWmhNkIOT37JdpU7nhfayyjv6QTnqaP3eht_hLWvX9pl-wFgPc09ZLwPLD3PZo9A4dOAA_bZl7wg4sP348YC8mzALiV8h0ySkCBS69CbKXCLCHy7lEPx_9AVlJw8w4dVFvUjY9PhTZoKFj_VxzbE7uV7AomWfhavbqmVzLuFFyMdtBBeaHsLxeUcRBjdNb22MFdjLO5pZJn_c7X0IxiKpPiTUOCLMdHIWgagOfQd21eCpbuLoipcIHW0dTFqbxyXXjVMOUsd3Z0B8CGW43Q1QbLDObDHT1k_t05R0U9fUZLFlp2GD4MaHpJ12Ap3UJ0d2Enmi2r_OjkIv5Mpw-fxsIV31kV5l3rgX79-599_L2ZTZzNvN1ZkGQp2x74r3VfG7zfEde3C7gc3BwceZJ5uVPPqdy3aMXYMc2IZKx3mCeTRY7pVO6JgDZ44z_RhQ9oIhyYuY8buO-qeHSd6h7THntcvDwKCVDgDpTTM2-OVzojSnajUlvZskxSKwZRE1h2_zMbnaeebx8tSkRD1W7tkWtzLzuDDFdgmzOlsGwn6rxYW1TqardIthjIK1XkTAk0Kpn8a6MkjJt3YgGmXwc00Cx0oAB7S2_e47FCmpyTus5GKhy8sGaCqQPuUYN8pXjDYAcWzA0IucKSFaRefgMN7TpkYeIqfAHYGZ2UMlqxHqtK4CYYbis-wwFXoSsYYW26j92-HtR4fmpRc-xOpJNInA8poonFfuwsAE8MUn4TmY8TSZB4gPmyyMs4wUyiYsrkLHcxS5Ioe94%26adurl%3D&documentReferer=https%3A%2F%2Fajuda.serasa.com.br%2F&ancestorOrigins=https%3A%2F%2Fajuda.serasa.com.br&random=8030656589087&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKVKDlGC98AqyMSEibKNQYw&google_cver=1

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESED-MIwDlfkxaff6b3gDAy-4&google_cver=1

Request Chain 133

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=25249300010051000710632011912010&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25249300010051000710632011912010&actionid=981741&produktid=&dt_url=

Request Chain 134

https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=25249300010051000710632011912010&pv=1 HTTP 302
https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID

Request Chain 136

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25249300010051000710632011912010 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25249300010051000710632011912010 HTTP 302
https://ad-server.eu/wm/pb/native.png

170 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio Show response
ajuda.serasa.com.br/hc/pt-br/articles/
Redirect Chain

https://cl.s11.exct.net/?qs=e8b1e64cb9cfefc52a8f9be7437206c5e3e6087aadef43e6fc781113288ae067997c1cb21195fd335160d53abe8c2e01be1c005a848b3dfd21889771eaf53653
https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3...

60 KB
15 KB

627ms
358ms

Document
text/html

104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69d5de9468b67828570fedcb88c0672d010bfde363728b06882901d73c769819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-type: text/html; charset=utf-8
cf-ray: 6f2c6d9d8dee8ff5-FRA
cache-control: public, max-age=0
content-language: pt-br
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
protocol: HTTP/1.1
x-content-type-options: nosniff
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-envoy-upstream-service-time: 131
x-frame-options: SAMEORIGIN
x-request-id: 6f2c6d9da46b8ff5-SEA 6f2c6d9da46b8ff5-SEA
x-runtime: 0.127210
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-zendesk-origin-server: help-center-unicorn-d67b7d5f9-j86c2
x-zendesk-zorg: yes
zendesk-api-version: 2022-01-01
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLcNhXO6t8EOwS0wTmsD5QGRs1XZPJeT0H9vpkY8tVU0BO2rF%2FJ3hkF55qouSroc5KcTw7A4onjZXJSJUbJeR3liXeyBfAyKTkSLdISv%2ByDacmMaXc1qAqnpu83hUZZJjPtDre0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Date: Mon, 28 Mar 2022 01:00:18 GMT
Connection: close
Content-Length: 596

GET
H2 200 application-eee6d8d7fa05e7e79d4f3bfce1e548f7.css
static.zdassets.com/hc/assets/ 54 KB
11 KB 57ms
24ms Stylesheet
text/css 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/application-eee6d8d7fa05e7e79d4f3bfce1e548f7.css

Requested by

Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a972b4d1cdb31c6ed98e2b2cdb37aeaf482dedf022c278e8579b44d545b87d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393533
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: P0ES314QYCBF06XA
x-amz-id-2: FBYzfzwt1XCse2iuvZE+fmm8p4tb4pI/OWAaNcZfrjLzb37+lkKCFtxL6iC1Iq18SmW3i4ri0VY=
last-modified: Wed, 16 Feb 2022 11:38:17 GMT
server: cloudflare
etag: W/"db93d565a4a928bcc3c7f69066f238cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byU%2FNYdv%2FxO7S1FuhVoautgiUhTV14m2xDtNgJb49y2l4%2FZw5z5XE6EA8cb74YcOqd7b8wwYDzWRu5QL8VWA11gLpwMofWJWr6IFUdeiDWHU%2FLMFMUzl1F1K8cTB8wFDL%2FuiPlE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-amz-version-id: _8zAQbC.eJm5lM4RUl704vubjUGk2xfb
cf-ray: 6f2c6da01aa75b2c-FRA

GET
H2 200 style.css
p13.zdassets.com/hc/theming_assets/2029595/114094504791/ 132 KB
24 KB 85ms
26ms Stylesheet
text/css 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b2128735e020a2505fa343f3086efdd46c702ee4401da138e6c5a22df7afc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67720
x-zendesk-origin-server: help-center-unicorn-d67b7d5f9-h5cbm
x-envoy-upstream-service-time: 20
zendesk-api-version: 2022-01-01
strict-transport-security: max-age=0
protocol: HTTP/1.1
content-encoding: br
x-zendesk-zorg: yes
x-request-id: 6f137ca9c9d480f6-SEA, 6f13aa4c69be916e-SEA
x-ua-compatible: IE=edge
x-runtime: 0.017277
x-robots-tag: none, noarchive
server: cloudflare
etag: W/"e7b2128735e020a2505fa343f3086efd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BHPPCjSqeKTVMcgTZLfqsfgRinnX8nZjRJi4yPN0xYninxH6IMW2KT96yKpebQBPyvNkB9flkP4uNtbj7tIcysvx%2BylAtigvkSGnFuGPfe74tLeCsaaFP991o8P9ciLk58%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=604800, public
cf-ray: 6f2c6da03d7c9b69-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5130
date: Sun, 27 Mar 2022 23:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 28 Mar 2022 01:34:50 GMT

GET
H2 200 slick.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
770 B 35ms
15ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 284647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 450
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAH4aaR%2FkR%2FYQnfmJe6pB6oqIM2A3TVgTwmBtj4SnR6kxTT1Ysqrl4fbmJPbR87yRndyf2rWPktXGlMZnN1hNuVlVq%2FYzGYiqDzBTZUNqFZ%2BfhCPtuZ0qkLT0tKQU%2BMpiE6f0U2IipYk566NMomtUqlk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6d9fffef5cb0-FRA
expires: Sat, 18 Mar 2023 01:00:19 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
975 B 36ms
16ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2675657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 657
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJMvCLX98SbKh340PXuE5l%2FISZmS5f29th6uRKq6j5%2BlgTLM1m0FZ5Tfpc9N7U1EcdhS04Pn2ZmMR9QTaKJTO139GFdZoeE2SkSR8X5r4LNAy0RHnjDG9pCOM4lDLq1aBXLelOtkPoqsg%2BKRVwCttVwQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6d9ffff05cb0-FRA
expires: Sat, 18 Mar 2023 01:00:19 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ 94 KB
33 KB 61ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1787d"
vary: Accept-Encoding
x-hw: 1648429219.dop254.am5.t,1648429219.cds300.am5.hn,1648429219.cds284.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33357

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 76ms
37ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1c1f"
vary: Accept-Encoding
x-hw: 1648429219.dop254.am5.t,1648429219.cds300.am5.hn,1648429219.cds029.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3063

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 43 KB
10 KB 33ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1567158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9564
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-ab69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXs19ttcrKhwhmYGQfjKOTpf2kl%2BB48COPM%2B3cz%2FBcSLhVtTDm4G5wOX8H1UJppJfQ%2FzE8aqJTlBxIIs5qEUuMzhekM0vHweHS5x5%2FhlnZ0d06XFAmvM6Hk3LA2WbHw3B0iM%2FFU51e19b6VTfS9Yz5ha"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6d9ffff35cb0-FRA
expires: Sat, 18 Mar 2023 01:00:19 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 76ms
38ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-7f20a"
vary: Accept-Encoding
x-hw: 1648429219.dop254.am5.t,1648429219.cds300.am5.hn,1648429219.cds015.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124434

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 58ms
20ms Stylesheet
text/css 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-8c85"
vary: Accept-Encoding
x-hw: 1648429219.dop254.am5.t,1648429219.cds300.am5.hn,1648429219.cds257.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8323

GET
H2 200 jquery.mask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.9/ 7 KB
3 KB 50ms
21ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.9/jquery.mask.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fd6d97c5e1e295a7c66bceaff39daf165a8e65ae8a8dd7228443caaf05f2b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ajuda.serasa.com.br/
Origin: https://ajuda.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1135545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2797
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1d13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9BDjcMOiB3IsMFWLM7%2F5WzsF5xnSAEHXPERQHomYlWFU2qLJkONs9qKdxXT0trbwLmhQPci0L%2BVSXKa4rKSVoe8W%2BNz69HS1aZdlOPEoTmVBrTXyi3U8w2hW6HmXitNjuRc4ONPbgC1echDHawBbB49"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6da0184e9bb2-FRA
expires: Sat, 18 Mar 2023 01:00:19 GMT

GET
H2

200

helpcenter.js Show response
static.zdassets.com/conditional_fields_app_hc/latest/
Redirect Chain

https://assets.zendesk.com/assets/apps/conditional_fields/latest/helpcenter.js
https://static.zdassets.com/conditional_fields_app_hc/latest/helpcenter.js

63 KB
19 KB

23ms
23ms

Script
application/javascript

104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/conditional_fields_app_hc/latest/helpcenter.js

Requested by

Protocol

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c1a64732de92fe691f38055f446c114cba9df7e63b2ccc35015e57c7513fc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 452
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 6TKRT3S4MZP60YY9
x-amz-id-2: Q01inumG1qetSufyluq6NIs/jeF5WAc1T4D6vlzFn4kB3nDZQ7g3CZ9+OA6Kd592rb+nbvowFdw=
last-modified: Wed, 05 Dec 2018 23:42:03 GMT
server: cloudflare
etag: W/"06dadc6c7364cf7662b03515664be760"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiE5FOme8oSX0QiSSR1Y6JBrmbeA8zNGsNmTQdCdei644Y6kJL6BLVXo9GaOfClIy5192gpXE%2BZkLagcIj%2FF5kLirysBzyRGh30zt0qlJdZ0NiufzMqMFB0ti%2B8sTi3a3sgsdh8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-version-id: 3aS1wWYF1HCvCctTv8qQiOsRRZwVNgEk
cf-ray: 6f2c6da08b035b2c-FRA
expires: Thu, 05 Dec 2019 23:42:02 GMT

Redirect headers

date: Mon, 28 Mar 2022 01:00:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74
strict-transport-security: max-age=0
x-zendesk-zorg: yes
x-request-id: 6f2c6bd1cec89130-FRA
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ix%2Bzcbtb6uSTOmgwPTR08ayEr4iuvgwouLIWs9s4LC3BCtAMlwsDIxVSF6MZ4gg5uBou%2FhHMz318Pk97cTYWNVA44fLp60ZA%2FG0nAYVN4odwnd6myoG1OF8nN%2FkZkZFmJpiQ4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://static.zdassets.com/conditional_fields_app_hc/latest/helpcenter.js
cache-control: max-age=600
cf-ray: 6f2c6da05afd9c10-FRA
expires: Mon, 28 Mar 2022 01:09:05 GMT

GET
H2 200 sweetalert2@8 Show response
cdn.jsdelivr.net/npm/ 62 KB
17 KB 35ms
16ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13019
x-jsd-version: 8.19.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"f9a3-83/dkKMqqE70ruguVvt5jysji+A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6f2c6d9ffae69293-FRA

GET
H2 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/ 23 KB
6 KB 31ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/jquery.mask.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3edcd35f57ed9849a3f18522017d304c843e75d4c0195b763222ccb06b003313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1569433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4938
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-5a58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKOAMPsre9fktWy6jwnqjB0Yma0pRlQ9YkPIdbSvGeJWRjVu1KU2LPZcOsyGcP%2FLTS4oUOESMmgoHozkradGcHrrvbbKVuuZHDfyl36Bk6fnhOeF7ef1pYcy9zk3XBAR4TFiaaHanyFA60v6F8Jwq1vR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6da00ff75cb0-FRA
expires: Sat, 18 Mar 2023 01:00:19 GMT

GET
H2 200 mailcheck.js Show response
cdnjs.cloudflare.com/ajax/libs/mailcheck/1.1.2/ 8 KB
2 KB 33ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mailcheck/1.1.2/mailcheck.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffd0f1a8998b84c05b08ff0e234e5b02d69f4fd5982def489be7dc36ed72b44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4504662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2217
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-21cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpnZqySh%2FPOoUyczZ6u6jqK%2FhTlL0q7pgd84MMsewq9wH1WdgWaaxyefO3Yrfi1D%2BDEpXSyeAyZgfrBIPIxh25srIjXJGoQkbmmQmvu1cmx21bqpVX9lsvJBl05B3wDg7RgErL%2Fv%2B8Xsra19J2W3dzhS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6da00ff55cb0-FRA
expires: Sat, 18 Mar 2023 01:00:19 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 1 KB
729 B 33ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1872449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfE1urm%2FFHisorJNDXfBEa3Zm3dMAHkNdTA7OeFeHMGWLcHi1dDMjutKYjTjcJX1wuY%2Fgz3bekQhu67Ip8528jDbElGrTc0q5SXUA5MVY8Gx3t6yH4pzcuJIo0JgXeqpu94ktBSHoYj%2BOYGWCpYmquBT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6d9ffff25cb0-FRA
expires: Sat, 18 Mar 2023 01:00:19 GMT

GET
H2 200 api.js Show response
ajuda.serasa.com.br/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 19ms
17ms Script
text/javascript 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/cdn-cgi/bm/cv/669835187/api.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUiiyHjVDWlz6DTqwSZcvhCqw8AJtgfG1urOJrZNyHbSbCNcyWR5OHd80ID4wyBahW92alFlUziYFL4479qNd7j5KZ8xOIMUo1s2CVD8QIhSxlCm4vNKkVcwyGDEfaUQ64DLHNE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6f2c6da0cfe78ff5-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 145ms
55ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

5377b85929b89e53828ca9b7489ea8a9c4a112bd7384c8eadb38b8dea5df6983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28043
x-xss-protection: 0
server: sffe
etag: "1171 / 975 of 1000 / last-modified: 1648245909"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 28 Mar 2022 01:00:20 GMT

GET
H2 200 69a88bbc97b6f612454ed33837665cf83a4ba4ee.png
theme.zdassets.com/theme_assets/2029595/ 6 KB
7 KB 41ms
31ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/69a88bbc97b6f612454ed33837665cf83a4ba4ee.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe32d9e8c5b91d60410c08d8fa519796439792744528d5a01bde953a60428712

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
via: 1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51370
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 6231
last-modified: Sun, 28 Feb 2021 00:08:19 GMT
server: cloudflare
etag: "309bf36aefe0731606e5add035e14404"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Nw5c5jVP5bdCj142vK0sb56kPVeG%2BHRmxUIfioNt96APqUYzsvpAcVW2dat2ENFqgJx3Bz6Z61Kur%2B82hPS3nMYIu6c1p29cUiOHqOC70Z1z4J2ch%2FiK24dfa5kWs6xZvOJ9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: IfHzCRqXvC.j2MAO1sWO8.Xcr9ycjNRz
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6da0db4a5b2c-FRA
x-amz-cf-id: QO-5PJ8_AmtO9F0Go713t48uDdCp4UVwyAsBbpkREzPCK2qQ7lRYkw==

GET
H/1.1 200
OK dea6c07769c06d2043b5cb74146ddb86.js Show response
cdn.agentbot.net/core/ 802 B
913 B 405ms
96ms Script
application/javascript 45.55.193.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.agentbot.net/core/dea6c07769c06d2043b5cb74146ddb86.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.55.193.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f5cd0d0af73325ea04c9b99435d3d4018dc0a048a41987cc94fcf3eb8a06e698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:00:15 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/javascript
X-Xss-Protection: 1; mode=block
Cache-Control: max-age=259200, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 484
X-Content-Type-Options: nosniff

GET
H2 200 1d903b0e11f8f745e039543bc5a23331fde40bfc.png
theme.zdassets.com/theme_assets/2029595/ 6 KB
7 KB 41ms
31ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/1d903b0e11f8f745e039543bc5a23331fde40bfc.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b826baf4b1c464fb6f997c20dd47e496f30a58d1efc8432e3b33fb0872a90862

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
via: 1.1 29473aa9cc185f2a037ec3a7e2ffd74c.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8382
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 6558
last-modified: Sat, 20 Feb 2021 23:23:13 GMT
server: cloudflare
etag: "7c2306ff2b5eaa7723da25b59b489acb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0332HbkKAtU2FyYmkHgIHkjl3Q43CsVAMMueCuI9GLE4VcwxvvE0UQRIHxZTIhHlatwzWEiUHNtkc9MOjjjv42wILxQgTSdmMLtpIg9uEf3z16Ed8bdKu9dL6KOpSTyHOtwPw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 8QOe6lFMgT2OoZucvWMrbArkHcees_7j
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6da0db4c5b2c-FRA
x-amz-cf-id: YJmhTnZB0VSDfVcopfGzJDnqbBam_BRV5N4cj7WLuWd6ULobq3KcrA==

GET
H2 200 5ae6a2a27c0f986f606c2e576cd74e83f9e68e90.png
theme.zdassets.com/theme_assets/2029595/ 7 KB
8 KB 46ms
36ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/5ae6a2a27c0f986f606c2e576cd74e83f9e68e90.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26186ef31ef35679017179c6639f347c58e4eb941ba9a262a4b8584dcb4e8ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
via: 1.1 66ce4848bcf993e3c57b596461cd0b82.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 7200
last-modified: Sat, 20 Feb 2021 23:23:14 GMT
server: cloudflare
etag: "e2b25241cb25e9cefd04a6b299ea90e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzfbYTkKp7QbQptqCdYE7KkZmF2wK5uPpIYCY5ZjFNmGAK3d7cYbEOUZ3xckUVdvMnyxrwKj3g%2B9t%2F4Pm0ZwfamQgK4mvhlGSdFajnQi9OVGU5La8O5dmYjRjjvtrYS%2FMwhaBw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 8ImGdfHBxbBiTt9yqG7IcXOyKAjH0STc
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6da0db4b5b2c-FRA
x-amz-cf-id: LGuWMJvFI1N0XG1vyrYLC-UXWcps8xtyUDYBxYtASpj_AdyUzJJUrg==

GET
H2 200 ee5cb3e3a6a5d18c0b00d556b92ee7ad74aec850.png
theme.zdassets.com/theme_assets/2029595/ 2 KB
3 KB 40ms
29ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/ee5cb3e3a6a5d18c0b00d556b92ee7ad74aec850.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce61e05539704fb07f314ebadf3e65416ffa784626a3cda98623b84c1cafefe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8381
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 2105
last-modified: Sat, 20 Feb 2021 23:21:12 GMT
server: cloudflare
etag: "3ed26a7e7a65e8fbaac529f3c9c57061"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89qNJjCa9pZ47hWi8LS7TOtGWBGn%2BJibAoDYFTHOr5NNjE7Np9T2D5R0C6Y6j7T61bOndhV%2BNiMeeBvvvovwKFvIo5gh2cEypj%2Fs8ooUUsBZdC8YCYDwXVaD%2FCJWxlazt6Br5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: KwVXwHt_W1gMIVBlj6AXaIwmhj5ADVjW
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6da0db515b2c-FRA
x-amz-cf-id: vVxAwzXCbmr4QBpdFXfnmw9EuFDOXNHDfwZ3_8D41O48j0vKVy-lBw==

GET
H2 200 9e0d453da3b5056819631b2b1a9345cf4f9f7258.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
4 KB 36ms
26ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/9e0d453da3b5056819631b2b1a9345cf4f9f7258.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

006aabd877ee1ccdc2bd16cee536f4536a4f3981d9cb76ae6cfd1d3f25129a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
via: 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8381
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 3295
last-modified: Sat, 20 Feb 2021 23:21:13 GMT
server: cloudflare
etag: "266948f5416e85e42af6f4456a54a483"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BGHEx4%2Fh%2Fl16TfplTAfm6zxk6ASZgzoS0w75ZtCr%2FAyvyqPYrISUAdnMU1shu2M6xmlVZk%2BwSQXMX6khMtYH7i3SkuL0wSsRbA2CuZVDvpVy%2BO6rbF2KzbJ84%2FrMrJf4PgBGA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: RyuMEdegMi8DUY6GLMWr1di1ltvtaVzF
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6da0db505b2c-FRA
x-amz-cf-id: nzOQlLRNvM-8r5lF9HzT8IQ1VFuILG3qb3qEKRimcc5W_G6w5URIBQ==

GET
H2 200 dc9c10e062be30c6cfaff2a8e6ba71d122ccecda.png
theme.zdassets.com/theme_assets/2029595/ 1 KB
2 KB 41ms
31ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/dc9c10e062be30c6cfaff2a8e6ba71d122ccecda.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f41c1bfd9141177523d3ba40196be30dc3056fd1fdc5067eca64e9b1b915bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
via: 1.1 dcfe318aa268be733627ea7884246be4.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 117
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 1372
last-modified: Sat, 20 Feb 2021 23:21:15 GMT
server: cloudflare
etag: "433ca788a305be039c7912db1aa397be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFbLLN%2FZlTOXh1L%2FkMlbubLDza4JOyX4cwB7gkTByKDl8VKJX9SAvEg0DrASUr6JWrEteys056sbbVyThfjMDS0fYbt6CoDAflmiVh7IaVi2nLzf6FlkD5n2bKfWnfET6Kp1ow%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: aPeVoYP64gtetXI0YxDG2.oVHZAl.Mom
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6da0db525b2c-FRA
x-amz-cf-id: eSURqFLm4FeSCjHa9x2AMjKTAqmfu1ivn1exNFWpK0v9SqF0i9XxbA==

GET
H2 200 77ef7b9f7c550a060fee3f6e058a2a2e9a4d0e76.png
theme.zdassets.com/theme_assets/2029595/ 1 KB
2 KB 33ms
28ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/77ef7b9f7c550a060fee3f6e058a2a2e9a4d0e76.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1f0c11a70973083a31465b27bd503c6cbcf216f208a2bde6862460a38cf01c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
via: 1.1 badff53d2116a4b3d32a2dd1eb918a48.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 1517
last-modified: Sat, 20 Feb 2021 23:21:14 GMT
server: cloudflare
etag: "00ffc9d6a78332984815173bd818d2e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8%2F1EcpU%2BV3jCgNndaabQFq7xRpkMDuBDiea9R97MhkAElnJ4%2FHwo8E0oS0MqTnhreFwTGNBmEKlQPcwmGqRqU9kWYecXxijEIhlYl84c0t%2FwVhPXAAFlyzifm6C8eicG6Pn4g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: OHPhprL_UD5DM2aYtOe9ZDWS96VVPUYb
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6da11b7a5b2c-FRA
x-amz-cf-id: c8oCFOyYO1MWdWq4jigTYSk574r4JEF-jUqK1xmVs8fS2yuXslxtLw==

GET
H2 200 334d039b4cb4c53e99f6e9445d1897b2613fc047.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
4 KB 25ms
21ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/334d039b4cb4c53e99f6e9445d1897b2613fc047.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

838823d4fc5054d84fbde32bbeb6cd22f18ea7d96edad521aacf170b0ebca411

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
via: 1.1 c414bd1a4ce7ace94cbfdfa8efcbe5a6.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 3133
last-modified: Sat, 20 Feb 2021 23:21:14 GMT
server: cloudflare
etag: "2391b6822e2ef746c5a45a8a7a3e3f56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=466f3ZISpu%2Fzj0rN61wMzRWx6Yeg43%2BJXgAXgIkBVLgEw7RJWhiKRTyEcFbmISzH49M%2BkqKInT%2Fswout5iZeZLN6AgEbLVwupfD%2BAWVu7ZF3xc6jLkcYrgaoiIX2UxrkcEZAng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: MtTXFBGl1wGuX9epx5qZXhZHC.g6OT3l
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6da11b7c5b2c-FRA
x-amz-cf-id: l0ftbeopeCZIgovB-dUUggRk4iTM2cgxZS1TyFEW5UyzO7EvQkIByw==

GET
H2 200 4ca996b6cb531f196b790cd0803e5060e1db5118.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
4 KB 26ms
21ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/4ca996b6cb531f196b790cd0803e5060e1db5118.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66d301290c1e9b6e4c9732d4d200f8a33f750f97a75b734fcc82c2ee605b073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
via: 1.1 badff53d2116a4b3d32a2dd1eb918a48.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 3521
last-modified: Sat, 20 Feb 2021 23:47:38 GMT
server: cloudflare
etag: "534bfc28d3a2b893053d135c9e7d2159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3xQp6LMSOgmkhs6AuAbiyJ%2BPg1zWnr2XLOjPNMNhvBhyG9SSdMna347cGsJ1OJJRuoZkGf1efcrK3%2F7CUhie0IaimUIt%2Bam%2FiFeENP8fgzcZdyVyKf96N5IRGFFwAFLAhUeuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LVbjS1CJo4UPZiXNovUmtJa0vGFnej3p
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6f2c6da11b7d5b2c-FRA
x-amz-cf-id: cR76Gv1mBxoTuvmH8qFugNPwJVxJQ0Sb2-HRbFTrQWLvvOUxAWBtJg==

GET
H2 200 pt-br.48ceb200af474a2e981d.js Show response
static.zdassets.com/hc/assets/ 198 KB
37 KB 37ms
37ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/pt-br.48ceb200af474a2e981d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a039972b006b4e15619fbf1106b67083d1474334e1b0965968074c171513a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 310718
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: CYD8ZBF0CN9EEKZK
x-amz-id-2: fbfEfnlPSoBKhglopOVTX5pXLyOLvhID3eByU2yZXAmW0Q8/k3ZdQGLn6+tJAmg75223nXLHlPc=
last-modified: Thu, 10 Mar 2022 09:36:41 GMT
server: cloudflare
etag: W/"48ceb200af474a2e981d2e200150428f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1gCQFoXwPUUP%2Fmx4JsNGEBpqgT9ZVLb9a5tG3KAT4ivNSxTaNQA5i2rxlYv%2Be%2FliX%2Fz5pdbJywiDbYhv6nhqtaZPh9r2ASYr%2BVjC2AhymOStyPWHDIsdCGEHNfUvIKfeSqWPFY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: cePIsKB2KNRIdIaIh..4t3cR547UbHbF
cf-ray: 6f2c6da0bb255b2c-FRA

GET
H2 200 host.js Show response
serasaconsumidor.zendesk.com/auth/v2/ 27 KB
11 KB 63ms
30ms Script
text/javascript 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://serasaconsumidor.zendesk.com/auth/v2/host.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46f51dfa02a9f96c84032f9ba066f3881096781bc142b26c98a3e4b947566468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34465
x-zendesk-zorg: yes
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-zendesk-origin-server: classic-app-server-66f49c8866-8fg9j
zendesk-api-version: 2022-01-01
vary: Accept, Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6f292432ec16902e-EWR, 6f292432ec16902e-EWR
x-runtime: 0.052184
server: cloudflare
etag: W/"46f51dfa02a9f96c84032f9ba066f388"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0%2BH5hO5p9Q4bGFE%2BTZnkDWyOuSb4O1asnnoXqShC%2BgsW93i64HK7tHrIZL4Ekm2D9W9eJVVO8%2BFu9tjeBfkCrAZY1jxmNj8Cx0juhLQXGUTsvhv4EenmoaVmvWan%2BTc%2Frs5kDp8hhL7eKyyH6E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=86400, public
cf-ray: 6f2c6da10970902a-FRA

GET
H2 200 hc_enduser-7955c470f9234e0807ae9209fcf364b0.js Show response
static.zdassets.com/hc/assets/ 621 KB
184 KB 32ms
30ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/hc_enduser-7955c470f9234e0807ae9209fcf364b0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f799149454b87ae89fc9de2ec87a238a75fa84b9d703ffc94c28ff85ba35f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 391389
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: AS1S9A1X5TPVKWM6
x-amz-id-2: mNO5MIDmo0nYikJUxX8nLwEo2frQ014M+cdeM//tkTD9Acwu+L1vlEDX01u+qperDKiiXBC6oUk=
last-modified: Wed, 16 Mar 2022 12:13:55 GMT
server: cloudflare
etag: W/"bf64c8ce30bfd55938d77440e48dbdbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKIkzms9ieWW3HAq3lbHx7e8gJK%2FzokEaHyOXOMp1JKWiUHhgWXvleiZV9ChNcN6e7Pfg19GmN3afTWHzgthPT9H5wyc1%2BrSii9k2PM5eytq6CfnUN%2BzKzx4HwqvY%2B86mRo2w34%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: xRg32GB1fkWB.9ILIVtuKviMPtVgIjRJ
cf-ray: 6f2c6da0cb3d5b2c-FRA

GET
H2 200 script.js Show response
p13.zdassets.com/hc/theming_assets/2029595/114094504791/ 26 KB
7 KB 271ms
269ms Script
text/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/script.js?digest=5042928780301

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30d8b7673f41672185843f69b79543c5eb50d57eecd92fdec573244a8e413ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: help-center-unicorn-d67b7d5f9-w5vjh
x-envoy-upstream-service-time: 27
zendesk-api-version: 2022-01-01
strict-transport-security: max-age=0
protocol: HTTP/1.1
content-encoding: br
x-zendesk-zorg: yes
x-request-id: 6f16e8239a029170-EWR, 6f16e8239a029170-EWR
x-ua-compatible: IE=edge
x-runtime: 0.019592
x-robots-tag: none, noarchive
server: cloudflare
etag: W/"30d8b7673f41672185843f69b79543c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0u3yR2s4QEfLKvQ3K3kY97IoOVe6TAf5xSgDMNze5wKrLpkOR6VF8sutr12OdhoV7DzUh38B1tcEOc6gHLmzc0AiOANp1ST%2F9t1Tf6wuGkJ0ltCyN4flxpv33heFa2vnoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800, public
cf-ray: 6f2c6da0ce289b69-FRA

GET
H2 200 dd1b1db13ff1f72138c134c62f38fef83749f36a.ttf
theme.zdassets.com/theme_assets/2029595/ 168 KB
169 KB 78ms
26ms Font
application/x-font-ttf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/2029595/dd1b1db13ff1f72138c134c62f38fef83749f36a.ttf

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/
Origin: https://ajuda.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22443
x-amz-server-side-encryption: AES256
cf-ray: 6f2c6da11ce0924d-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
last-modified: Fri, 14 Dec 2018 12:20:53 GMT
server: cloudflare
etag: W/"3e1af3ef546b9e6ecef9f3ba197bf7d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBHkfk62Jtd9rEIfIdTMaFRP9ruQdNoaOnDwc6BZaB6ub96HseJk9%2Fw8gHBgmIgOTvh0dHg%2FY533A8xjNujvo3Fr2UVMX9m5tg1p8RLnUOMmk6sLHF9z4ufML5qqUhs%2FKCIEww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: EuIv9ejf3bymncVwL_gI7qxN48VZpQtR
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P1
content-type: application/x-font-ttf
x-amz-cf-id: D-asz2LGwfiJUB8MCY3hTzY_orsbRupnDdBopo4Mtk7xLCjRQqZ6tA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 46ms
46ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=515125839&t=pageview&_s=1&dl=https%3A%2F%2Fajuda.serasa.com.br%2Fhc%2Fpt-br%2Farticles%2F360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio%3Fcm_ven%3DExactTarget%26cm_cat%3DEM_LNO_FEIRAOMAR%25c3%2587O_SEMANA4_MIDKIT_REPIQUE%26cm_pla%3DAll%2BSubscribers%26cm_ite%3Dhttps%253a%252f%252fajuda.serasa.com.br%252fhc%252fpt-br%252farticles%252f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%2525C3%2525A1-lo-Alerta-Provis%2525C3%2525B3rio%26cm_ainfo%3D%26%26%26%26%26&ul=en-us&de=UTF-8&dt=Como%20acionar%20o%20Alerta%20Provis%C3%B3rio%3F%20%E2%80%93%20Central%20de%20Ajuda%20-%20Serasa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1828279266&gjid=491096286&cid=976883100.1648429220&tid=UA-34169623-7&_gid=54738021.1648429220&_r=1&_slc=1&z=1110624276

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ajuda.serasa.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ajuda.serasa.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022031601.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 37ms
36ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 21:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126823
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Mar 2023 21:10:14 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 72 B
97 B 89ms
45ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ajuda.serasa.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

dc477ab682fe2729d0dc4fadc416897b131f9209cef31fe5c8b675bdb99663e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72
x-xss-protection: 0
expires: Mon, 28 Mar 2022 01:00:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-34169623-7&cid=976883100.1648429220&jid=1828279266&gjid=491096286&_gid=54738021.1648429220&_u=IEBAAEAAAAAAAC~&z=298588865

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ajuda.serasa.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 28 Mar 2022 01:00:20 GMT
content-type: text/plain
access-control-allow-origin: https://ajuda.serasa.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 133ms
50ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34169623-7&cid=976883100.1648429220&jid=1828279266&_u=IEBAAEAAAAAAAC~&z=1936255487

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 139ms
51ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34169623-7&cid=976883100.1648429220&jid=1828279266&_u=IEBAAEAAAAAAAC~&z=1936255487

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 132ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ajuda.serasa.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 126ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ajuda.serasa.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
12 KB 983ms
983ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4348093462406210&correlator=1400233294865319&eid=31064150%2C31065714%2C31065550%2C31065654&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=281426761%2Cserasa_centralajuda%2Ccentral_ajuda_artigo_leadeboard_top&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&adks=3968775647&sfv=1-0-38&ecs=20220328&fsapi=false&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1648429220312&lmt=1648429220&dlt=1648429219798&idt=483&biw=1600&bih=1200&adxs=436&adys=309&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fajuda.serasa.com.br%2Fhc%2Fpt-br%2Farticles%2F360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio%3Fcm_ven%3DExactTarget%26cm_cat%3DEM_LNO_FEIRAOMAR%25c3%2587O_SEMANA4_MIDKIT_REPIQUE%26cm_pla%3DAll%2BSubscribers%26cm_ite%3Dhttps%253a%252f%252fajuda.serasa.com.br%252fhc%252fpt-br%252farticles%252f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%2525C3%2525A1-lo-Alerta-Provis%2525C3%2525B3rio%26cm_ainfo%3D%26%26%26%26%26&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x22&msz=1600x0&fws=0&ohw=0&ga_vid=976883100.1648429220&ga_sid=1648429220&ga_hid=515125839&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

6615824df86a250cb19a7d7c47e59e16ad38aa31e2ea7b25896ae4e354fb1c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11828
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ajuda.serasa.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B50A 6 KB
4 KB 169ms
47ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 28 Mar 2022 01:00:20 GMT
expires: Tue, 28 Mar 2023 01:00:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK core.js Show response
cdn.agentbot.net/core/latest/ 778 KB
205 KB 198ms
198ms Script
application/javascript 45.55.193.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/dea6c07769c06d2043b5cb74146ddb86.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.55.193.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

48f06ee1e5c731e2cb399cbb155bf6ddddf9e446b949908ea1a0f94860097903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:00:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 23 Mar 2022 20:10:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "c28e6-5dae851862d2a-gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Accept-Ranges: bytes

GET
H2 200 f6783010d5def128c4a1539333324f75701d9bab.ttf
theme.zdassets.com/theme_assets/2029595/ 168 KB
168 KB 22ms
22ms Font
application/x-font-ttf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/2029595/f6783010d5def128c4a1539333324f75701d9bab.ttf

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/
Origin: https://ajuda.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
via: 1.1 697a26790d3ab8292d8546ca9be87bbc.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22443
x-amz-server-side-encryption: AES256
cf-ray: 6f2c6da31ea2924d-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
last-modified: Sat, 20 Feb 2021 03:03:20 GMT
server: cloudflare
etag: W/"58aef543c97bbaf6a9896e8484456d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Sva9E5PVapGmeWF9WKPNlU0ytCsdq4YzEiT9WDUwjxIfDWGrHuG9oVTZhsb0RM9RuaVk7Y4DMk34tgYOdlICAtG1g1tkrhflk2UQqPTL%2BSd13o%2BwPaqbZyjlRlvCioXqAyp4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: zAM6xFjeT4.7isikbchG3tBx3dFfYhNG
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
content-type: application/x-font-ttf
x-amz-cf-id: dCe49WAGAwh0YS9BUBkTM8NdfqHRpowgk86XEbNe2wsrgDKqp9SyQg==

GET
H2 200 hotjar-2469592.js Show response
static.hotjar.com/c/ 4 KB
2 KB 59ms
39ms Script
application/javascript 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2469592.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-29.fra50.r.cloudfront.net

Software

Resource Hash

3053f072c299ba5c602a07e0ec60683caa8a28d999e9fae7d83f015e2666fc6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache-hit: 1
etag: W/0e6cdabdc5e0b28d9c7998ee8ce2be1a
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 1919
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
x-amz-cf-id: SkVhNCQIbSXnx1kQglZgORZMliYX6WNh3qj6KluIDYJ8w2Qbyk30Eg==

GET
H2 200 0ce37ced9c5fcac9bdc452a432c1258870ba4677.ttf
theme.zdassets.com/theme_assets/2029595/ 167 KB
167 KB 29ms
29ms Font
application/x-font-ttf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/2029595/0ce37ced9c5fcac9bdc452a432c1258870ba4677.ttf

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/
Origin: https://ajuda.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
via: 1.1 9603ab49d77e9b1b00dc0c80e48bd7e8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22443
x-amz-server-side-encryption: AES256
cf-ray: 6f2c6da32eb1924d-FRA
x-cache: Hit from cloudfront
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
last-modified: Sat, 20 Feb 2021 03:03:17 GMT
server: cloudflare
etag: W/"ee7b96fa85d8fdb8c126409326ac2d2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OsmYu%2B7VIXccS%2FVcNRqGGVdIbtOziW4osRde5wAENosyFLGvHNIFA3PCgofn9wFbyNiLvRuHAsfwBUfhangXMZAZXEqNkXUYNcrlyMIOxThSUY5ozDMog%2BBUIw%2F52glTMkOKw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: NxArhaQtkw2wgZXJpzBKcLGt4dOAdttA
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG50-P2
content-type: application/x-font-ttf
x-amz-cf-id: EuONXTNUmsWWcWJLWCGyhAFOHeelJuD8FaB6jwe_x7vSb0yr2xp6mA==

GET
H2 200 a7cf9fd064d4f719e3ed5a0481bb5f5793e11e48.png
theme.zdassets.com/theme_assets/2029595/ 14 KB
14 KB 21ms
21ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/a7cf9fd064d4f719e3ed5a0481bb5f5793e11e48.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05ad3b768943f707a28a890757381563494068df29222c803cb43baba65488b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
via: 1.1 a2255db944717fedb0da0026622f7e7a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 117
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 14278
last-modified: Wed, 03 Nov 2021 16:48:18 GMT
server: cloudflare
etag: "23940a86a311c5faaeba262d3c726a4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hiNqsKGMXNgnMRl8PfRM6jYc6mAcvcfaV7FRA7hgHM%2B%2B6%2Ff%2FqLiCtGD%2BXJO5fYOxooo4uD53QV8zrRC0IMcLKTLgnNtqRVbNh%2FgnjCBUCvq4iXPl8rWz0OEN9YG3Bz0qhMX4A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 2yIepN3pmCXJZPJP2tDPT111GKuczOT2
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
cf-ray: 6f2c6da33cec5b2c-FRA
x-amz-cf-id: G9xd0adyORbFohKn5qREX4l0xKbLpdY_8wuCPIqfuky10kYQsfJnNw==

GET
H2 200 360012331832 Show response
ajuda.serasa.com.br/api/v2/help_center/pt-br/sections/ 514 B
784 B 266ms
266ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/api/v2/help_center/pt-br/sections/360012331832

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

062feb542f8f284e7b09eec7e0a1b230ef525b0ead09b1e69a4db24b8969c2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-zendesk-origin-server: help-center-unicorn-d67b7d5f9-j86c2
x-envoy-upstream-service-time: 64
zendesk-api-version: 2022-01-01
protocol: HTTP/1.1
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6f2c6da349af8ff5-SEA, 6f2c6da349af8ff5-SEA
x-ua-compatible: IE=edge
x-runtime: 0.061356
server: cloudflare
x-zendesk-api-version: v2
x-frame-options: SAMEORIGIN
etag: W/"062feb542f8f284e7b09eec7e0a1b230"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EtBsO2lYgCtpc%2BL4GHSnQ1fnjT%2FQa3RNc3NAOfccja6kRUxsX0uTwlnlbCNxNA%2FkUJ1npQ09aDhwhy5RGXeeh8PQWEHm8%2FQE3M1lVdp4CNXSDB4Nk%2FN%2FOgFvc9Ri1FUMU6J6ms%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: max-age=0, public, s-maxage=180, stale-while-revalidate=60, stale-if-error=10800
cf-ray: 6f2c6da349af8ff5-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 1738ms
1737ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4348093462406210&correlator=1400233294865319&eid=31064150%2C31065714%2C31065550%2C31065654&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=281426761%2Cserasa_centralajuda%2Ccentral_ajuda_artigo_anchor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=2&adks=3781204470&sfv=1-0-38&ecs=20220328&fsapi=false&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1648429220362&lmt=1648429220&dlt=1648429219798&idt=483&biw=1600&bih=1200&adxs=436&adys=1110&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fajuda.serasa.com.br%2Fhc%2Fpt-br%2Farticles%2F360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio%3Fcm_ven%3DExactTarget%26cm_cat%3DEM_LNO_FEIRAOMAR%25c3%2587O_SEMANA4_MIDKIT_REPIQUE%26cm_pla%3DAll%2BSubscribers%26cm_ite%3Dhttps%253a%252f%252fajuda.serasa.com.br%252fhc%252fpt-br%252farticles%252f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%2525C3%2525A1-lo-Alerta-Provis%2525C3%2525B3rio%26cm_ainfo%3D%26%26%26%26%26&frm=20&vis=1&scr_x=0&scr_y=0&psz=1160x0&msz=1600x-1&fws=512&ohw=0&ga_vid=976883100.1648429220&ga_sid=1648429220&ga_hid=515125839&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e91580883163fbe1fe423dcd33eb855f8e3f558ec3b40770e1fb1e2a673fd238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9501
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ajuda.serasa.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 2022ms
2022ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4348093462406210&correlator=1400233294865319&eid=31064150%2C31065714%2C31065550%2C31065654&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=281426761%2Cserasa_centralajuda%2Ccentral_ajuda_artigo_skyscrapper&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=3&adks=1661103190&sfv=1-0-38&ecs=20220328&fsapi=false&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1648429220366&lmt=1648429220&dlt=1648429219798&idt=483&biw=1600&bih=1200&adxs=276&adys=884&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fajuda.serasa.com.br%2Fhc%2Fpt-br%2Farticles%2F360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio%3Fcm_ven%3DExactTarget%26cm_cat%3DEM_LNO_FEIRAOMAR%25c3%2587O_SEMANA4_MIDKIT_REPIQUE%26cm_pla%3DAll%2BSubscribers%26cm_ite%3Dhttps%253a%252f%252fajuda.serasa.com.br%252fhc%252fpt-br%252farticles%252f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%2525C3%2525A1-lo-Alerta-Provis%2525C3%2525B3rio%26cm_ainfo%3D%26%26%26%26%26&frm=20&vis=1&scr_x=0&scr_y=0&psz=232x867&msz=232x0&fws=0&ohw=0&ga_vid=976883100.1648429220&ga_sid=1648429220&ga_hid=515125839&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

69dbc7bb4fed3da648ee16c610ec89e007cf72cd550429fb5f9313c56c591ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8167
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ajuda.serasa.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 react-5fcaf0bc8b418fffbf611da1260ce6c9.js Show response
static.zdassets.com/hc/assets/ 135 KB
43 KB 25ms
24ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/react-5fcaf0bc8b418fffbf611da1260ce6c9.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-7955c470f9234e0807ae9209fcf364b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1ab87b85f9b4fe02797c9ff8dafbded313b0bde855d1535678619b001be0ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 479186
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: MFSXZDD16W67ER3S
x-amz-id-2: TV6/7QJQx4NzM0e3bvlLLrI8+TG4Qo3sHbo831lmzkLg880E3JK2j+p0CsM5PC+09pQCFAzJrB8=
last-modified: Tue, 15 Feb 2022 11:51:49 GMT
server: cloudflare
etag: W/"0581f7f4a720b7916d91a4ac9d6e1c69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnEiFcalWA6rD1%2FlxwGJmSox5SKxvydNg73PQnewkFe2hezeku9HGZiuIR1V%2FBDkNg3k9dMUNo2actutSEOCawwe55KGA8RrJe%2FKWjqYFOE1pCNzL3KP1mLCRaI942JW%2FmWfkD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: hztrmkVtALc5SSxlwMiwdA7I_keHkOhC
cf-ray: 6f2c6da39d215b2c-FRA

GET
H2 200 Notifications-63922e28c8bfdf63416b2b41e0ea7f65.js Show response
static.zdassets.com/hc/assets/ 6 KB
3 KB 32ms
32ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/Notifications-63922e28c8bfdf63416b2b41e0ea7f65.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-7955c470f9234e0807ae9209fcf364b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0d698c86182256bf48108d7ac3847b43b5c33f273075cd86061e8fdb7c6fadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 479186
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: MFSPF541804D3JZB
x-amz-id-2: E3dPVvDspdXJWhZoJCMPe2GCX+Wjqimwe2Esmhw0+RBxjayAc5EF2C8knvBYIjYSu6EThObe0cw=
last-modified: Tue, 15 Feb 2022 11:51:41 GMT
server: cloudflare
etag: W/"f13d0cedc4ab82fde720ba3aae9e8f50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yco8O2EhIgp1%2BoIP%2BMxKV6sWr77zS%2Bjtz3ClhX7TyL1kMOszVDTjZcqaTesZjLstl4I08LVzuf15awORT9IOgRCr8IYpz9vNjA2e4OvCwCiL8dDionrTRDBZxY3v4WLEk3Rbbuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: gYPRwt5qn3EUWRTnys531w4pHGJX7kdw
cf-ray: 6f2c6da39d225b2c-FRA

GET
H2 200 VoteControls-cdd183f43ca5f42ce0afd3db8f10d01f.js Show response
static.zdassets.com/hc/assets/ 5 KB
2 KB 21ms
21ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/VoteControls-cdd183f43ca5f42ce0afd3db8f10d01f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-7955c470f9234e0807ae9209fcf364b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7d7e70d07f4fb61924549043591387482fc78cf67f6a1fbb80443d5a33febe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 297143
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 3P7N8GZEWGTE00GN
x-amz-id-2: MjcTBYbhIzfZDpB/4a+ta4FK1mnxYbxx95fdAyigL4igmpDCInn4HxivYYVfOzA9GIaXLmZLxBg=
last-modified: Thu, 24 Feb 2022 10:35:29 GMT
server: cloudflare
etag: W/"c13932a4888ecb0780d138e5836a384b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FXCre8WFjtp4h4WtbqNIGTwf%2F8sZMpQjNHxJBOdwjCcfp%2BolQJzxQAnXACaELHbhU38EctuTAlmXbr1Fyr0TS2NXWGU5DkjTFqCe769tctF%2F0VcYmqbz0Ogg6M70ehL3KinUa4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: Gv0XtlnBDTDkVk7.4q9236O49JH_hWLB
cf-ray: 6f2c6da3ad265b2c-FRA

GET
H2 200 vendors~CommentActions~PostActions~actions~subscribe-cc8c61d7cb65b92d8fc4ab292ea1f26e.js Show response
static.zdassets.com/hc/assets/ 23 KB
8 KB 24ms
23ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/vendors~CommentActions~PostActions~actions~subscribe-cc8c61d7cb65b92d8fc4ab292ea1f26e.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-7955c470f9234e0807ae9209fcf364b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26582cccfc6117c3c8756f1a2c088c92bdd81582a0e2c15ae95ebb2905bf1649

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 297127
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: GBCXZ1DPNQ2CV4RE
x-amz-id-2: BhijJ1lxobjGHnddNFTkgauRUj5Jkx0x+DnxbC/2u5MIgjjCjVdH7uRJEPdcSqU+uBAnLr67kdg=
last-modified: Thu, 24 Feb 2022 10:35:43 GMT
server: cloudflare
etag: W/"ea898b67b997da3a5fa581b826b7f0e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAI%2Fmz5lHZ2XrdedY1f36ru0v2ezMtALs1FeddQVxavv16MiPGrv18njTMyI%2BZQK9yj%2FCBdDrtJW6aJqOXgwVr6rjxAGBIk9yyns1SCX4OKjxjCVs5sy0r8xTc6JZCSGQZBpq%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: Pv1ImYbksJQpaBDzWfRKv25EC7CYVlFS
cf-ray: 6f2c6da3ad285b2c-FRA

GET
H2 200 subscribe-e54f54d91bdc6740aab6c4a5707965f1.js Show response
static.zdassets.com/hc/assets/ 10 KB
4 KB 40ms
39ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/subscribe-e54f54d91bdc6740aab6c4a5707965f1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-7955c470f9234e0807ae9209fcf364b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5eabb569720cf9db9f9f285e86cfbced49102d0b9ebc83ca30d3c36d59cd089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 479186
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: MFSJRHGX7KY2BFSD
x-amz-id-2: yYWBCgfD7JZRvcCgRDi2wfb7QP/+QRxdM5oQMx4vKoDtHbBE5HdKZI+3HH1OzYeJQzK9nT1JMGw=
last-modified: Tue, 15 Feb 2022 11:51:49 GMT
server: cloudflare
etag: W/"66b7381ac5e4f06a4b15b82c297f81f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JTWtq%2BBQLGrMUkq6yQ%2BD%2FP37%2Fluaq4sCjaYdvEKdCTO3rNOVWagmPIXC2pUd0xAjxrjKxJX%2FPJBJmY%2F4d4%2FrHNACYRBvgY0KLRJBYiuuZaUCk9K09AFhprxBWtGBm1ID6%2B8ypM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: laxZszX9XIL5dvy_86WEe6wNybGg2KPv
cf-ray: 6f2c6da3ad295b2c-FRA

POST
H2 200 view.json Show response
ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/360012553371/stats/ 0
778 B 274ms
274ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/360012553371/stats/view.json

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-7955c470f9234e0807ae9209fcf364b0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-zendesk-origin-server: help-center-unicorn-d67b7d5f9-cbbs2
x-envoy-upstream-service-time: 75
zendesk-api-version: 2022-01-01
protocol: HTTP/1.1
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 6f2c6da3a9f58ff5-SEA, 6f2c6da3a9f58ff5-SEA
x-ua-compatible: IE=edge
x-runtime: 0.071211
server: cloudflare
x-zendesk-api-version: v2
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1bY%2B%2BTu4jg93Jr7l8VGCAOtKy8d6%2BERiFXQ6sCeBC1A7HXY7Q%2FrGr7y8eHJMQogomcs%2BOtouX1R0AtTDB6ywP%2Ffc0SK%2Buecz92GVSLb8phPsWGl6R6n4wHnqCQtQ%2FS%2FpGuquZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ajuda.serasa.com.br
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 6f2c6da3a9f58ff5-FRA

POST
H2 200 activity
ajuda.serasa.com.br/hc/ 0
0 210ms
210ms Fetch
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/hc/activity

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-7955c470f9234e0807ae9209fcf364b0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-envoy-upstream-service-time: 3
zendesk-api-version: 2022-01-01
x-xss-protection: 1; mode=block
x-request-id: 6f2c6da3b59b8ff5-SEA, 6f2c6da3b59b8ff5-SEA
cf-ray: 6f2c6da3a9f78ff5-FRA
x-runtime: 0.001267
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
x-zendesk-zorg: yes
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeXffA9Q0lfQk9Xp%2FNPjhwmY7kjcJrXmHz8FH%2B0IEhCBptMu1ptfSu%2BrtEn%2Ffm8g%2Fawzxi1zb3ZADnGetwE7bX3wzwJ%2BsSf%2Banh26gRi6Z5YnRESo0EcGtGZh6Cm5KcAOb40x%2BM%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
content-type: text/html

GET
H2

200

360012553371.json Show response
ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/
Redirect Chain

https://ajuda.serasa.com.br/api/v2/help_center/articles/360012553371.json
https://ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/360012553371.json

4 KB
2 KB

278ms
278ms

XHR
application/json

104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/360012553371.json

Requested by

Protocol

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d998296e38625f0ff8db0905f3dd073c8665752dfa6c6b8e5b1dc62864fb92ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:21 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-zendesk-origin-server: help-center-unicorn-d67b7d5f9-j86c2
x-envoy-upstream-service-time: 83
zendesk-api-version: 2022-01-01
protocol: HTTP/1.1
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6f2c6da5bb378ff5-SEA, 6f2c6da5bb378ff5-SEA
x-ua-compatible: IE=edge
x-runtime: 0.080524
server: cloudflare
x-zendesk-api-version: v2
x-frame-options: SAMEORIGIN
etag: W/"d998296e38625f0ff8db0905f3dd073c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0myOc8IYqHZ2ibRHH3w0c7uDn9aTttk0bfXA0z101i6KwMdgqG7tNpTXsNXjSv2iKf8AzZQFQqzEbaHpuGenzvD90pxtPevQVrxmGpsLPi7r%2BEpu9eicjS%2BXnBUm%2BRfu1kkEQC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: max-age=0, private, must-revalidate
cf-ray: 6f2c6da5bb378ff5-FRA

Redirect headers

date: Mon, 28 Mar 2022 01:00:20 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-zendesk-zorg: yes
x-zendesk-origin-server: help-center-unicorn-d67b7d5f9-thr5n
x-envoy-upstream-service-time: 63
zendesk-api-version: 2022-01-01
protocol: HTTP/1.1
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6f2c6da3ea198ff5-SEA, 6f2c6da3ea198ff5-SEA
x-ua-compatible: IE=edge
x-runtime: 0.057913
server: cloudflare
x-zendesk-api-version: v2
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgcehFKIiLmrpjtLyfALux8Am3Z9FT3%2FmWVs3oK32DOO3UVCKGh2CKgmwrmlbSaLv6ayMyq6pFIiCYPjgX%2B2jpaF6ryGAgr03W7fHFfKbj3BI7FI5HdJUdrG8ozxFyNBahWFmcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/360012553371.json
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: max-age=0, public, s-maxage=180, stale-while-revalidate=60, stale-if-error=10800
cf-ray: 6f2c6da3ea198ff5-FRA

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 42ms
8ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2469592.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1526294
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ZTLtuK_ACEaaWDZj2TCgQQTu2EmbH8olzM9PT8k24qNcRitCq01f2Q==

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame DFF8 2 KB
1 KB 26ms
7ms Document
text/html 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2469592.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: APVAMYBq3lI20TfO1i7bPk6IiQJJmKO-KVm5T8P2ns9OJSX3PtqMSA==
age: 4464494

POST
H2 204 result Show response
ajuda.serasa.com.br/cdn-cgi/bm/cv/ 0
509 B 18ms
17ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ajuda.serasa.com.br/cdn-cgi/bm/cv/result?req_id=6f2c6d9d8dee8ff5
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f2c6da49a7c8ff5-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cbdSojSAbH46DRR4ey%2F7ooAeKrqhfPRZmzG02QsYfxhkpDDrlea%2BS28O31XAR3LQ75tsvXSbl0QPRQSN2EO2VJi19QRIGQvMOiMcDbYYmB27JYKn%2BARl2knSvwhZFs0pf9rdRE%3D"}],"group":"cf-nel","max_age":604800}

GET
H2 200 sections Show response
ajuda.serasa.com.br/api/v2/help_center/pt-br/categories/360005490232/ 2 KB
1011 B 199ms
199ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/api/v2/help_center/pt-br/categories/360005490232/sections

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9b0d892a7ba0fcd8978c74f8906064d9b5a991dd9f720b26e60ba92d202a1d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-zendesk-origin-server: help-center-unicorn-d67b7d5f9-bjz55
x-envoy-upstream-service-time: 70
zendesk-api-version: 2022-01-01
protocol: HTTP/1.1
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6f2c6b3abd592767-BCN, 6f2c6da4faba8ff5-SEA
x-ua-compatible: IE=edge
x-runtime: 0.067217
server: cloudflare
x-zendesk-api-version: v2
x-frame-options: SAMEORIGIN
etag: W/"b9b0d892a7ba0fcd8978c74f8906064d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AngamTt%2BD2qOSW7kV1qqPIgg6b9yX9ME0HeISpxVFwPlJX0eN3eFq8%2FZV0K3Sx%2FeGOxxzpnQiJToj81ejA1unAGCfJ5wHEZ7wvjOawhOyVFjYCS21kjWVkIhSS3nHSwWkOw1AII%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: max-age=0, public, s-maxage=180, stale-while-revalidate=60, stale-if-error=10800
cf-ray: 6f2c6da4faba8ff5-FRA

GET
H/1.1 206
Partial Content notify.mp3
agentcore.s3.amazonaws.com/production/assets/ 25 KB
26 KB 436ms
120ms Media
audio/mpeg 52.216.98.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agentcore.s3.amazonaws.com/production/assets/notify.mp3
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.98.51 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 87d98603dabb39384e5aecd9614fe72adcf8f60670e5efc1262a2596b680a519

Request headers

Referer: https://ajuda.serasa.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 28 Mar 2022 01:00:22 GMT
Last-Modified: Fri, 04 Nov 2016 18:53:08 GMT
Server: AmazonS3
x-amz-request-id: 0J735FERZR5P8EAT
ETag: "2a368218786dd80e3802ef4e5396686d"
Content-Type: audio/mpeg
Content-Range: bytes 0-26068/26069
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 26069
x-amz-id-2: oC+V4i5nzl9pxRZ8VXEPnFRig0RgT3f4WuOf5i4pdki+U/P5A9CwIoYmg/bj+cfOn0klDntTSCo=

GET
H2 200 u Show response
adapter.aivo.co/api/v1/dea6c07769c06d2043b5cb74146ddb86/settings/ 14 KB
11 KB 367ms
317ms XHR
application/json 143.204.98.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adapter.aivo.co/api/v1/dea6c07769c06d2043b5cb74146ddb86/settings/u?host=https%253A%252F%252Fajuda.serasa.com.br%252Fhc%252Fpt-br%252Farticles%252F360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%2525C3%2525A1-lo-Alerta-Provis%2525C3%2525B3rio%253Fcm_ven%253DExactTarget%2526cm_cat%253DEM_LNO_FEIRAOMAR%2525c3%252587O_SEMANA4_MIDKIT_REPIQUE%2526cm_pla%253DAll%252BSubscribers%2526cm_ite%253Dhttps%25253a%25252f%25252fajuda.serasa.com.br%25252fhc%25252fpt-br%25252farticles%25252f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%252525C3%252525A1-lo-Alerta-Provis%252525C3%252525B3rio%2526cm_ainfo%253D%2526%2526%2526%2526%2526
Requested by: Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-118.fra50.r.cloudfront.net
Software: nginx / PHP/7.4.28
Resource Hash: 40957d27fed2bba04337c6438999951366549151e222180d97c152950cc5990c

Request headers

Accept: application/json, text/plain, */*
Referer: https://ajuda.serasa.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:21 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PHP/7.4.28
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization, X-TS-AJAX-Request, X-Token
x-amz-cf-id: bTcF8-GAHMuBd0kQzIKWpuYavBMsKi5101fHs1ijnqN4WcxqCfYsrw==
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)

GET
H3 200 ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 4 KB
4 KB 39ms
21ms Image
image/gif 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ajax-loader.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3208
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-1052"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bBsnDJk3RsfTk%2BjPWqJ4AzyKvayBePHXGp9LhJ7PRhtnLrZNGQx3nzug%2Bzll7%2FNl9ZsnAHwkTaTyJLkmTLj3RGdHC7QylAdUhDuQqqa1OUEQAoIYXzZeyufYiUHcz5lvkDp%2BGeepCPD8gUK6H5SIVFO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c6da6aec1692b-FRA
expires: Sat, 18 Mar 2023 01:00:20 GMT

GET
H2 200 423b2a2f27be647a532fe57e1fc052e93c5bce98.png
theme.zdassets.com/theme_assets/2029595/ 2 KB
3 KB 61ms
60ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/423b2a2f27be647a532fe57e1fc052e93c5bce98.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127f03b6729e14e0ed48502ac5cb34ea1b858594f47dea8ea39e24034ec9f756

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
via: 1.1 acee7e60faaea7b7699fe033930a0164.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 2339
last-modified: Wed, 03 Mar 2021 02:58:37 GMT
server: cloudflare
etag: "0571c549a0293cb5a17dd928d2973982"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Sw7lx2MPreWCAXAwO7qGbtWkP7QY97cxbdlt6Vhudh3T6XBzHYs%2B7WGjwheiRhyBAQZXT3UGCCJsjBpsb4ZXhuTlf51%2FlGj4EhQv4MaYj4B7VwMx3Niii5bMZyLw1r7M9xCLg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: _vw06X4Zp2pqcmvcQT9dSe0eQSUbp06y
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6f2c6da68ec85b2c-FRA
x-amz-cf-id: Dc5ekLUpB2yKh6kBSATZmnL7q2e2wVYrqpYQR6YYoCkfkvTbGC6LAw==

GET
H2 200 1d3dfd3e88566f7b1c6dbbb0df09f85236327821.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
3 KB 23ms
23ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/1d3dfd3e88566f7b1c6dbbb0df09f85236327821.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48a7dafc3dc6e75c331de0c900aedfa5fc0f245ecdd9ef3db24c08f4667a59c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
via: 1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 2724
last-modified: Wed, 03 Mar 2021 02:12:21 GMT
server: cloudflare
etag: "5f64035063ade89cbe2fa9b46e1a11b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLzhNaKyLcISmWW4ft7d62SnDM5w9BuemLIVMsPXDqdQdgt6nlE%2BjIgGKbaBpaJl6eNLHIYUMEmL4eoyk4vNcZGCRrYcvhpyFYOjIo5MC7ThEC1TrJujQRjv9ggISVu8KsV5Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: zQQXfGXKDb2LHBKSq2C9XKK1.2vHsF9W
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-P1
accept-ranges: bytes
cf-ray: 6f2c6da68ec95b2c-FRA
x-amz-cf-id: 7qzLUOaEp0bcIVdo5kuSa8hJsU_alRz4ENs_eHoVn9W-D7JGhQGMnA==

GET
H2 200 674efaec9bd1854e446f5deb1e416e5d35afe155.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
3 KB 76ms
76ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/674efaec9bd1854e446f5deb1e416e5d35afe155.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5042928780301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8e6d6bbf0a18dbc3bc9e0ebf9854ca1342401af1117b9c493758a86286751a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:20 GMT
via: 1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 3023
last-modified: Wed, 03 Mar 2021 02:15:39 GMT
server: cloudflare
etag: "9214ef5b6821e5a8fa2838a4b9afcf99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOTzjgbnY%2Fcu0a%2BI10qrWdfaCHGy4VzL%2F3artfbrEf8jZ2eH56s9A8armlVWfLe3KzK69%2BfWYpR%2FX%2BJB4BtWxx0cCbMa3QLhon5Hd4Hdtscz5Kh%2B7%2BpQsswzlgkEJA9DRGWymA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: fShspVxKrAJcbyZSKEw2w7PhqLqCd1lV
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6f2c6da68eca5b2c-FRA
x-amz-cf-id: VkqnsXlFvavFqUjpVvp4-js0CwWZUXP-PXa02SGAOGdT_OW21NView==

GET
H/1.1 200
OK core.10.9e97a1b6a7cdde34a848.js Show response
cdn.agentbot.net/core/6.6.0/ 15 KB
5 KB 97ms
97ms Script
application/javascript 45.55.193.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.agentbot.net/core/6.6.0/core.10.9e97a1b6a7cdde34a848.js

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.55.193.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a79823d2f8bafee2203c97bc65c9ccd8db935bec598b3f66aa07b1874b282adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:00:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4103
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 23 Mar 2022 20:10:17 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "3b2f-5dae85177584a-gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Accept-Ranges: bytes

GET
H/1.1 200
OK core.9.9e97a1b6a7cdde34a848.js Show response
cdn.agentbot.net/core/6.6.0/ 7 KB
3 KB 193ms
95ms Script
application/javascript 45.55.193.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.agentbot.net/core/6.6.0/core.9.9e97a1b6a7cdde34a848.js

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.55.193.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

147081d0991bf7a44054f9336f60082a2af9637d551c3a02e1536ae292252a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:00:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2307
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 23 Mar 2022 20:10:20 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "1c74-5dae851a3aa64-gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Accept-Ranges: bytes

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 130ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 01:00:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 01:00:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 01:00:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
700 B 127ms
45ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Mar 2022 23:39:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 01:00:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 01:00:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 126ms
45ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@600&display=swap

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abbd3d9df6edb6982ac43bbeb61514366582e777e1b501e55f3f9071ffd15f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:20:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 01:00:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 01:00:21 GMT

GET
H3 200 emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ 192 B
579 B 24ms
14ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 574695
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19138-FRA, cache-hhn4037-HHN
timing-allow-origin: *
server: cloudflare
etag: W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f2c6da938885c20-FRA

GET
H2 200 / Show response
apibot.agentbot.net/REST/loadscript/ 16 B
232 B 319ms
109ms XHR
application/json 54.161.229.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apibot.agentbot.net/REST/loadscript/?token=dea6c07769c06d2043b5cb74146ddb86&hash=72e9de836f3da244cce3fa2d7b85d54e&_=ORKK6YGW-4GDD-RIIX-RXGM-1648429221296
Requested by: Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.229.54 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-229-54.compute-1.amazonaws.com
Software: Apache /
Resource Hash: fba8081592823cd3fc4cf67ce7b816c03e9937eab2a96be9796d2b9c5bbad553

Request headers

Accept: application/json, text/plain, */*
Referer: https://ajuda.serasa.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:21 GMT
server: Apache
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://ajuda.serasa.com.br
access-control-allow-headers: Content-Type
content-length: 16

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame BCA2 222 KB
62 KB 127ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 240012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Fri, 25 Mar 2022 06:20:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 25 Mar 2023 06:20:09 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame BCA2 16 KB
6 KB 189ms
100ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 546595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame BCA2 96 KB
29 KB 201ms
112ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 546595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame BCA2 5 KB
2 KB 214ms
126ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 546595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame BCA2 42 KB
13 KB 193ms
105ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 546595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BCA2 8 KB
965 B 105ms
46ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:13:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 01:00:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 01:00:21 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BCA2 3 KB
3 KB 126ms
39ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 13:28:14 GMT
x-content-type-options: nosniff
server: cafe
age: 41527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Mon, 28 Mar 2022 13:28:14 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BCA2 344 B
807 B 126ms
39ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 28876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 28 Mar 2022 16:59:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BCA2 0
0 78ms
77ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cduv6pAhBYqu0FpyZrASZsY3YD7jW1Y5p7L6fs68Psui_sN4BEAEg4e7KQGCV4pCCoAegAfT39P4DyAEBqQKNYEMGJ22yPuACAKgDAcgDCqoE9QNP0Po3AzrSoEK01nH2lALlpsk31h0XNNTHqX65gPcLBu9EYxtTzJzTZfBDNqt1Lc7ldPNnOyMU6mPjM_NNQsYdhBSqb4PQtUSvGIMLdxARfvbxzxw1w0ainLLMbwLByjyhzx4qQgivzO1T_NEZQOQcqBaBZ1eCzKfnPvNJ3sbEioUUI2oDYy7YzXq71EGVI9icDUjBQsl90hS1rM7ZkZqU28BUGqwKfKeEytHfaL8-wvP_QTe8aP6NO91CuKIP_0IF9I0aLkXhrwvNuCLTEd9kqOoW-ku50ZikCeqKPERSyjOpLnv72oEKwexXaA3Lm8g0YZqde0N61d0UAm-gs4QV_L5rcKzLDcvReydBYVCX_Fs5K32-rs-eb-nTxRhB_TjywgSw6z3SlHNvrJouXrrBEH-4agJWXf1hoP7TViY55S_BHXvbXu5swHiRduOsEaya3pU3ugZGXX0ekBtZEJJx8CqxtUG7tCExS_Raftom2KwleyYIlkHrJlSdVt57-Kqpnnz_JjjpueLR-GKD7JX2DvFeV01GkW2Mu2KcquvKsHsNfVvAegj65hmYM5ce2B3nR_seShXUs_l0dfv5ZULn8zhpiT2gUHR6GQZAQroMQndNKBUrNDwP_CaGKBTmCrC_EAUjxd3agdWiyjfZ3PYwi1QWIOHABKn_t9P_A-AEAYAH9IeLAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOLnJ9IICQiI4YAQEAEYHYAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi05NjUwNDA4OTgwNzkxNTMyGOH-HQ&sigh=q8ZDrtDrcBs&uach_m=[UACH]
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame BCA2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 944584b5d1459f2ad56770946a824af7ba15590cc0c35cecc068d1ce33b8cbdb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame BCA2 28 KB
28 KB 122ms
37ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ajuda.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 440019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:46:42 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BCA2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

140ms
57ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_FEIRAOMAR%c3%87O_SEMANA4_MIDKIT_REPIQUE&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: H2
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Mon, 28 Mar 2022 01:00:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 130ms
49ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4eca190c2b8e5b5f461a8aab435fb2890bc063ebeec9b673441db8922e61755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 01:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10529
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 99ms
51ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Mar 2022 01:00:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77BC 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Mar 2022 21:19:18 GMT
expires: Mon, 27 Mar 2023 21:19:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 13264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A99F 783 B
536 B 49ms
48ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

500058fb7383e26ae1a662be6abbb96b1343d9581f86c5c2c4ec9d121bb91ef2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lYUYfPSd9kTWg0F4PpWjHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 28 Mar 2022 01:00:22 GMT
date: Mon, 28 Mar 2022 01:00:22 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-lYUYfPSd9kTWg0F4PpWjHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 66EF 6 KB
3 KB 88ms
41ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Mar 2022 01:00:20 GMT
expires: Tue, 28 Mar 2023 01:00:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js Show response
pagead2.googlesyndication.com/bg/ Frame 77BC 35 KB
13 KB 80ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c5a63a864325e51a1ac832da94644b4ec7d66b70626760014ef7bf8b65ec448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 15:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13744
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 15:02:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A99F 0
0 116ms
73ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=4348093462406210&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7ACD 624 B
299 B 99ms
52ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNXRF54Db3s-MKiT2-gwYiFn9HEiqfzPQD2U4mrGvWtjGB6EjQcOEqUZpdHrpt6f5RoNKbNp0Tr_QbfqQyufl8bmL4b9tj35mBYTQ1tR6nOBSc4GxTYOTQzD0XtfUemqquFS2lgwyjPFGWMZ36tj1H4WLn_0MieoAsCO2j7mzNNA9MsCXJg

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 28 Mar 2022 01:00:22 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Mar 2022 01:00:22 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 66EF 27 KB
16 KB 131ms
85ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGgUgI2p0xft-CwMLUgip_PtKpYimMsq6lM1bp_J9KhtpgGYd1cXp9flXo1xdJSyHgo-_9yLUtfFC3zsrYFqdBN28FnxfvpZUk1qdhrlaYw2KSyAucKL-UOgZxO9wmJVmhUGQ1gM1gjFwlEdL0uHfqdXZurw&cry=1&dbm_d=AKAmf-CRSVcudzRx-b2JbEJzYYGB_KTzApA69nJoIRyfXgtJzedKUCmRFrFrJlebor8hvuG-CggEWW-u2gtxx1XQrlEcUL_j_zH_sNoT6sJCDjAwx9AKvNfdUY2BqkMk2PqQokQnDBERfoAID_jWLCwJHzR1FwIsNy9afVbu68oDeiZpZ-N1jyoiuFwOtfP6Kcsig05YLMbrdTZ6Q-hu4cBKx5zBNZqM9dJJqWIcC-UffBWPGC7xwtcX5Osuapo09uOqOFElUz8CiLYsDi034dF1IO8tU-kE_-nS6d_OPp1_8PBauujohZL7WvTlRLU2hKoefvMJ8Zd8UsTN2JVAEJ56tr2d56c3ailZsTPxw0fHtFElNS-ATZmTtgRe9k7IrSzmBDssAAf24sKddulmpKWgi6UzaAgSNGz5qtmTNvQ_nn_4NlE2y4Du45TJ98rC--ELgd5Iu7ZIcc4l3TTgqzoS0XkeoZjutFFynPBY3F6QT7CXbj407FM17qTk4Jk9bI62HGc8HfpUaCFK9dtPM0Bcdh6yqPL3PMtecRX8zmDVwi1CIH4baV1q67owGpxfI9Dw8rLh8WQALEATYzLDD6861l-7KACeyxwwIHbho4XDRzjqLzd2jEJ4I9RkVCibeYuU-_1K-kGvuLI8e_j5p_ET8NjXf1Lc0ff_sIXqp0htGVnGYhLfoh39sAOCxS4xh0ZtuJ6nCoirQB7CGZntam-ZYsu-DqXj6FMjD4c_QXo7tQp08YN5W4a2ZbvsRBnNBhvcnfGlZMJCEg55OisN4PzwRjPUfFCleNTesnE4l_5flDKI-38n5DLQmz4iIRK-eZze8Y8Ay6C3qQy0wr_EPx6oSb0TiPyqnDHIYrasYoRIkXWW2zdLai9naKhzkcw6QSdSapUBwAil2dXXVa1FQESfZmtoPrByhljMt120taBT0NzQzdqTIiIEQlmrCn4C9WjBTOsVNfJR_wZOniXsB_isRf4m0mhHiMIPXgezBj6gSvM_DBiaPGlaO_7r7krMlAg4eyWQceaMYHUmChXNBQeBCECUhUsw-4usN73vP6r_RdisaOXmoh1O0C3NrCidbLUKMXUTOZwxxA8ISvdb2N_mf35X0_N_SE_hW0b0N05ukkGCBIVNmyf4D1RgGEaxIv7a-5Cf1BcEpY1hssQ0NWIbk350nVe3bx8tgqnGaQuxQ4wCzhrZoJFeIAghlkkDtFUCLK1ynlOOAtZwcwcxok42pEGxaWGUsvZDKoKN-QKGUECBRYGfIhxshvyWYq7RaXwbaDRZ7HepAGTLbC2MnyGEv7iMgN9b3SWkIkJFRPaVmfl6dJCQ4eD0cFExJYIiOJbeZKfSaaC0xlozuC5Uf2-nnVJXOSA_GWkf2AilFKp-CCR3n5zkKOK3607faHPvUWpdPTwM8FfphNo1JR9ReKrLX9f-FDuae8ZLhF3JwGGJk4Jv6QdqsD98zApjNpLrvALEeXibdB-BtY05xWiEefKBAZJPLp2j9TKzzhW0svWmGx_y33IalLaOGh6mJvqkJykwJ6oFFKEDeVFust7RfkXwFkW9hOxYLyK4T5B8fH9mXK7YYz7AoWGEvjg7W_KNIrEFLVlscgIorfFz2_h3d9HaWmiaoLaxL98W49S-faigggb-ZZwkgQzaG-50eoe9ThJecvDKSzpWAj24xVxin5A4D1TuJRXB_Rrmg8Rei-VwHhSmg5LovWQcSjp9y59-gJf2SxEf11OPPZesGXXMWEr-x1ZHvJ7uJNZcXukC756_oVw7sU3G59DhotJqpFPDah9do6oD2f1O5W94G9CJeYfl0aNax_KyP5rD7jmwfIJA2eLWRYKgnR0hpZQ3s0u7URl_Wqz5Iiw2g5cGJnvmOZ8k_g0seerqWsgcuQuNvLCAmJdQmPqZslhBRoDOdpUh8FFVfMUG23F24HKoBrBKV3I93jCLmnUwckgbksk_CSE1d3Y_-7oLoxv2jMVBhlOQByyqOZrYTyPm1xP9HfLpJkF0N-_nVt5Vet1kVYEYbR4eWy5m5ph1RsPbS5lZ7CCO-qdq2jCxNx-oA8qsVfSZmZOqE6Zbx8Mh_TkaR2yOLrwyRSlnJZlF2gS8Kutpy2jtRnRRME8GUy30tMkner5b30cacGthQ_xyt32WVjqEg1MECMCgoopzuqrm-YW41WtWI04AlJ2o9ao6gPCILVeFonZ1w6NlizfcalIEaKWf0MKDqHMki3g0CTUXSQkXnL2VA6anxnI8owHGVrdu2uNSB0WvLBAElE5wTGA20DpUHZN6uhsfyoOa80qKr2mqgE1BeUgGYwDvJsI9lnP4A8bNCEIvLk81ObC84IIA7eJ2inNpla7XMZRgGINz13g_yW_7VATm7QwcQZUBJhS2x_ZADxh5A4ZqXQ5SgMn0qAFXzp0fPJ4QiL1qwXkrs8wqEyb5XslzELpFz-_Leo8aASi3suHtl1ns-v2cSPQoyJH3CIdvpdfMKThxjmQervwAPkvsKzHk2f2Zqbw6KlOA6qwMc96ia_OXXlJzpQQHO1K5B14GF69n8XWU27K4l_HM-yNoAX1vApA20-LDMIcrkIm-lvoBVqPprP4C3fW9jM734SDGZmxj0sSKYenJbXppY5I1Y-Zl-R1wMmeHiffQgehcWWP08MBuhEm2OY01EzPp62IKg64qxuz2B-VHqwhuhwHvFcjDoy40ru9FutbnNtdgG7cqDjLTBFWuih4ytCfbnOfTl7A3voSOwX45mvEJ4Qj5uZiqzul0sz--RnqVjHbjqbek5ovK89Sot0XG2JebkAdmlhNkIKErx_XEkISzIw-vCQwnceIgcvtXCQ9yEED5SO2T5pqwrcrAqyLtyL5fCkMQSlLPze27UlQ_tX80PZ4g2IxumSa35sOJ9_PONTxNuIkRiFr2bzZFUt69To9KJGmimWe_pD5Q-Oh1pzKRcJU0fm3xY_gwbsOOc0KsFvYxdR1W0_EUjWS6cmXi9UKP32kUYYoY_kZ4y7qrYiN_0ipxEViMjVZMo1LlF9JMZWc5TkNQklBBXuhW897B2ZoVEm2pgAWSGTTBjowwrc26OlD5e6K29z46a4lkBAUmRnGNgxB0ZDWkRee_DxpUCdWlVrgcGnJ3tm4U8zGU78Xo2gvuFHvalluvoBolz_g00gB6nXdC6LvWj_ijMcge6CAs58_QIkTmpVfYjh8IpLblDyYcTnG0B74LIm5qz2AdfH83fFFV5QuIVRzLKRS-MCOYt5gGecMNrSKfHkZXIjBQAdcURXQP6jaM0CPSUQmCu3aYV1gZLXsiM5tSwChoP_3zN1Q4y0sYkpayGIXfz5T1JeKxjBZOpI2LcgJK9CnhBLC2Bn-uZNgj61IYMY_PnD29BX-iiIrsTxLuvNdCnPUCd71y2tkTe6wOI4th1aibSReACyI2uBtRaJX-cRumZ2egzNAeN5vO0oC-OH-3OZ44IYlBiHcJ_2j5yWVHZvao2_4KrHkF0ObzWrfWZdphU6iL_rJx3xpx647j10kAjdV4mSW0nemu-IQOs1IHEdL9lR66YNlPx8zbeCQujXgdqpoy9uSniUioZDCz0p0pccw8dMMugOv4Eo-TBtSfnLu6cWS6xa3dFlALac-3-Rg8AIe85LrbuN5dJB2geKgHQPupcJCIk1QYfpZ6mFhzGv-uGcKfDs2W_833okYbm8LxoYW-tvXL_TgC1-rVllt7QsZ39zLjm5HdqCPgEUNYFcN9rwWjTF95irPv1MMXBH09tTwOsf8mEt1SPw8o-RM&cid=CAASJ-RoYC9jcj51sSXU8Z6zumgUNJVUhZGHUpqygOahismc5igbzXrBqg&rfl=1%2Chttps%253A%252F%252Fajuda.serasa.com.br%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7ee839d3d5f8884a1a56018fb77499f9aeb3325e71ebcd7c323362e56389265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16422
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66EF 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BGUYzIZKeETkW-t6qZbYDh813DhkgITxPVMxfxTmAFMWws9qGt4EXwcTENAyzQsZdo-2y_kxtBnKmMR1KP5XfaFj7BvAbwVWdqHRgrgVBSKKSlkJ8

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 66EF 2 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:40:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 66EF 119 KB
37 KB 135ms
48ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Mar 2022 01:00:22 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 66EF 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:51:39 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 77BC 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?r5vcAg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK cta_icon.png
agentcore.s3.amazonaws.com/production/assets/ 3 KB
4 KB 114ms
114ms Image
image/png 52.216.98.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agentcore.s3.amazonaws.com/production/assets/cta_icon.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.98.51 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe9000c6bb9ceb2b14e71f018a2dbed0ac8d3b572b2a932ba5f216841c3d6faf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:00:23 GMT
Last-Modified: Thu, 22 Mar 2018 18:03:40 GMT
Server: AmazonS3
x-amz-request-id: DHCKCSJ8T2PDM8TR
ETag: "c595c26dd8a406dbc990dce963f42abb"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 3427
x-amz-id-2: W+XlhVLJusFyUmAiKGJV4XpaC/r1a2XnZKNlgPTIwUB+F22hPv7LKccNNPD6pT051KOVc4ORS/Y=

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 16 KB
16 KB 81ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ajuda.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:46:24 GMT
x-content-type-options: nosniff
age: 440038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16712
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:06:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:46:24 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7ACD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwVGI10dtjQml0Hdnq9f7E&google_cver=1

43 B
894 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwVGI10dtjQml0Hdnq9f7E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNXRF54Db3s-MKiT2-gwYiFn9HEiqfzPQD2U4mrGvWtjGB6EjQcOEqUZpdHrpt6f5RoNKbNp0Tr_QbfqQyufl8bmL4b9tj35mBYTQ1tR6nOBSc4GxTYOTQzD0XtfUemqquFS2lgwyjPFGWMZ36tj1H4WLn_0MieoAsCO2j7mzNNA9MsCXJg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 01:00:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 01:00:22 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwVGI10dtjQml0Hdnq9f7E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7ACD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkEIpgzmosZO2EIKW3ZtRgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwVGI10dtjQml0Hdnq9f7E&google_cver=1

43 B
894 B

23ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwVGI10dtjQml0Hdnq9f7E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNXRF54Db3s-MKiT2-gwYiFn9HEiqfzPQD2U4mrGvWtjGB6EjQcOEqUZpdHrpt6f5RoNKbNp0Tr_QbfqQyufl8bmL4b9tj35mBYTQ1tR6nOBSc4GxTYOTQzD0XtfUemqquFS2lgwyjPFGWMZ36tj1H4WLn_0MieoAsCO2j7mzNNA9MsCXJg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 01:00:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 01:00:22 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwVGI10dtjQml0Hdnq9f7E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7ACD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECq3F6zdRr8VMt2sVJ9DFw8&google_cver=1

43 B
1020 B

7ms
6ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECq3F6zdRr8VMt2sVJ9DFw8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNXRF54Db3s-MKiT2-gwYiFn9HEiqfzPQD2U4mrGvWtjGB6EjQcOEqUZpdHrpt6f5RoNKbNp0Tr_QbfqQyufl8bmL4b9tj35mBYTQ1tR6nOBSc4GxTYOTQzD0XtfUemqquFS2lgwyjPFGWMZ36tj1H4WLn_0MieoAsCO2j7mzNNA9MsCXJg

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 01:00:22 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bd62f9e1-2931-4a5b-96fc-1cf91c92eb93
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECq3F6zdRr8VMt2sVJ9DFw8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7ACD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg1Njk1NDcxNTU3NDAwODYzOA%3D%3D

170 B
243 B

105ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg1Njk1NDcxNTU3NDAwODYzOA%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 01:00:22 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8e8f41c0-2fef-4a70-a532-44820219fdab
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg1Njk1NDcxNTU3NDAwODYzOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 66EF 25 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGgUgI2p0xft-CwMLUgip_PtKpYimMsq6lM1bp_J9KhtpgGYd1cXp9flXo1xdJSyHgo-_9yLUtfFC3zsrYFqdBN28FnxfvpZUk1qdhrlaYw2KSyAucKL-UOgZxO9wmJVmhUGQ1gM1gjFwlEdL0uHfqdXZurw&cry=1&dbm_d=AKAmf-CRSVcudzRx-b2JbEJzYYGB_KTzApA69nJoIRyfXgtJzedKUCmRFrFrJlebor8hvuG-CggEWW-u2gtxx1XQrlEcUL_j_zH_sNoT6sJCDjAwx9AKvNfdUY2BqkMk2PqQokQnDBERfoAID_jWLCwJHzR1FwIsNy9afVbu68oDeiZpZ-N1jyoiuFwOtfP6Kcsig05YLMbrdTZ6Q-hu4cBKx5zBNZqM9dJJqWIcC-UffBWPGC7xwtcX5Osuapo09uOqOFElUz8CiLYsDi034dF1IO8tU-kE_-nS6d_OPp1_8PBauujohZL7WvTlRLU2hKoefvMJ8Zd8UsTN2JVAEJ56tr2d56c3ailZsTPxw0fHtFElNS-ATZmTtgRe9k7IrSzmBDssAAf24sKddulmpKWgi6UzaAgSNGz5qtmTNvQ_nn_4NlE2y4Du45TJ98rC--ELgd5Iu7ZIcc4l3TTgqzoS0XkeoZjutFFynPBY3F6QT7CXbj407FM17qTk4Jk9bI62HGc8HfpUaCFK9dtPM0Bcdh6yqPL3PMtecRX8zmDVwi1CIH4baV1q67owGpxfI9Dw8rLh8WQALEATYzLDD6861l-7KACeyxwwIHbho4XDRzjqLzd2jEJ4I9RkVCibeYuU-_1K-kGvuLI8e_j5p_ET8NjXf1Lc0ff_sIXqp0htGVnGYhLfoh39sAOCxS4xh0ZtuJ6nCoirQB7CGZntam-ZYsu-DqXj6FMjD4c_QXo7tQp08YN5W4a2ZbvsRBnNBhvcnfGlZMJCEg55OisN4PzwRjPUfFCleNTesnE4l_5flDKI-38n5DLQmz4iIRK-eZze8Y8Ay6C3qQy0wr_EPx6oSb0TiPyqnDHIYrasYoRIkXWW2zdLai9naKhzkcw6QSdSapUBwAil2dXXVa1FQESfZmtoPrByhljMt120taBT0NzQzdqTIiIEQlmrCn4C9WjBTOsVNfJR_wZOniXsB_isRf4m0mhHiMIPXgezBj6gSvM_DBiaPGlaO_7r7krMlAg4eyWQceaMYHUmChXNBQeBCECUhUsw-4usN73vP6r_RdisaOXmoh1O0C3NrCidbLUKMXUTOZwxxA8ISvdb2N_mf35X0_N_SE_hW0b0N05ukkGCBIVNmyf4D1RgGEaxIv7a-5Cf1BcEpY1hssQ0NWIbk350nVe3bx8tgqnGaQuxQ4wCzhrZoJFeIAghlkkDtFUCLK1ynlOOAtZwcwcxok42pEGxaWGUsvZDKoKN-QKGUECBRYGfIhxshvyWYq7RaXwbaDRZ7HepAGTLbC2MnyGEv7iMgN9b3SWkIkJFRPaVmfl6dJCQ4eD0cFExJYIiOJbeZKfSaaC0xlozuC5Uf2-nnVJXOSA_GWkf2AilFKp-CCR3n5zkKOK3607faHPvUWpdPTwM8FfphNo1JR9ReKrLX9f-FDuae8ZLhF3JwGGJk4Jv6QdqsD98zApjNpLrvALEeXibdB-BtY05xWiEefKBAZJPLp2j9TKzzhW0svWmGx_y33IalLaOGh6mJvqkJykwJ6oFFKEDeVFust7RfkXwFkW9hOxYLyK4T5B8fH9mXK7YYz7AoWGEvjg7W_KNIrEFLVlscgIorfFz2_h3d9HaWmiaoLaxL98W49S-faigggb-ZZwkgQzaG-50eoe9ThJecvDKSzpWAj24xVxin5A4D1TuJRXB_Rrmg8Rei-VwHhSmg5LovWQcSjp9y59-gJf2SxEf11OPPZesGXXMWEr-x1ZHvJ7uJNZcXukC756_oVw7sU3G59DhotJqpFPDah9do6oD2f1O5W94G9CJeYfl0aNax_KyP5rD7jmwfIJA2eLWRYKgnR0hpZQ3s0u7URl_Wqz5Iiw2g5cGJnvmOZ8k_g0seerqWsgcuQuNvLCAmJdQmPqZslhBRoDOdpUh8FFVfMUG23F24HKoBrBKV3I93jCLmnUwckgbksk_CSE1d3Y_-7oLoxv2jMVBhlOQByyqOZrYTyPm1xP9HfLpJkF0N-_nVt5Vet1kVYEYbR4eWy5m5ph1RsPbS5lZ7CCO-qdq2jCxNx-oA8qsVfSZmZOqE6Zbx8Mh_TkaR2yOLrwyRSlnJZlF2gS8Kutpy2jtRnRRME8GUy30tMkner5b30cacGthQ_xyt32WVjqEg1MECMCgoopzuqrm-YW41WtWI04AlJ2o9ao6gPCILVeFonZ1w6NlizfcalIEaKWf0MKDqHMki3g0CTUXSQkXnL2VA6anxnI8owHGVrdu2uNSB0WvLBAElE5wTGA20DpUHZN6uhsfyoOa80qKr2mqgE1BeUgGYwDvJsI9lnP4A8bNCEIvLk81ObC84IIA7eJ2inNpla7XMZRgGINz13g_yW_7VATm7QwcQZUBJhS2x_ZADxh5A4ZqXQ5SgMn0qAFXzp0fPJ4QiL1qwXkrs8wqEyb5XslzELpFz-_Leo8aASi3suHtl1ns-v2cSPQoyJH3CIdvpdfMKThxjmQervwAPkvsKzHk2f2Zqbw6KlOA6qwMc96ia_OXXlJzpQQHO1K5B14GF69n8XWU27K4l_HM-yNoAX1vApA20-LDMIcrkIm-lvoBVqPprP4C3fW9jM734SDGZmxj0sSKYenJbXppY5I1Y-Zl-R1wMmeHiffQgehcWWP08MBuhEm2OY01EzPp62IKg64qxuz2B-VHqwhuhwHvFcjDoy40ru9FutbnNtdgG7cqDjLTBFWuih4ytCfbnOfTl7A3voSOwX45mvEJ4Qj5uZiqzul0sz--RnqVjHbjqbek5ovK89Sot0XG2JebkAdmlhNkIKErx_XEkISzIw-vCQwnceIgcvtXCQ9yEED5SO2T5pqwrcrAqyLtyL5fCkMQSlLPze27UlQ_tX80PZ4g2IxumSa35sOJ9_PONTxNuIkRiFr2bzZFUt69To9KJGmimWe_pD5Q-Oh1pzKRcJU0fm3xY_gwbsOOc0KsFvYxdR1W0_EUjWS6cmXi9UKP32kUYYoY_kZ4y7qrYiN_0ipxEViMjVZMo1LlF9JMZWc5TkNQklBBXuhW897B2ZoVEm2pgAWSGTTBjowwrc26OlD5e6K29z46a4lkBAUmRnGNgxB0ZDWkRee_DxpUCdWlVrgcGnJ3tm4U8zGU78Xo2gvuFHvalluvoBolz_g00gB6nXdC6LvWj_ijMcge6CAs58_QIkTmpVfYjh8IpLblDyYcTnG0B74LIm5qz2AdfH83fFFV5QuIVRzLKRS-MCOYt5gGecMNrSKfHkZXIjBQAdcURXQP6jaM0CPSUQmCu3aYV1gZLXsiM5tSwChoP_3zN1Q4y0sYkpayGIXfz5T1JeKxjBZOpI2LcgJK9CnhBLC2Bn-uZNgj61IYMY_PnD29BX-iiIrsTxLuvNdCnPUCd71y2tkTe6wOI4th1aibSReACyI2uBtRaJX-cRumZ2egzNAeN5vO0oC-OH-3OZ44IYlBiHcJ_2j5yWVHZvao2_4KrHkF0ObzWrfWZdphU6iL_rJx3xpx647j10kAjdV4mSW0nemu-IQOs1IHEdL9lR66YNlPx8zbeCQujXgdqpoy9uSniUioZDCz0p0pccw8dMMugOv4Eo-TBtSfnLu6cWS6xa3dFlALac-3-Rg8AIe85LrbuN5dJB2geKgHQPupcJCIk1QYfpZ6mFhzGv-uGcKfDs2W_833okYbm8LxoYW-tvXL_TgC1-rVllt7QsZ39zLjm5HdqCPgEUNYFcN9rwWjTF95irPv1MMXBH09tTwOsf8mEt1SPw8o-RM&cid=CAASJ-RoYC9jcj51sSXU8Z6zumgUNJVUhZGHUpqygOahismc5igbzXrBqg&rfl=1%2Chttps%253A%252F%252Fajuda.serasa.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:57:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 66EF 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 15:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Mar 2023 15:10:47 GMT

GET
H3 200 container.html Show response
cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2C97 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Mar 2022 01:00:20 GMT
expires: Tue, 28 Mar 2023 01:00:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK zy291edt4ui9 Show response
hal9000.redintelligence.net/zone/ Frame 66EF 12 KB
4 KB 49ms
13ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/zy291edt4ui9?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7ryCpQhBYsLNDoik3wOGgp2ACLXN-YNXnNC5q-UM8C4QASDh7spAYJXikIKgB8gBCakCjWBDBidtsj6oAwGqBIQCT9CdQU5OhAijTt0t3ipeaWn6gCQRujWWZgOyY1mEUvh2Jsa7B--w-L35tTP3eIuYetYbPITd9D6vafRT8zMJ1pbLnbmINRiFgnAfCikMhHg9lmlAFPamW_AJd8euf2Nr8j04IqulLGsThySS3Ovv-CrPt2LF7jYp6xpYT13PyEni8lS17t-RN3-daxVI_AYD2fGeJ93I4sHShHI2BDqu34J2UFCedC_e-7f2tvHqGjTOkw_WY7hho9fziDvTEVLjd-pf7wHe7hy23I4VNnsQzvI2-s9wmdCNsF1vdrG_n89-e4RMhnD7jbSXr09CpFwsvtguEctOBs_h4vRHP6UGiLtk1GjABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoYC9jcj51sSXU8Z6zumgUNJVUhZGHUpqygOahismc5igbzXrBqg%26sig%3DAOD64_0SYzorOQ3H29ZICwj9fjjzivA_iA%26client%3Dca-pub-9650408980791532%26dbm_c%3DAKAmf-DzSF0RVVrpw6JZTRhHX2X2mXhq2p6HrNX_u3eYG68PMaqcIdYnUFcm0vKjyqhOL4Kcll5AoTjhffQs3PNdwTNmOZV6t_BI6bF0sPu6gwh3b9k4mV7A1j3c2BMtVcSVT_6CNAfFuNwSzyWZmYHlqSbCmVhN-Q%26cry%3D1%26dbm_d%3DAKAmf-BF5KmoUj7h48xAlpFAu_tTA_FqzWDCCXhUki1yODDnyOfmOBWFXzF4JMRLAxBWmhNkIOT37JdpU7nhfayyjv6QTnqaP3eht_hLWvX9pl-wFgPc09ZLwPLD3PZo9A4dOAA_bZl7wg4sP348YC8mzALiV8h0ySkCBS69CbKXCLCHy7lEPx_9AVlJw8w4dVFvUjY9PhTZoKFj_VxzbE7uV7AomWfhavbqmVzLuFFyMdtBBeaHsLxeUcRBjdNb22MFdjLO5pZJn_c7X0IxiKpPiTUOCLMdHIWgagOfQd21eCpbuLoipcIHW0dTFqbxyXXjVMOUsd3Z0B8CGW43Q1QbLDObDHT1k_t05R0U9fUZLFlp2GD4MaHpJ12Ap3UJ0d2Enmi2r_OjkIv5Mpw-fxsIV31kV5l3rgX79-599_L2ZTZzNvN1ZkGQp2x74r3VfG7zfEde3C7gc3BwceZJ5uVPPqdy3aMXYMc2IZKx3mCeTRY7pVO6JgDZ44z_RhQ9oIhyYuY8buO-qeHSd6h7THntcvDwKCVDgDpTTM2-OVzojSnajUlvZskxSKwZRE1h2_zMbnaeebx8tSkRD1W7tkWtzLzuDDFdgmzOlsGwn6rxYW1TqardIthjIK1XkTAk0Kpn8a6MkjJt3YgGmXwc00Cx0oAB7S2_e47FCmpyTus5GKhy8sGaCqQPuUYN8pXjDYAcWzA0IucKSFaRefgMN7TpkYeIqfAHYGZ2UMlqxHqtK4CYYbis-wwFXoSsYYW26j92-HtR4fmpRc-xOpJNInA8poonFfuwsAE8MUn4TmY8TSZB4gPmyyMs4wUyiYsrkLHcxS5Ioe94%26adurl%3D
Requested by: Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b57ce5cad52d8e8f44f7e03caaf5c533f03f5914ae2609a35602b09d136dc203

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:00:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4271
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 783B 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Mar 2022 09:34:28 GMT
expires: Fri, 24 Mar 2023 09:34:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 314754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 64DA 640 B
318 B 50ms
50ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYxNPDmAEwAQ&v=APEucNVtJNfh3DnLbPIeRdjzbexGiVMcdUruNSXpsKVPLa_YYE-48dnvOonj5QjNJ5TUdR4ZSqrz-HmtEpgvXrsQQ4Y8S2PK4jL8DdyH9Et3p-6XlrbHbmZ9vcByq19lAVbnzLaP7QyHGb1hMhjh_pUVHZLNT4ZwaexPwBBqDEeUumunjfKbznA

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 28 Mar 2022 01:00:22 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Mar 2022 01:00:22 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2C97 76 KB
32 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_MNotMzPyQGC_nQfqF8ZHvv-4mmyLJDweQL8d_SUpiCSH5bUxJ8BqWiDOfFeOKOXqq5UqgFJsgdU3le62yWtHY76OcQ&cry=1&dbm_d=AKAmf-DKU31p1eVMc5APRLkeY3vRh1kGYM_RS0b6SxeIAKLDWGQXp_7hgUBMR5J4c6rnkXQcCdDLCod-na-tdCbSHBfSJiEPbBYnoqa_cfPmZobxBH_imNIr59C1V8x6B5H75_IG6waz-sGxGun403h5ECmfVnvlv3SSLfjpS2Z3x77tC6tts0TlgfDV_BhIknGxXZRv28AFRucxN2vQnWQjh8_APMFNSOur0KnvA9bIgJMoj42MWxFpGCoj5NDoa1sjMGzwPWf3DhpFmvCSuDZvXMh9Rw5v_ihLycFgYAp_tJq2OKS9_nva2nk43jJv-4-8yd3DCuVKpp2MesKFAUmsM0K4FX0UtfmcN0ENOtASuVq6avwVC0sqcMZJhpUxzl7WCC0VUHUNa9ZFOCmNA9ujQBKVwQZPYsz-dNh4Cc6v_yKra9rtcbj8oS6_j1FUf_YKXYW7Ek4zhgSAKFOYnyq3R1ME-7UF54cBOTLhQUE3YRpJrZEAUGuD_1oasJ7d2c-pLRl7u5e-_ND5HSF3zLuRtKCvXUZ9xrw8oZT5Bi50eLVyv48l0kwVDrF6AvZAhKvUU2jO-rdUuGKvVWPf8F_94Z9DCRhCVMn-8O5J_yiBtkkMJUJfe9djBCZ8l2P8a5tHHRFXuVrlXoCuy_HnbOgLLYze0lYjewHGCI7Ou_i6uSIpMkl8dkiZB8_BwxGYknf9fpZVDvwBl7WTTH0SLsuk7oEc7m89_1mp2zo1N_jeR4z3ue1GtXGHqVokHAylfwUNDpCB9Xj9kMQ2KkjWhq8CZcMsMZI8zHJFz08Mg7O65Sy3JqhTeerU0AnZfQ_A4hdTMXp2lw9j5eifEC_O2RLtTPLgXl8O_bPSAIbkXsmP1WEioCmVxrbTQ1XZPgbIyJRxup4MikwMbxDiaMZGGg-9OU061slVS0cFgu6eJdmNqVdm_p7opFRlDoyiy7r_tC290sO1V1FSahRzlHOG8Su0h786KrXbJTSwErMoF7ja0zAdlQ8DbbNJ-tlCYFzrTu7V0LLtm0aHGRMbtFoKNbY8sMDb-m8l-AWHO1cPKjJB6atp3Z2qjsoSrEuFx7Xp79XGtZk7v8nG7qCdKN4Zb6C-lYKTXUdWODEhHSF9z0vF8O4qDOu_3PezgcL0jA1J1poTf4QqY5WiqNjLiRq5GyibFMqVH1XA84ucF9l8bxRbh3ziB8Y4fqosrOrMoiCw-K1RkOcPTXEyH8dax8bYJgSK3f1S5gnu4KmGqhHWB2W47GlANt9KvZM_hYJstabNI86cI6xqfWgtRNL8XVcjSaBWntj9HDMF_R0AugkQKgY4w5qd1xoLHON4qXIiya-VGI2qYHcq0Ec-T6V36iTP8U0xyri1-HoZZkYDvrdb0eLS5rzQyYOSqLWO05L55L7wr2MN8BWnVx6ZX-Qa7XPvQLWI_X5FnmAkSoHtvisn24uclBbVjxz2Rpqo_YgBIPpYENCNmgBpr5YsPfeZUYUYwtU1FyAJgekMdQPT2ICFw16Ie1ubZFzvAL8gkeIrTQOCmI_Xu4IXaGnqHfOGO5I4kwPngYJzsaOypMbStCkUjqM2bY_RdI1WIznl4rEMXplIsLpGk_wAFR6C5fGBBCnbp3oB1SHAxn-TbwN2xrgiiiIBMYy8D6satNlbbG9EyPmCHFkHhCkAzUwx9PNSyyM4HqZMsCLAgbZxQNc3mYI8FHCByQDwhJpCvTJQCfWOvwvYZfzOMo7GdkOKZmERfEE0l8x7dKVkhtKcSNzk5ivqKW22lburnIsMIrdv_Js90oIfEWaXqQqCyZEgYKrQ28H9VG16F9_PWKakFW-rOibjKu4sGFjR6LV4hHz-hJu5u-vettH9xVLMtCnk3ypggYwd2sWom4AVjbnC910_Rwjwv8Q65pICjW0LL9cIQIcSq9iIic141rBILVEgjYiOqBFsnDwIgYq3jIDCPeOtQRQSCQF5FZF-YJaKmRRqrzqUdsDYX6svDquWoDs7nEF2eGdsSGM6tgVtvPkP-MNj1hKEBryeu8vRIaMM4hklG-T2fndG8A-hGdgxleASoCA5ab1TYYeIOca7mBGGVZBP67dT2lNWqQTRnvPcaqNvbPsqfkH0Gt0fSjPm6XsujYbeKHNVsM7IflIpFkcpPSBmcLCBw1hha1TIzwS4LZre7BougSlAN5cncADygyks1lEN3yRWEPiTfYDqjg9gGEzjL3etFOuPm_mqJdJN1kO2QNrVWCb_dHUNrR-CyOkRtymi0tBO-XP21ORWbvjjmTCK4sTjRFOXs_T-n-a5zspRgl8xhCnqFJiVmwWuNGe_Jo8WKpyayOSjC0V2dhbsgASGR3cQeRlk5Xpba_I4278yO62JLoCHhP7yvM_necgBizeynZkza04e7Exx5q3JPv2M8Nz9KOb0tk64kGMxphQ-aiHL6QXgikZUToExDg1qeJmcu-pnE1kl1Uq7EyvLcayYePsdjUsRBQ0m6r3kKFXevKx9faf9MU1vR-tt2jqZWdbQRMgNZJ2zz0PLeVIvsjKtSbLIUtRD9xVxVzGuEYCFOlea2rHx8wkPtdCLuoVmt2MCpzfQRRaNUl7O8V_l7hoMqwVerCfipOY4Hf3aySq9zY1CLNsCPsjlVgHG6BSaIIUabq-03e5nDHeGQDxroqT6xUQERr5_WlrkU8zd7Jw6jO4MCKe7PgzjEMD101N-dh7BNh5jCURRDe4br0TD57hQ1HYXfDbso3tOuGu60eTrvRsNAAj--G9fmuPN-dP_GKBOv2Drvfd39fCnLoSkWYzwyE7dhbGbKEjhf1oZwdBcndPYYKss3gRH8o50oH4y_G0JDTkxp7KSD5VKn3sbLfRjkH1jbMR-Pn2-mZH2aP_4QYM4XMROg4paSGQZwZx0ssTffdsdy4bj6ExIXdonoiCqGrv1u7wzO3TodhO2Spk-R7dK7p88issC3Gq1J7hVKRws2HfLbUbFb1-3fB74tZSi120y0IpKGON4pLfsoLtd4O7Qfn6ffk631Q0CHegj4DVWpHNacUoyUU8xsAogpJJyr--ecBIfj7huMzCxlAJDp3dXS5wqC99camAkIznXuk9VfXAZrLuMgEx454h2igCdwtNsxfFbp-fpvMzGVPa9MaZGtmbdnr4dwSciOhLmPfsX2vUMaKm9uO_30PD59dcj7eaIKW1qfIXfR0jDAupT3SCApi2Xl2pszdBlRn6jDdYcWtF5Vv21UzQIgAoSLH4gM9NRkYA1PwudtQZ-WZg5ZsVQAyBP2LeYUnDkKOdCL1sj1MeLkaJCljTc0OZOePrCa_BQaW86JIN4SQXbCVa11RBVIC73Qg9ONSfC3dUPcnALrW5td0u-159vboDabiTu5VdhsVKGboovCdmF9ILJuFIE0CrMFeIS6RGvxhXCUX9XNDvHWGino_65gCW52Q&cid=CAASKORoFZbSfQCJNacuE8yM0_kh9qgHpKeBranPhQ_Md5w4UG_ifThzqcA&rfl=1%2Chttps%253A%252F%252Fajuda.serasa.com.br%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729cdc5b3af1b5f4ba11edb2dd9826302823362f6ce6743b1cff7dd3905dfb7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C97 42 B
63 B 70ms
69ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8N-Q6kWzgN3AbFUSGO8xrhk0fnhL8dcB9Gx0E2tdZJXrhjvk3zyp4OJfyCRTtmHG94LBi0WCbnlygsxZ5-vHp1z_9CihAjr6L9XBG7K4lGasA0QQ

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 2C97 2 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:40:39 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 2C97 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:51:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2C97 0
0 48ms
47ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwhjMgxic0VxYVYtNRk7SWdclOs8oqhCZ4UzAafTlfag3a2CMQIBfAp3ogFea4pqfSX6J1DCQlG-RrLTCdaeKCHevnDw
Requested by: Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C97 119 KB
36 KB 115ms
70ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Mar 2022 01:00:22 GMT

GET
H/1.1

200
OK

request.php Show response
hal900010.redintelligence.net/ Frame 66EF
Redirect Chain

https://hal900010.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=c9b38a9802&subid=&uid=be1abb15763f3284&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900010.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=c9b38a9802&subid=&uid=be1abb15763f3284&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

93ms
71ms

Script
application/x-javascript

138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=c9b38a9802&subid=&uid=be1abb15763f3284&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7ryCpQhBYsLNDoik3wOGgp2ACLXN-YNXnNC5q-UM8C4QASDh7spAYJXikIKgB8gBCakCjWBDBidtsj6oAwGqBIQCT9CdQU5OhAijTt0t3ipeaWn6gCQRujWWZgOyY1mEUvh2Jsa7B--w-L35tTP3eIuYetYbPITd9D6vafRT8zMJ1pbLnbmINRiFgnAfCikMhHg9lmlAFPamW_AJd8euf2Nr8j04IqulLGsThySS3Ovv-CrPt2LF7jYp6xpYT13PyEni8lS17t-RN3-daxVI_AYD2fGeJ93I4sHShHI2BDqu34J2UFCedC_e-7f2tvHqGjTOkw_WY7hho9fziDvTEVLjd-pf7wHe7hy23I4VNnsQzvI2-s9wmdCNsF1vdrG_n89-e4RMhnD7jbSXr09CpFwsvtguEctOBs_h4vRHP6UGiLtk1GjABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoYC9jcj51sSXU8Z6zumgUNJVUhZGHUpqygOahismc5igbzXrBqg%26sig%3DAOD64_0SYzorOQ3H29ZICwj9fjjzivA_iA%26client%3Dca-pub-9650408980791532%26dbm_c%3DAKAmf-DzSF0RVVrpw6JZTRhHX2X2mXhq2p6HrNX_u3eYG68PMaqcIdYnUFcm0vKjyqhOL4Kcll5AoTjhffQs3PNdwTNmOZV6t_BI6bF0sPu6gwh3b9k4mV7A1j3c2BMtVcSVT_6CNAfFuNwSzyWZmYHlqSbCmVhN-Q%26cry%3D1%26dbm_d%3DAKAmf-BF5KmoUj7h48xAlpFAu_tTA_FqzWDCCXhUki1yODDnyOfmOBWFXzF4JMRLAxBWmhNkIOT37JdpU7nhfayyjv6QTnqaP3eht_hLWvX9pl-wFgPc09ZLwPLD3PZo9A4dOAA_bZl7wg4sP348YC8mzALiV8h0ySkCBS69CbKXCLCHy7lEPx_9AVlJw8w4dVFvUjY9PhTZoKFj_VxzbE7uV7AomWfhavbqmVzLuFFyMdtBBeaHsLxeUcRBjdNb22MFdjLO5pZJn_c7X0IxiKpPiTUOCLMdHIWgagOfQd21eCpbuLoipcIHW0dTFqbxyXXjVMOUsd3Z0B8CGW43Q1QbLDObDHT1k_t05R0U9fUZLFlp2GD4MaHpJ12Ap3UJ0d2Enmi2r_OjkIv5Mpw-fxsIV31kV5l3rgX79-599_L2ZTZzNvN1ZkGQp2x74r3VfG7zfEde3C7gc3BwceZJ5uVPPqdy3aMXYMc2IZKx3mCeTRY7pVO6JgDZ44z_RhQ9oIhyYuY8buO-qeHSd6h7THntcvDwKCVDgDpTTM2-OVzojSnajUlvZskxSKwZRE1h2_zMbnaeebx8tSkRD1W7tkWtzLzuDDFdgmzOlsGwn6rxYW1TqardIthjIK1XkTAk0Kpn8a6MkjJt3YgGmXwc00Cx0oAB7S2_e47FCmpyTus5GKhy8sGaCqQPuUYN8pXjDYAcWzA0IucKSFaRefgMN7TpkYeIqfAHYGZ2UMlqxHqtK4CYYbis-wwFXoSsYYW26j92-HtR4fmpRc-xOpJNInA8poonFfuwsAE8MUn4TmY8TSZB4gPmyyMs4wUyiYsrkLHcxS5Ioe94%26adurl%3D&documentReferer=https%3A%2F%2Fajuda.serasa.com.br%2F&ancestorOrigins=https%3A%2F%2Fajuda.serasa.com.br&random=8030656589087&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.145 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3beeb8bcd2546a3dfec7f869f4d81d5f586bc1bce14e946bff034c06bc1c4c3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 01:00:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 25249300010051000710632011912010
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 864
Expires: Mon, 28 Mar 2022 02:00:22 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 01:00:22 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=c9b38a9802&subid=&uid=be1abb15763f3284&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7ryCpQhBYsLNDoik3wOGgp2ACLXN-YNXnNC5q-UM8C4QASDh7spAYJXikIKgB8gBCakCjWBDBidtsj6oAwGqBIQCT9CdQU5OhAijTt0t3ipeaWn6gCQRujWWZgOyY1mEUvh2Jsa7B--w-L35tTP3eIuYetYbPITd9D6vafRT8zMJ1pbLnbmINRiFgnAfCikMhHg9lmlAFPamW_AJd8euf2Nr8j04IqulLGsThySS3Ovv-CrPt2LF7jYp6xpYT13PyEni8lS17t-RN3-daxVI_AYD2fGeJ93I4sHShHI2BDqu34J2UFCedC_e-7f2tvHqGjTOkw_WY7hho9fziDvTEVLjd-pf7wHe7hy23I4VNnsQzvI2-s9wmdCNsF1vdrG_n89-e4RMhnD7jbSXr09CpFwsvtguEctOBs_h4vRHP6UGiLtk1GjABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoYC9jcj51sSXU8Z6zumgUNJVUhZGHUpqygOahismc5igbzXrBqg%26sig%3DAOD64_0SYzorOQ3H29ZICwj9fjjzivA_iA%26client%3Dca-pub-9650408980791532%26dbm_c%3DAKAmf-DzSF0RVVrpw6JZTRhHX2X2mXhq2p6HrNX_u3eYG68PMaqcIdYnUFcm0vKjyqhOL4Kcll5AoTjhffQs3PNdwTNmOZV6t_BI6bF0sPu6gwh3b9k4mV7A1j3c2BMtVcSVT_6CNAfFuNwSzyWZmYHlqSbCmVhN-Q%26cry%3D1%26dbm_d%3DAKAmf-BF5KmoUj7h48xAlpFAu_tTA_FqzWDCCXhUki1yODDnyOfmOBWFXzF4JMRLAxBWmhNkIOT37JdpU7nhfayyjv6QTnqaP3eht_hLWvX9pl-wFgPc09ZLwPLD3PZo9A4dOAA_bZl7wg4sP348YC8mzALiV8h0ySkCBS69CbKXCLCHy7lEPx_9AVlJw8w4dVFvUjY9PhTZoKFj_VxzbE7uV7AomWfhavbqmVzLuFFyMdtBBeaHsLxeUcRBjdNb22MFdjLO5pZJn_c7X0IxiKpPiTUOCLMdHIWgagOfQd21eCpbuLoipcIHW0dTFqbxyXXjVMOUsd3Z0B8CGW43Q1QbLDObDHT1k_t05R0U9fUZLFlp2GD4MaHpJ12Ap3UJ0d2Enmi2r_OjkIv5Mpw-fxsIV31kV5l3rgX79-599_L2ZTZzNvN1ZkGQp2x74r3VfG7zfEde3C7gc3BwceZJ5uVPPqdy3aMXYMc2IZKx3mCeTRY7pVO6JgDZ44z_RhQ9oIhyYuY8buO-qeHSd6h7THntcvDwKCVDgDpTTM2-OVzojSnajUlvZskxSKwZRE1h2_zMbnaeebx8tSkRD1W7tkWtzLzuDDFdgmzOlsGwn6rxYW1TqardIthjIK1XkTAk0Kpn8a6MkjJt3YgGmXwc00Cx0oAB7S2_e47FCmpyTus5GKhy8sGaCqQPuUYN8pXjDYAcWzA0IucKSFaRefgMN7TpkYeIqfAHYGZ2UMlqxHqtK4CYYbis-wwFXoSsYYW26j92-HtR4fmpRc-xOpJNInA8poonFfuwsAE8MUn4TmY8TSZB4gPmyyMs4wUyiYsrkLHcxS5Ioe94%26adurl%3D&documentReferer=https%3A%2F%2Fajuda.serasa.com.br%2F&ancestorOrigins=https%3A%2F%2Fajuda.serasa.com.br&random=8030656589087&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 28 Mar 2022 02:00:22 +0200

GET
H3 200 XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js Show response
pagead2.googlesyndication.com/bg/ Frame 783B 35 KB
13 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c5a63a864325e51a1ac832da94644b4ec7d66b70626760014ef7bf8b65ec448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 15:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13744
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 15:02:08 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 64DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKVKDlGC98AqyMSEibKNQYw&google_cver=1

43 B
61 B

42ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKVKDlGC98AqyMSEibKNQYw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYxNPDmAEwAQ&v=APEucNVtJNfh3DnLbPIeRdjzbexGiVMcdUruNSXpsKVPLa_YYE-48dnvOonj5QjNJ5TUdR4ZSqrz-HmtEpgvXrsQQ4Y8S2PK4jL8DdyH9Et3p-6XlrbHbmZ9vcByq19lAVbnzLaP7QyHGb1hMhjh_pUVHZLNT4ZwaexPwBBqDEeUumunjfKbznA
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKVKDlGC98AqyMSEibKNQYw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 64DA 43 B
305 B 63ms
27ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYxNPDmAEwAQ&v=APEucNVtJNfh3DnLbPIeRdjzbexGiVMcdUruNSXpsKVPLa_YYE-48dnvOonj5QjNJ5TUdR4ZSqrz-HmtEpgvXrsQQ4Y8S2PK4jL8DdyH9Et3p-6XlrbHbmZ9vcByq19lAVbnzLaP7QyHGb1hMhjh_pUVHZLNT4ZwaexPwBBqDEeUumunjfKbznA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 64DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESED-MIwDlfkxaff6b3gDAy-4&google_cver=1

23 B
172 B

37ms
37ms

Image
image/gif

104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESED-MIwDlfkxaff6b3gDAy-4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYxNPDmAEwAQ&v=APEucNVtJNfh3DnLbPIeRdjzbexGiVMcdUruNSXpsKVPLa_YYE-48dnvOonj5QjNJ5TUdR4ZSqrz-HmtEpgvXrsQQ4Y8S2PK4jL8DdyH9Et3p-6XlrbHbmZ9vcByq19lAVbnzLaP7QyHGb1hMhjh_pUVHZLNT4ZwaexPwBBqDEeUumunjfKbznA
Protocol: H2
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 28 Mar 2022 01:00:22 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESED-MIwDlfkxaff6b3gDAy-4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 64DA 23 B
172 B 87ms
38ms Image
image/gif 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYxNPDmAEwAQ&v=APEucNVtJNfh3DnLbPIeRdjzbexGiVMcdUruNSXpsKVPLa_YYE-48dnvOonj5QjNJ5TUdR4ZSqrz-HmtEpgvXrsQQ4Y8S2PK4jL8DdyH9Et3p-6XlrbHbmZ9vcByq19lAVbnzLaP7QyHGb1hMhjh_pUVHZLNT4ZwaexPwBBqDEeUumunjfKbznA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 28 Mar 2022 01:00:22 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 2C97 106 KB
38 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
Origin: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 18:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Mar 2022 18:37:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/ Frame 2C97 8 KB
3 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_MNotMzPyQGC_nQfqF8ZHvv-4mmyLJDweQL8d_SUpiCSH5bUxJ8BqWiDOfFeOKOXqq5UqgFJsgdU3le62yWtHY76OcQ&cry=1&dbm_d=AKAmf-DKU31p1eVMc5APRLkeY3vRh1kGYM_RS0b6SxeIAKLDWGQXp_7hgUBMR5J4c6rnkXQcCdDLCod-na-tdCbSHBfSJiEPbBYnoqa_cfPmZobxBH_imNIr59C1V8x6B5H75_IG6waz-sGxGun403h5ECmfVnvlv3SSLfjpS2Z3x77tC6tts0TlgfDV_BhIknGxXZRv28AFRucxN2vQnWQjh8_APMFNSOur0KnvA9bIgJMoj42MWxFpGCoj5NDoa1sjMGzwPWf3DhpFmvCSuDZvXMh9Rw5v_ihLycFgYAp_tJq2OKS9_nva2nk43jJv-4-8yd3DCuVKpp2MesKFAUmsM0K4FX0UtfmcN0ENOtASuVq6avwVC0sqcMZJhpUxzl7WCC0VUHUNa9ZFOCmNA9ujQBKVwQZPYsz-dNh4Cc6v_yKra9rtcbj8oS6_j1FUf_YKXYW7Ek4zhgSAKFOYnyq3R1ME-7UF54cBOTLhQUE3YRpJrZEAUGuD_1oasJ7d2c-pLRl7u5e-_ND5HSF3zLuRtKCvXUZ9xrw8oZT5Bi50eLVyv48l0kwVDrF6AvZAhKvUU2jO-rdUuGKvVWPf8F_94Z9DCRhCVMn-8O5J_yiBtkkMJUJfe9djBCZ8l2P8a5tHHRFXuVrlXoCuy_HnbOgLLYze0lYjewHGCI7Ou_i6uSIpMkl8dkiZB8_BwxGYknf9fpZVDvwBl7WTTH0SLsuk7oEc7m89_1mp2zo1N_jeR4z3ue1GtXGHqVokHAylfwUNDpCB9Xj9kMQ2KkjWhq8CZcMsMZI8zHJFz08Mg7O65Sy3JqhTeerU0AnZfQ_A4hdTMXp2lw9j5eifEC_O2RLtTPLgXl8O_bPSAIbkXsmP1WEioCmVxrbTQ1XZPgbIyJRxup4MikwMbxDiaMZGGg-9OU061slVS0cFgu6eJdmNqVdm_p7opFRlDoyiy7r_tC290sO1V1FSahRzlHOG8Su0h786KrXbJTSwErMoF7ja0zAdlQ8DbbNJ-tlCYFzrTu7V0LLtm0aHGRMbtFoKNbY8sMDb-m8l-AWHO1cPKjJB6atp3Z2qjsoSrEuFx7Xp79XGtZk7v8nG7qCdKN4Zb6C-lYKTXUdWODEhHSF9z0vF8O4qDOu_3PezgcL0jA1J1poTf4QqY5WiqNjLiRq5GyibFMqVH1XA84ucF9l8bxRbh3ziB8Y4fqosrOrMoiCw-K1RkOcPTXEyH8dax8bYJgSK3f1S5gnu4KmGqhHWB2W47GlANt9KvZM_hYJstabNI86cI6xqfWgtRNL8XVcjSaBWntj9HDMF_R0AugkQKgY4w5qd1xoLHON4qXIiya-VGI2qYHcq0Ec-T6V36iTP8U0xyri1-HoZZkYDvrdb0eLS5rzQyYOSqLWO05L55L7wr2MN8BWnVx6ZX-Qa7XPvQLWI_X5FnmAkSoHtvisn24uclBbVjxz2Rpqo_YgBIPpYENCNmgBpr5YsPfeZUYUYwtU1FyAJgekMdQPT2ICFw16Ie1ubZFzvAL8gkeIrTQOCmI_Xu4IXaGnqHfOGO5I4kwPngYJzsaOypMbStCkUjqM2bY_RdI1WIznl4rEMXplIsLpGk_wAFR6C5fGBBCnbp3oB1SHAxn-TbwN2xrgiiiIBMYy8D6satNlbbG9EyPmCHFkHhCkAzUwx9PNSyyM4HqZMsCLAgbZxQNc3mYI8FHCByQDwhJpCvTJQCfWOvwvYZfzOMo7GdkOKZmERfEE0l8x7dKVkhtKcSNzk5ivqKW22lburnIsMIrdv_Js90oIfEWaXqQqCyZEgYKrQ28H9VG16F9_PWKakFW-rOibjKu4sGFjR6LV4hHz-hJu5u-vettH9xVLMtCnk3ypggYwd2sWom4AVjbnC910_Rwjwv8Q65pICjW0LL9cIQIcSq9iIic141rBILVEgjYiOqBFsnDwIgYq3jIDCPeOtQRQSCQF5FZF-YJaKmRRqrzqUdsDYX6svDquWoDs7nEF2eGdsSGM6tgVtvPkP-MNj1hKEBryeu8vRIaMM4hklG-T2fndG8A-hGdgxleASoCA5ab1TYYeIOca7mBGGVZBP67dT2lNWqQTRnvPcaqNvbPsqfkH0Gt0fSjPm6XsujYbeKHNVsM7IflIpFkcpPSBmcLCBw1hha1TIzwS4LZre7BougSlAN5cncADygyks1lEN3yRWEPiTfYDqjg9gGEzjL3etFOuPm_mqJdJN1kO2QNrVWCb_dHUNrR-CyOkRtymi0tBO-XP21ORWbvjjmTCK4sTjRFOXs_T-n-a5zspRgl8xhCnqFJiVmwWuNGe_Jo8WKpyayOSjC0V2dhbsgASGR3cQeRlk5Xpba_I4278yO62JLoCHhP7yvM_necgBizeynZkza04e7Exx5q3JPv2M8Nz9KOb0tk64kGMxphQ-aiHL6QXgikZUToExDg1qeJmcu-pnE1kl1Uq7EyvLcayYePsdjUsRBQ0m6r3kKFXevKx9faf9MU1vR-tt2jqZWdbQRMgNZJ2zz0PLeVIvsjKtSbLIUtRD9xVxVzGuEYCFOlea2rHx8wkPtdCLuoVmt2MCpzfQRRaNUl7O8V_l7hoMqwVerCfipOY4Hf3aySq9zY1CLNsCPsjlVgHG6BSaIIUabq-03e5nDHeGQDxroqT6xUQERr5_WlrkU8zd7Jw6jO4MCKe7PgzjEMD101N-dh7BNh5jCURRDe4br0TD57hQ1HYXfDbso3tOuGu60eTrvRsNAAj--G9fmuPN-dP_GKBOv2Drvfd39fCnLoSkWYzwyE7dhbGbKEjhf1oZwdBcndPYYKss3gRH8o50oH4y_G0JDTkxp7KSD5VKn3sbLfRjkH1jbMR-Pn2-mZH2aP_4QYM4XMROg4paSGQZwZx0ssTffdsdy4bj6ExIXdonoiCqGrv1u7wzO3TodhO2Spk-R7dK7p88issC3Gq1J7hVKRws2HfLbUbFb1-3fB74tZSi120y0IpKGON4pLfsoLtd4O7Qfn6ffk631Q0CHegj4DVWpHNacUoyUU8xsAogpJJyr--ecBIfj7huMzCxlAJDp3dXS5wqC99camAkIznXuk9VfXAZrLuMgEx454h2igCdwtNsxfFbp-fpvMzGVPa9MaZGtmbdnr4dwSciOhLmPfsX2vUMaKm9uO_30PD59dcj7eaIKW1qfIXfR0jDAupT3SCApi2Xl2pszdBlRn6jDdYcWtF5Vv21UzQIgAoSLH4gM9NRkYA1PwudtQZ-WZg5ZsVQAyBP2LeYUnDkKOdCL1sj1MeLkaJCljTc0OZOePrCa_BQaW86JIN4SQXbCVa11RBVIC73Qg9ONSfC3dUPcnALrW5td0u-159vboDabiTu5VdhsVKGboovCdmF9ILJuFIE0CrMFeIS6RGvxhXCUX9XNDvHWGino_65gCW52Q&cid=CAASKORoFZbSfQCJNacuE8yM0_kh9qgHpKeBranPhQ_Md5w4UG_ifThzqcA&rfl=1%2Chttps%253A%252F%252Fajuda.serasa.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:28:49 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 2C97 25 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:57:45 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BCA2 0
0 75ms
74ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ca37QpAhBYqu0FpyZrASZsY3YD7jW1Y5p7L6fs68Psui_sN4BEAEg4e7KQGCV4pCCoAegAfT39P4DyAEBqQKNYEMGJ22yPuACAKgDAaoE9QNP0Po3AzrSoEK01nH2lALlpsk31h0XNNTHqX65gPcLBu9EYxtTzJzTZfBDNqt1Lc7ldPNnOyMU6mPjM_NNQsYdhBSqb4PQtUSvGIMLdxARfvbxzxw1w0ainLLMbwLByjyhzx4qQgivzO1T_NEZQOQcqBaBZ1eCzKfnPvNJ3sbEioUUI2oDYy7YzXq71EGVI9icDUjBQsl90hS1rM7ZkZqU28BUGqwKfKeEytHfaL8-wvP_QTe8aP6NO91CuKIP_0IF9I0aLkXhrwvNuCLTEd9kqOoW-ku50ZikCeqKPERSyjOpLnv72oEKwexXaA3Lm8g0YZqde0N61d0UAm-gs4QV_L5rcKzLDcvReydBYVCX_Fs5K32-rs-eb-nTxRhB_TjywgSw6z3SlHNvrJouXrrBEH-4agJWXf1hoP7TViY55S_BHXvbXu5swHiRduOsEaya3pU3ugZGXX0ekBtZEJJx8CqxtUG7tCExS_Raftom2KwleyYIlkHrJlSdVt57-Kqpnnz_JjjpueLR-GKD7JX2DvFeV01GkW2Mu2KcquvKsHsNfVvAegj65hmYM5ce2B3nR_seShXUs_l0dfv5ZULn8zhpiT2gUHR6GQZAQroMQndNKBUrNDwP_CaGKBTmCrC_EAUjxd3agdWiyjfZ3PYwi1QWIOHABKn_t9P_A-AEAYAH9IeLAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOLnJ9IICQiI4YAQEAEYHYAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi05NjUwNDA4OTgwNzkxNTMyGOH-HQ&sigh=MX_dpdTrsFs&vt=1&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BCA2 42 B
64 B 80ms
79ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssk3dPlSxXFMHjOexVJEgsoHvMHj1s7HPEqJpr7kmjObXGOMqwlGx5zIQ6-3oY9sNJtuoCSNbuLgvRi3raaIVVerz-WzMydWKbRTX1y0SDmbVqmZauTU0SRC1Z6aPX2vWX1WsXAgsounb7J&sai=AMfl-YRz0qPY5bGYU2-QKiWennD8tNwjoq5mdxteSP8DJ1QDSaOHTonH2Ac-UnvVeNGUkjNsIYyd0LQF6PGGcBYtCpvmi6QquD82S5wLzbtKzqvVO9AOfOyx2U0XuVSrmWY&sig=Cg0ArKJSzLy2j8I9vx02EAE&id=ampim&o=315,309&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1005&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&tfs=267&tls=1272&g=100&h=100&tt=1272&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3968775647

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2C97 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 15:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Mar 2023 15:10:47 GMT

GET
DATA 200
OK truncated
/ Frame 2C97 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 230352a2bb1ec34f0a4005fd454d2cc90b46eaf3450878a630d21c15dfaf2c9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame FADA
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=25249300010051000710632011912010&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25249300010051000710632011912010&actionid=981741&produktid=&dt_url=

0
629 B

64ms
32ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25249300010051000710632011912010&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=c9b38a9802&subid=&uid=be1abb15763f3284&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7ryCpQhBYsLNDoik3wOGgp2ACLXN-YNXnNC5q-UM8C4QASDh7spAYJXikIKgB8gBCakCjWBDBidtsj6oAwGqBIQCT9CdQU5OhAijTt0t3ipeaWn6gCQRujWWZgOyY1mEUvh2Jsa7B--w-L35tTP3eIuYetYbPITd9D6vafRT8zMJ1pbLnbmINRiFgnAfCikMhHg9lmlAFPamW_AJd8euf2Nr8j04IqulLGsThySS3Ovv-CrPt2LF7jYp6xpYT13PyEni8lS17t-RN3-daxVI_AYD2fGeJ93I4sHShHI2BDqu34J2UFCedC_e-7f2tvHqGjTOkw_WY7hho9fziDvTEVLjd-pf7wHe7hy23I4VNnsQzvI2-s9wmdCNsF1vdrG_n89-e4RMhnD7jbSXr09CpFwsvtguEctOBs_h4vRHP6UGiLtk1GjABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoYC9jcj51sSXU8Z6zumgUNJVUhZGHUpqygOahismc5igbzXrBqg%26sig%3DAOD64_0SYzorOQ3H29ZICwj9fjjzivA_iA%26client%3Dca-pub-9650408980791532%26dbm_c%3DAKAmf-DzSF0RVVrpw6JZTRhHX2X2mXhq2p6HrNX_u3eYG68PMaqcIdYnUFcm0vKjyqhOL4Kcll5AoTjhffQs3PNdwTNmOZV6t_BI6bF0sPu6gwh3b9k4mV7A1j3c2BMtVcSVT_6CNAfFuNwSzyWZmYHlqSbCmVhN-Q%26cry%3D1%26dbm_d%3DAKAmf-BF5KmoUj7h48xAlpFAu_tTA_FqzWDCCXhUki1yODDnyOfmOBWFXzF4JMRLAxBWmhNkIOT37JdpU7nhfayyjv6QTnqaP3eht_hLWvX9pl-wFgPc09ZLwPLD3PZo9A4dOAA_bZl7wg4sP348YC8mzALiV8h0ySkCBS69CbKXCLCHy7lEPx_9AVlJw8w4dVFvUjY9PhTZoKFj_VxzbE7uV7AomWfhavbqmVzLuFFyMdtBBeaHsLxeUcRBjdNb22MFdjLO5pZJn_c7X0IxiKpPiTUOCLMdHIWgagOfQd21eCpbuLoipcIHW0dTFqbxyXXjVMOUsd3Z0B8CGW43Q1QbLDObDHT1k_t05R0U9fUZLFlp2GD4MaHpJ12Ap3UJ0d2Enmi2r_OjkIv5Mpw-fxsIV31kV5l3rgX79-599_L2ZTZzNvN1ZkGQp2x74r3VfG7zfEde3C7gc3BwceZJ5uVPPqdy3aMXYMc2IZKx3mCeTRY7pVO6JgDZ44z_RhQ9oIhyYuY8buO-qeHSd6h7THntcvDwKCVDgDpTTM2-OVzojSnajUlvZskxSKwZRE1h2_zMbnaeebx8tSkRD1W7tkWtzLzuDDFdgmzOlsGwn6rxYW1TqardIthjIK1XkTAk0Kpn8a6MkjJt3YgGmXwc00Cx0oAB7S2_e47FCmpyTus5GKhy8sGaCqQPuUYN8pXjDYAcWzA0IucKSFaRefgMN7TpkYeIqfAHYGZ2UMlqxHqtK4CYYbis-wwFXoSsYYW26j92-HtR4fmpRc-xOpJNInA8poonFfuwsAE8MUn4TmY8TSZB4gPmyyMs4wUyiYsrkLHcxS5Ioe94%26adurl%3D&documentReferer=https%3A%2F%2Fajuda.serasa.com.br%2F&ancestorOrigins=https%3A%2F%2Fajuda.serasa.com.br&random=8030656589087&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 28 Mar 2022 03:00:22 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Mon, 28 Mar 2022 01:00:22 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.5
Date: Mon, 28 Mar 2022 01:00:22 GMT
Content-Type: application/javascript
Content-Length: 0
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25249300010051000710632011912010&actionid=981741&produktid=&dt_url=
Host: pv.medialead.de
Proxy-Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA4:BE06_91EFC182:01BB_624108A6_14030EDE:7DE0
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028

GET
H2

200

index2.html Show response
singles.parship.de/lp/v00/6/U/htlp/ Frame 8F89
Redirect Chain

https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=25249300010051000710632011912010&pv=1
https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID

914 B
1 KB

141ms
86ms

Document
text/html

2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

390861f36a9e59da2a87301f7c98ba3e3e445dafb76d2cc9aeea40363d349441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/

Response headers

date: Mon, 28 Mar 2022 01:00:23 GMT
content-type: text/html
last-modified: Mon, 21 Mar 2022 05:01:16 GMT
vary: Accept-Encoding,User-Agent
p3p: CP="ALL CUR OUR STP UNI PUR"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6f2c6db35be39baa-FRA
content-encoding: br

Redirect headers

server: nginx
date: Mon, 28 Mar 2022 01:00:22 GMT
content-type: text/html; charset=UTF-8
location: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID
p3p: policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id: 12
x-robots-tag: noindex, nofollow
access-control-allow-origin: *

GET
H/1.1 200
OK request_content.php Show response
hal900010.redintelligence.net/ Frame 6A2E 7 KB
2 KB 33ms
12ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/request_content.php?s=25249300010051000710632011912010&a=25be310e
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=c9b38a9802&subid=&uid=be1abb15763f3284&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7ryCpQhBYsLNDoik3wOGgp2ACLXN-YNXnNC5q-UM8C4QASDh7spAYJXikIKgB8gBCakCjWBDBidtsj6oAwGqBIQCT9CdQU5OhAijTt0t3ipeaWn6gCQRujWWZgOyY1mEUvh2Jsa7B--w-L35tTP3eIuYetYbPITd9D6vafRT8zMJ1pbLnbmINRiFgnAfCikMhHg9lmlAFPamW_AJd8euf2Nr8j04IqulLGsThySS3Ovv-CrPt2LF7jYp6xpYT13PyEni8lS17t-RN3-daxVI_AYD2fGeJ93I4sHShHI2BDqu34J2UFCedC_e-7f2tvHqGjTOkw_WY7hho9fziDvTEVLjd-pf7wHe7hy23I4VNnsQzvI2-s9wmdCNsF1vdrG_n89-e4RMhnD7jbSXr09CpFwsvtguEctOBs_h4vRHP6UGiLtk1GjABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoYC9jcj51sSXU8Z6zumgUNJVUhZGHUpqygOahismc5igbzXrBqg%26sig%3DAOD64_0SYzorOQ3H29ZICwj9fjjzivA_iA%26client%3Dca-pub-9650408980791532%26dbm_c%3DAKAmf-DzSF0RVVrpw6JZTRhHX2X2mXhq2p6HrNX_u3eYG68PMaqcIdYnUFcm0vKjyqhOL4Kcll5AoTjhffQs3PNdwTNmOZV6t_BI6bF0sPu6gwh3b9k4mV7A1j3c2BMtVcSVT_6CNAfFuNwSzyWZmYHlqSbCmVhN-Q%26cry%3D1%26dbm_d%3DAKAmf-BF5KmoUj7h48xAlpFAu_tTA_FqzWDCCXhUki1yODDnyOfmOBWFXzF4JMRLAxBWmhNkIOT37JdpU7nhfayyjv6QTnqaP3eht_hLWvX9pl-wFgPc09ZLwPLD3PZo9A4dOAA_bZl7wg4sP348YC8mzALiV8h0ySkCBS69CbKXCLCHy7lEPx_9AVlJw8w4dVFvUjY9PhTZoKFj_VxzbE7uV7AomWfhavbqmVzLuFFyMdtBBeaHsLxeUcRBjdNb22MFdjLO5pZJn_c7X0IxiKpPiTUOCLMdHIWgagOfQd21eCpbuLoipcIHW0dTFqbxyXXjVMOUsd3Z0B8CGW43Q1QbLDObDHT1k_t05R0U9fUZLFlp2GD4MaHpJ12Ap3UJ0d2Enmi2r_OjkIv5Mpw-fxsIV31kV5l3rgX79-599_L2ZTZzNvN1ZkGQp2x74r3VfG7zfEde3C7gc3BwceZJ5uVPPqdy3aMXYMc2IZKx3mCeTRY7pVO6JgDZ44z_RhQ9oIhyYuY8buO-qeHSd6h7THntcvDwKCVDgDpTTM2-OVzojSnajUlvZskxSKwZRE1h2_zMbnaeebx8tSkRD1W7tkWtzLzuDDFdgmzOlsGwn6rxYW1TqardIthjIK1XkTAk0Kpn8a6MkjJt3YgGmXwc00Cx0oAB7S2_e47FCmpyTus5GKhy8sGaCqQPuUYN8pXjDYAcWzA0IucKSFaRefgMN7TpkYeIqfAHYGZ2UMlqxHqtK4CYYbis-wwFXoSsYYW26j92-HtR4fmpRc-xOpJNInA8poonFfuwsAE8MUn4TmY8TSZB4gPmyyMs4wUyiYsrkLHcxS5Ioe94%26adurl%3D&documentReferer=https%3A%2F%2Fajuda.serasa.com.br%2F&ancestorOrigins=https%3A%2F%2Fajuda.serasa.com.br&random=8030656589087&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7cbbf4f3b18f5b1d0b06695d4063b5afd28fd8e9c6cf6d35c987b70c67771567

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/

Response headers

Date: Mon, 28 Mar 2022 01:00:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 28 Mar 2022 02:00:22 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2105
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 66EF
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25249300010051000710632011912010
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25249300010051000710632011912010
https://ad-server.eu/wm/pb/native.png

68 B
312 B

150ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:05:50 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 28 Mar 2022 01:00:22 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA4:BE0E_91EFC182:01BB_624108A6_13CC7D5E:F726
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 66EF 43 B
702 B 33ms
12ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=25249300010051000710632011912010&pv=1

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 01:00:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5DB4 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Mar 2022 09:34:28 GMT
expires: Fri, 24 Mar 2023 09:34:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 314754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 66EF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cefac453b5d3c4986bd18c21d89fd310a320c4af95c0af4d0846501c0fb5e1c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 6A2E 4 KB
649 B 94ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=25249300010051000710632011912010&a=25be310e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Mar 2022 23:43:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 01:00:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 01:00:22 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6A2E 16 KB
16 KB 34ms
12ms Image
image/png 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=25249300010051000710632011912010&a=25be310e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4a3445720b2c316afb1b17efa5b053f0f1043e1130a124a4c0abb1ee4a18ae9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:00:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16247
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6A2E 17 KB
17 KB 35ms
12ms Image
image/png 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=25249300010051000710632011912010&a=25be310e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a00627326bf236cb41fd6efc664fb7ef1e262bfda9035c198daee11df7f17ed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:00:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16856
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6A2E 7 KB
7 KB 173ms
151ms Image
image/png 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=25249300010051000710632011912010&a=25be310e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6b45cbf3c734a35fd4463910676e6120b7324d94272b25ae07ef99e8f0ddd1ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:00:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7154
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13179925603047686728/ Frame 7890 115 KB
22 KB 89ms
41ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13179925603047686728/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38f0f720d7e01916df407c2f6b0d03e218ed06ba6dc9ff276f7f0e9da9d43a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 22991
date: Thu, 24 Mar 2022 16:11:10 GMT
expires: Fri, 24 Mar 2023 16:11:10 GMT
cache-control: public, max-age=31536000
age: 290952
last-modified: Thu, 17 Mar 2022 16:07:52 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C97 0
571 B 169ms
88ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8GlgTwg9QRsKGj9HduvU85enEDjZGhXZLWCz-u_Tn-2mQFnINjNvanofz05PsHd9AUGNE_D2LWMbX048hxtx1gmnxXHM4g9lZLU-o-67Nx4npmwKJrvne9bAjD2dx9yj6Kk30aLgAZeN-tr8OaEZrk5P2mhEB79SCKqiGGBjrYS3jo0sE2VFwvTlqy-t_NKv_I_k56LSFmYezDdcn9gOcyzqE-HhNvpk-SN_JP2IKre3q6YOvyEXwbDjCoxmr7TQkxOU2qbFfDkoi3xvtAg-IskSjhDJCfh-eoNWMPk5-vJ77b7va9PXz-11GG2AeSkPSQGseKOUDnwGTjzclE-Hf6AqIoiS1_y5Ug9ZcOUj_ifZZQzHEspNcPXj3-HpCIkh7GodHSTLoQou-qsXgQJJAhf7OrA8Pgvfwca3jmpdPvDwnVF2Kh6K499sM_Ltp9XzBxVgq23znKllbBQXIA2ycvCtkcvD4nE12vs-Pnhw25_U7ijqImjvb6Yypkg8-7O7ENw0UdIrvLBaXc9JIEAAwhw18hsS6PFh6plHDfPgQv1JsofMb_U5D-iK-_Yx-8knSvG0MURunQwi2Z2qnOQ2Ywgs2oZko2CC1PQp6FUPvPkYutFMo6LgKVIy-_pa7FLI5BoT8aHM9842NtoLxEnQoGTjXqFg1M3I95I9pFUqSjXCLeSELQhJ05wlJ-WEi0d2vACPNkaa6R8kYfsd8By_v3e7Mj5fg5yi54lJmLePddEL1AIlCDENmyPHdud8qyAFXy1me8p0kDZn9kHqW_lkM_8yiOOtWYEIcsKCTrywc1BJLsUgVvFunQtXK3KjaYpORk72tcuQHW-KtpODsKJ0MaR-nRezmzbPKorU3xKIvNvug29Vv0qlk9jav4vX9oqyEj8rqbEWbYJ64pbqutwhzgekFo3pxvtbKG4fcU9QOOWAQfBeWy_ntWDlNL4WU5wDKYTjyNDTaun1JMkKY35gRFjdALRyTch-9PjAAMPuaOd10UPdBpAcNN1d0vAwTktupy6Ct7OrNf0S88QrPc57SiQhEkIOYEM6pPgzpXcujvLBDj_qUPBHqeNd2NpJtQxc9Lb2mfaWLDzX092Yw0JYoDVNCa_3dqiW8TVVgh4QXQfOvd5VXq_PN7xTBzTV9BMc7NURQw8jpT6RY-uESPc19OWN9HRiDxCAONXprKJ4o1Wqs2TA&sai=AMfl-YR_HFWmU02tPlx5s5SUiFCxOcuEFyKx3PaV_tPjTMAkYJtxyOBY--kWoPdq9yGixmJCHoj1lsR6YjAYKPaA7QpFJIDaNpE-QGKAHN5438P3DNhvbMmvHQP89BmMHo-MQpjMYAWMv8-z6PKO5TX2halrAXiC4Ye3HE3YGs_E_TIIhf2NacegR9ALn9vyPZD5y-yvpsy_HLA8OMhPutTIFUxh7iPhRM2HUw&sig=Cg0ArKJSzEXw13elOCueEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=180&cisv=r20220323.37217&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 28 Mar 2022 01:00:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 783B 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9kKzpghBYpLzE9flgAeizaqgDAAAAAA4AeAEAg&bg=!oKOlo-fNAAbzJazn0yU7ACkAdvg8WgGRj-oO0jICOOLWThiYbyb1u9ZMcVFJWuk-c4tdeNgPP31z4QIAAACzUgAAAAJoAQeZA0fLvCgGJdNp1ni7obnrhEVI3qfg7Ub512VQa7Z91qU1YijRoSQElWPposZU-VSfFVp4CD4rh0tSeM3XShbWGAoxkFgN-fv7KPiWzShmJYQrR15vZ7P_vDSqbJuTBRi6G697fG-fPb6uSAb_NLVUcDOYVYpjMF65Falr8-HWZBRSCmwan03tkmxkcLphQKpmqw1ZWy0sCDNADp57flxPVl5Rbw9NbRCTMor7YW89_NzJveizbJ-6CEnz5EPsNT9hEXyPf_Fxv-E3E-_UIfvNIfsLWZHdtoAKZg8BNJcAik6R8Q3kfo03bY2rKh9FC_iYWLVCqyMl5QSM7-ijXql0yWjaLol_aaWZgZ7Ygt7JswJobrRGXw6VEBCsV-NZBILMQf0UUgARzJ9uBeeS8hGkCldz01zX6MGCeDjOn7fTutrIJ1uvmkE3vr89V2P3Eh0f70XAyCqD-PayxDk7CXSG3887yHBdPq4k31obxBa8bVWxXpuercz3IBwrmFhv5dUSqWuzhhqJrhNaCV3oTs67h6eTnF3YsejPXpk7wmWj4wQsfS6DJagq05lVF4c8G27M8Vlpn3Aa6uxTz6LD8lcFildPQBxzYoVyb0SYbrYpVDN9mQCud-FDONPROrcPkpjNTLtdM9tkAnYw1xR-gJbpUZG2l83D4onzaZYnoUvXZXwayDcQjYj6cIhCLTHGwedhkW5ux91i3tC1mO1W2VVYWnBip8Dm9yYnRxsGosHs-zOy9vGILxQVAjxyO8Tc0g7-V-BawYZEukbL8CcbBToZU_QCmh2uj00w-y7hPcVtDU5B2MbOqvUKbdSUoiAQCn8BivdxiqpoZiIm-faK1FxWugw6hzkVgM1fcaNp6FO1QmgPsdxoVL57pPzjgIQYRfvDPeXJqhowhb1SGEvJD4k2vdFjf4aBSP43-ocrNhOmuZH8RkxCjNaGKSDiNPaGYuUS3nEKD5D2cbQO_0rW1_zt1GshtOlVjJuaI_rCBMUlo4HyPo2-g76U_1bWnIGNSxyprz_6J5K3oIq9_d8tly87LeQW9vZ9U6CWheFZCWmQFQ3VORV94eI0QqZaQ2RWviBG1UZ6cCAaq8jOH7-83ma17rITekCoeCEA1g

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DB4 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c5a63a864325e51a1ac832da94644b4ec7d66b70626760014ef7bf8b65ec448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 15:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13744
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 15:02:08 GMT

GET
H/1.1 200
OK viewability Show response
hal900010.redintelligence.net/ Frame 6A2E 0
150 B 34ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/viewability?s=25249300010051000710632011912010&a=6aa1efa2&vb=m
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=25249300010051000710632011912010&a=25be310e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/request_content.php?s=25249300010051000710632011912010&a=25be310e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:00:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=4348093462406210&bg=!LS6lLmrNAAbzJazn0yU7ACkAdvg8WniUr04b0iF91wxn2ySgRem2Iz6t1HTdan2CGg1KRpOxSSJaGQIAAABaUgAAAAFoAQcKAEUBajgMnZXCZsD56OKDlEP9kiGyzJH6LBRdmKm_7UqDTeQIW8IJ3OPKSycmF_w9Qg-fnBLo6sgoYBkQc7R-NE-P92jcjdWZAuOf_QTtRdSG5TZsfND1O8D0N2V_JaZxUzyJoWkuoYdp9nGl8LbdJ_7D329HpoWOPrixb-aVUq8eGmQmmICETC5Zd2CkenPK0DqYS79Z-aOJo4_WJldb9Ugru-cWtXTVDKCeZfgi6JW_apHt-YdKltu94HxUz9vFfK6qFLVaUAmwjB6r8Ow9vc8m_HWc0s2kEoKdxZ4ZDMb3oXPZLIHXWuxh_4-lI-r2NhZH0-3aj3x9Kq7CRNMVaPqs4JYWZpUp2fIa8ZufmMozFKQqFr57aYdnuleS4zRPhs4SZdvUYafcJsDRhZmW0Nk9S2XCiAErhmnBOG8mZr_w0wf_CArA_AxpiV4k3tpzL30464AnwzEQpgBDGzMC4XYUm_9o-UVmfkNxNnR_xdLZ1gIQAlciLysk7VJVc_gIESMRwkNg0ugKnyt9dvWR7jKyYb3tqwRrc_PYyliwPJdLqNoUk9Wmh4Vb_yXb-pS49zaVlgyIzO5DkUlJxPAqhri1UY00mf2q_w3W533532CCLf0oEXcjDUFnNWtT1vTQ1R0wKuV2bA_vPNqcPPdN_ZTz3imSQftlcwFmYRYcdS8OnErBwkITQ_0ZYUFWIpvtOnq1WF_bbwMdJcM7gTazCSrD5FfM6GYWn5hWLf4G3ag4tttG8ek8E5SZSi-w08XvwHGC4AXHD9zO3nverS47gl8maod-8TU113xhcqxxfB1YsYLFWvJwO7hkftePM_8aoyFBwt3pFQ9JZMI_-oWuEvG5HaBe4a6LGrDIaoAbIz1G6JlMdFzKePtS-Jik3URxMv9mv8-q384VusrA-1YvUH9qsossZOU-uil3HygHag2tvHR4Sf4dASLLFczySYs_37Lcwqc1Uk_GCyCTlqe2xMx8sJfMEkvHuj8c0Z3HZzDTf-3QJbO1FiIzcEBGLdERKxhNnTtBm4G7_oQ0iqQgkxEhy9aU1yBroA17UhDW0XIIuZ1APOM6b5-Te68o

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 6A2E 13 KB
13 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900010.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 18:04:09 GMT
x-content-type-options: nosniff
age: 370573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 18:04:09 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 6A2E 13 KB
13 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900010.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 18:03:30 GMT
x-content-type-options: nosniff
age: 370612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 18:03:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7890 8 KB
714 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500,700,regular,300

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13179925603047686728/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:06:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 01:00:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 01:00:22 GMT

GET
H3 200 DcmEnabler_01_248.js Show response
s0.2mdn.net/879366/ Frame 7890 31 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13179925603047686728/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a37afa4795c0cede82ad0f73f60eafee5e13f6fb3d42a739354d9280966fe434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13179925603047686728/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 16:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11026
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Mar 2022 16:39:43 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 7890 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 371043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 17:56:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 7890 16 KB
16 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 471501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 14:02:01 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DB4 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BV1hfpghBYvWcHbie7_UPpK-f-A4AAAAAOAHgBAI&bg=!CwilCEzNAAbzJazn0yU7ACkAdvg8WjrhswQaVU6juGWiWp5S-UzrrZ5MwpcAIx1LQMqIvGnURSnRHAIAAABlUgAAAAJoAQeZAwz2zpuXX_IKQ9JaTGYpzlx8fZzRoeiVjYwjN6o3MSImxXOTx0GozaLDXUIVi2t2koxUA_KQopPu2cva_-sBS94GhkMhhm4zy5iyL-5YO88ID6v2dvaLCHtfqnAAQcH_WWPj4cVMPDcKMXsapR0-Qevc0ZHMVvnLy0FFMaXWJpwDI0t4FPFU-wqXrw-c9NMSAnHTIL5pRqwFettdStJAmqDdPEr8f0VV-GC32OS5_V6quP2W7b9UXByTij7Nnh55j9rqQhleSs9nLGauzk-7D5C7PakDeyrQAhcDDPdajesgpv6_-Saii5CCp9gXYJpfZSpvY8W376cgIzC_HVv-DcGjtztETvPPosnUQvUE9BOBloONIwPZ94mpWZh9Csw8VNtjwLv-Irx16evYZa89wO67J3vndpMNRm5lScZels0ZtXLeHkBPvKPbGT5UItWwqD9_sUEs38RMslT0X9fWJMPtY6GUF6gx2EIKUBBAeSgNWgeaWM6856IefSEDI2FXmX6gC5G3rDoyDxCJqlDM5gQVmfMo8LVcssBnJsA5tT4aRhNCZ7KkpmDrKUoHSxzbjBNBcJXEWkrTbQMLlKDVvZHIWAoZMRzoW3IwnWF_jXENKchQ8WUpqUz9XdEPi9TMBAw0ICQdeOEWm4ictp6YuHFoLcUC58m0Q_tgH8h5pIl2KkL9C5dZn4YrtB0nVsh5hYx-i90tv4BWEWFDhU23EZlfJoU6lfwRkMSkyme_ywD4oXY6PjltAcVVLi2U4mVWjyooysuxdrY5zzJ6nGIWAqEwTMhTZpOWqa60ClX5hmWUQP6AwsxIMZlwe4LeSwn84xrG98efFo9tWWJPhBot53PSmG3cLnJaRWhz_ILHyqgDMfvJnRu6mmsgSUmf65fWuoboqla9N-VkHEhtw05riEVqd9y_-mWRMGTm-lopkD3htwUOM_hDrKYR3zifpZRC7hk0-_rUhFGd-iEDEdDFJGntu-jVfy1a5fY2CnRqeVhrajLK8Udr3_FNa-DgwTzHdSqrnfvXLhyzZbQcnyQ

Requested by

Host: cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
URL: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Bitdefender-Logo-BW-web_b4fb7724-9c4d-47a3-be31-8feb53301b28_copy-01.svg
s0.2mdn.net/sadbundle/13179925603047686728/ Frame 7890 4 KB
2 KB 40ms
40ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13179925603047686728/Bitdefender-Logo-BW-web_b4fb7724-9c4d-47a3-be31-8feb53301b28_copy-01.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13179925603047686728/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e951b97967974edc90373c03310475fdccaa7dc588c26a1cef531468ee65ba8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13179925603047686728/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 16:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290951
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1872
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 16:07:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Mar 2023 16:11:11 GMT

GET
H3 200 TS-Online-EN.png
s0.2mdn.net/sadbundle/13179925603047686728/ Frame 7890 433 KB
434 KB 44ms
43ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13179925603047686728/TS-Online-EN.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13179925603047686728/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

977f166f073c111c9d3eecd74de1e86e07727a88c21340d7412674d68a3d8983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13179925603047686728/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 16:11:11 GMT
x-content-type-options: nosniff
age: 290951
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 443849
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 16:07:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Mar 2023 16:11:11 GMT

GET
H3 200 Logiciel-Europeen-DE.png
s0.2mdn.net/sadbundle/13179925603047686728/ Frame 7890 9 KB
9 KB 41ms
40ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13179925603047686728/Logiciel-Europeen-DE.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13179925603047686728/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b572cea301db8dd83844da95934a8e5bfaa4a4046e2523b91705098d595ef91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13179925603047686728/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 16:11:11 GMT
x-content-type-options: nosniff
age: 290951
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9102
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 16:07:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Mar 2023 16:11:11 GMT

GET
H3 200 bd_Ukraine_300x600_filter.jpg
s0.2mdn.net/sadbundle/13179925603047686728/ Frame 7890 22 KB
22 KB 58ms
58ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13179925603047686728/bd_Ukraine_300x600_filter.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13179925603047686728/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8473fb8053600b1ad240df8b4b26a09180c41cb32ca42b05f51d826bcdd8610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13179925603047686728/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 16:11:11 GMT
x-content-type-options: nosniff
age: 290951
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22765
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 16:07:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Mar 2023 16:11:11 GMT

GET
H2 200 peg_logger.js Show response
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 8F89 12 KB
4 KB 29ms
28ms Script
application/x-javascript 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js

Requested by

Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3404d30f1b9956025fd6221078b56ab9f3301a4af97ddaeb3ef8cc4a8bb88de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 31896
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Mar 2022 10:03:55 GMT
server: cloudflare
etag: W/"62399f0b-2ea6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 6f2c6db3ecac9baa-FRA
expires: Mon, 28 Mar 2022 15:54:32 GMT

GET
H2 200 pegtracking_combined.js Show response
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 8F89 30 KB
9 KB 24ms
23ms Script
application/x-javascript 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9007a72d0fa0a45bdb1ba8527cdfe7122636a3ae014d75d32ece4de4efea45b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32709
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Feb 2022 09:22:00 GMT
server: cloudflare
etag: W/"61fcf038-7633"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 6f2c6db3ecad9baa-FRA
expires: Mon, 28 Mar 2022 15:52:13 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 8F89 14 KB
5 KB 82ms
45ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID
Origin: https://singles.parship.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:23 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6f2c6db428ca9bb3-FRA

GET
H2 200 eum.min.js Show response
eum.instana.io/ Frame 8F89 24 KB
10 KB 72ms
21ms Script
application/javascript 2606:4700::6810:cc16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 01:00:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 7 Mar 2022 20:34:29 GMT
server: cloudflare
age: 572315
etag: 768077806--gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray: 6f2c6db4ccd65c44-FRA
via: 1.1 google

GET
H2 200 nvi Show response
singles.parship.de/nocache/ Frame 8F89 15 B
381 B 73ms
73ms XHR
application/json 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID&ref=https%3A%2F%2Fcf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com%2F

Requested by

Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:00:23 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/json
cf-ray: 6f2c6db47d399baa-FRA
content-length: 15

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C97 0
23 B 123ms
76ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8GlgTwg9QRsKGj9HduvU85enEDjZGhXZLWCz-u_Tn-2mQFnINjNvanofz05PsHd9AUGNE_D2LWMbX048hxtx1gmnxXHM4g9lZLU-o-67Nx4npmwKJrvne9bAjD2dx9yj6Kk30aLgAZeN-tr8OaEZrk5P2mhEB79SCKqiGGBjrYS3jo0sE2VFwvTlqy-t_NKv_I_k56LSFmYezDdcn9gOcyzqE-HhNvpk-SN_JP2IKre3q6YOvyEXwbDjCoxmr7TQkxOU2qbFfDkoi3xvtAg-IskSjhDJCfh-eoNWMPk5-vJ77b7va9PXz-11GG2AeSkPSQGseKOUDnwGTjzclE-Hf6AqIoiS1_y5Ug9ZcOUj_ifZZQzHEspNcPXj3-HpCIkh7GodHSTLoQou-qsXgQJJAhf7OrA8Pgvfwca3jmpdPvDwnVF2Kh6K499sM_Ltp9XzBxVgq23znKllbBQXIA2ycvCtkcvD4nE12vs-Pnhw25_U7ijqImjvb6Yypkg8-7O7ENw0UdIrvLBaXc9JIEAAwhw18hsS6PFh6plHDfPgQv1JsofMb_U5D-iK-_Yx-8knSvG0MURunQwi2Z2qnOQ2Ywgs2oZko2CC1PQp6FUPvPkYutFMo6LgKVIy-_pa7FLI5BoT8aHM9842NtoLxEnQoGTjXqFg1M3I95I9pFUqSjXCLeSELQhJ05wlJ-WEi0d2vACPNkaa6R8kYfsd8By_v3e7Mj5fg5yi54lJmLePddEL1AIlCDENmyPHdud8qyAFXy1me8p0kDZn9kHqW_lkM_8yiOOtWYEIcsKCTrywc1BJLsUgVvFunQtXK3KjaYpORk72tcuQHW-KtpODsKJ0MaR-nRezmzbPKorU3xKIvNvug29Vv0qlk9jav4vX9oqyEj8rqbEWbYJ64pbqutwhzgekFo3pxvtbKG4fcU9QOOWAQfBeWy_ntWDlNL4WU5wDKYTjyNDTaun1JMkKY35gRFjdALRyTch-9PjAAMPuaOd10UPdBpAcNN1d0vAwTktupy6Ct7OrNf0S88QrPc57SiQhEkIOYEM6pPgzpXcujvLBDj_qUPBHqeNd2NpJtQxc9Lb2mfaWLDzX092Yw0JYoDVNCa_3dqiW8TVVgh4QXQfOvd5VXq_PN7xTBzTV9BMc7NURQw8jpT6RY-uESPc19OWN9HRiDxCAONXprKJ4o1Wqs2TA&sai=AMfl-YR_HFWmU02tPlx5s5SUiFCxOcuEFyKx3PaV_tPjTMAkYJtxyOBY--kWoPdq9yGixmJCHoj1lsR6YjAYKPaA7QpFJIDaNpE-QGKAHN5438P3DNhvbMmvHQP89BmMHo-MQpjMYAWMv8-z6PKO5TX2halrAXiC4Ye3HE3YGs_E_TIIhf2NacegR9ALn9vyPZD5y-yvpsy_HLA8OMhPutTIFUxh7iPhRM2HUw&sig=Cg0ArKJSzEXw13elOCueEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=578&vt=11&dtpt=396&dett=3&cstd=180&cisv=r20220323.37217&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 01:00:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 rum Show response
singles.parship.de/cdn-cgi/ Frame 8F89 0
213 B 20ms
20ms XHR
text/plain 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://singles.parship.de/cdn-cgi/rum?

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-INSTANA-T: 37e3b6a660420f0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID
X-INSTANA-S: 37e3b6a660420f0d
Accept-Language: de-DE,de;q=0.9
X-INSTANA-L: 1,correlationType=web;correlationId=37e3b6a660420f0d
content-type: application/json

Response headers

date: Mon, 28 Mar 2022 01:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://singles.parship.de
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6f2c6db50dcf9baa-FRA
vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C97 42 B
64 B 122ms
76ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssebVfzRijrgwCXzDb6bdqqROVUnRH3Q9xUmqirXt00H79cTBg7d5EC2RMacnGlH38tLakT_EcNuLWD8kdOHn0SbIgEKmEBaLYbI-5tYnxiFHyICX84-w&sai=AMfl-YS4s3e6n3-GEN0lmbdyeclJ9D1_X5M8TxNs_jisUerz8zJda2ii4r4c8DKbGvpaKUO40jx5F_t58DJg27PDy7iZH49Huvs0aCWj3O6XlGd8OEYghpJpMIxuKYtt0-BD&sig=Cg0ArKJSzOxqBvsrsh3lEAE&cid=CAASKORoFZbSfQCJNacuE8yM0_kh9qgHpKeBranPhQ_Md5w4UG_ifThzqcA&id=lidar2&mcvt=1000&p=906,479,946,520&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1661103190&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648429222405&rpt=242&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 66EF 42 B
64 B 97ms
96ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGTdSu00_Ra1VzP0pces9Ia1xETy_7EEkbez0PhWzY-JUUZWBi7mwbY6lObVOH6Qj6YNc7TJ8CRKLvGoUmBufqnhtHnFuY4aOAN3Wc&sai=AMfl-YQdE5oAITVogKMOoh2eEORc57AbWgYkGoqp9rxPzKPFBB_2IzSPd-ZEfCUKkLugSQR0BruijOwO78Abdm5jV6s2uRSU9dtfzcqIbWXrRGAM2z_b23xdXSkMfbhNJvA&sig=Cg0ArKJSzFMfagXykcUPEAE&cid=CAASJ-RoYC9jcj51sSXU8Z6zumgUNJVUhZGHUpqygOahismc5igbzXrBqg&id=lidar2&mcvt=1001&p=1110,315,1200,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3781204470&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648429222123&rpt=572&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:00:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900010.redintelligence.net/ Frame 6A2E 0
150 B 34ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/viewability?s=25249300010051000710632011912010&a=6aa1efa2&vb=v
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=25249300010051000710632011912010&a=25be310e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/request_content.php?s=25249300010051000710632011912010&a=25be310e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:00:23 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK /
eum-eu-west-1.instana.io/ Frame 8F89 0
190 B 128ms
30ms Ping
text/plain 54.220.62.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-eu-west-1.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.62.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-62-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Mon, 28 Mar 2022 01:00:25 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ajuda.serasa.com.br/	1969-12-31 23:59:59	Name: __cfruid Value: 48afba25a6ff1f8b1d78cfb6fcccc3a38adbfd21-1648429219
.serasaconsumidor.zendesk.com/	1969-12-31 23:59:59	Name: __cfruid Value: f54b80ecd2b53a20e98a9ba34cdfc305ecf53fa5-1648429220
.serasa.com.br/	1970-01-20 19:25:01	Name: _ga Value: GA1.3.976883100.1648429220
.serasa.com.br/	1970-01-20 01:55:15	Name: _gid Value: GA1.3.54738021.1648429220
.serasa.com.br/	1970-01-20 01:53:49	Name: _gat Value: 1
.ajuda.serasa.com.br/	1970-01-20 01:53:51	Name: __cf_bm Value: szEFk85kZ3uG5Vg1m3xHBUF5re7lVfgN8OSa3uXp4m8-1648429220-0-ATHnLwn96q/CZqMqsFwrGqhQmSuRbK7WihMICBZHsZ80jMyPJomUSE3cAE4DV/4b0vT4GflvAq7J9GTgU+b2vd17ysQhgPxsCrQnyQbPKv+KjnllfwZD9pBd0Vi7qkk4Zw==
.serasa.com.br/	1970-01-20 10:39:25	Name: _hjSessionUser_2469592 Value: eyJpZCI6ImQ4NWQ5OTFlLTVlNDktNWE0MC04ZDI0LWU3NDJmYzZjYzM0YSIsImNyZWF0ZWQiOjE2NDg0MjkyMjA1ODQsImV4aXN0aW5nIjpmYWxzZX0=
.serasa.com.br/	1970-01-20 01:53:51	Name: _hjFirstSeen Value: 1
ajuda.serasa.com.br/	1970-01-20 01:53:49	Name: _hjIncludedInSessionSample Value: 0
.serasa.com.br/	1970-01-20 01:53:51	Name: _hjSession_2469592 Value: eyJpZCI6Ijg2NmQ0NDdkLWQ0MDItNDBkZi1iZmMyLTZhYWRlY2U5ZTg2MCIsImNyZWF0ZWQiOjE2NDg0MjkyMjA2MDQsImluU2FtcGxlIjpmYWxzZX0=
.serasa.com.br/	1970-01-20 01:53:51	Name: _hjAbsoluteSessionInProgress Value: 0
.doubleclick.net/	1970-01-20 11:15:25	Name: IDE Value: AHWqTUkS6SGLS52Hq9I2Afiy70TlgwAMXkM_yPt9Bsgkcrnc9tKnbpe9tsZzoNTrTHw
.doubleclick.net/	1970-01-20 01:53:52	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 04:03:25	Name: uuid2 Value: 7856954715574008638
.serasa.com.br/	1970-01-20 11:15:25	Name: __gads Value: ID=bbe3718f6d36ea5b-22f6f2b266cd000d:T=1648429220:S=ALNI_MYYyrJKU6W66V31jS6wPpks6jQznw
.casalemedia.com/	1970-01-20 10:39:25	Name: CMID Value: YkEIpgzmosZO2EIKW3ZtRgAA
.casalemedia.com/	1970-01-20 04:03:25	Name: CMPS Value: 3269
.casalemedia.com/	1970-01-20 04:03:25	Name: CMPRO Value: 1133
.casalemedia.com/	1970-01-20 01:55:15	Name: CMST Value: YkEIpmJBCKYA
.adnxs.com/	1970-01-20 04:03:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>6?=)>o!@wnfH8K6pQK`!5=E<*L5?%Lni.LYI1SH':/3`S:[([$Iie(CH9AEOgU>^r-%nugO%v4VB%nlS3)[Q08
.casalemedia.com/	1970-01-20 10:39:25	Name: CMRUM3 Value: 2d624108a62760CAESEPwVGI10dtjQml0Hdnq9f7E
.redintelligence.net/	1970-01-20 04:03:25	Name: 8lcfmzhxc8d6_uid Value: c5be346a61758bdb
.awin1.com/	1970-01-20 01:55:15	Name: awpv11524 Value: 296283\|1648429222\|72129120-ae32-11ec-92ce-2262d451ce16
.awin1.com/	1970-01-20 02:03:54	Name: awpv14098 Value: 296283\|1648429222\|7212b830-ae32-11ec-80df-22620e5fa6ec
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 429086:2519595
trf.greatviews.de/	1969-12-31 23:59:59	Name: ads_si Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%22722b2262-ae32-11ec-a177-00155d255900%22%3Bs%3A3%3A%22sit%22%3Bi%3A1648515622%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/	1970-01-20 19:25:01	Name: cjcookie Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj722b3df6-ae32-11ec-a177-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1711501222%3B%7D
trf.greatviews.de/	1970-01-20 06:13:01	Name: mcookie Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%22722b21f4-ae32-11ec-a177-00155d255900%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221648429222%25%255503284%25%25722b2140-ae32-11ec-a177-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1663981222%3B%7D
trf.greatviews.de/	1970-01-20 02:03:54	Name: ads_pu Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1649034022%3B%7D
trf.greatviews.de/	1969-12-31 23:59:59	Name: ads_ps Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 3eaxjdz3bi1zd00yvv0xwfuc
pb.media01.eu/	1970-01-20 19:26:31	Name: DTU Value: 7037D6134C9FF471EB1AA754F2BFDD2C
.singles.parship.de/	1970-01-20 01:53:51	Name: __cf_bm Value: .cHyaHEhzh2Sf55rT5b7qlIgX5eO3AsxNbovT7iZSBg-1648429223-0-AYAUmB/naYv5AM06/b48/WYUoPsQ7X2YnotaMawEhjZhsg5o4peEcoO7RboQWc6tgj/Do2ZRnmdq2hAb33Ttuiw=
.parship.de/	1970-01-20 02:03:54	Name: NVI_LC2 Value: 01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID_TS%3A1648429223
.parship.de/	1970-01-21 03:49:01	Name: NVI_FC Value: 01_100_60078_1026_0001_0001_empty_AF00ID_GV1648429222.5503284.722b2140-ae32-11ec-a177-00155d255900ID_TS%3A1648429223

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-server.eu
adapter.aivo.co
adservice.google.com
adservice.google.de
agentcore.s3.amazonaws.com
ajuda.serasa.com.br
apibot.agentbot.net
assets.zendesk.com
cdn.agentbot.net
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cf4bb89a5d435401e1e14942871e5956.safeframe.googlesyndication.com
cl.s11.exct.net
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
eum-eu-west-1.instana.io
eum.instana.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900010.redintelligence.net
ib.adnxs.com
medialead.de
p13.zdassets.com
pagead2.googlesyndication.com
pb.media01.eu
pv.medialead.de
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
serasaconsumidor.zendesk.com
singles.parship.de
static.cloudflareinsights.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
sync.teads.tv
theme.zdassets.com
tpc.googlesyndication.com
trf.greatviews.de
us-u.openx.net
vars.hotjar.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.16.53.111
104.18.70.113
104.89.28.165
104.92.94.3
13.111.71.12
138.201.63.145
138.201.63.149
142.250.184.226
142.250.185.130
142.250.185.162
143.204.98.118
143.204.98.123
143.204.98.29
143.204.98.39
145.239.193.130
2.18.234.21
2001:4de0:ac18::1:a:1b
2606:4700:440e::ac40:9c1a
2606:4700::6810:135e
2606:4700::6810:5614
2606:4700::6810:cc16
2606:4700::6813:b979
2a00:1450:4001:800::2006
2a00:1450:4001:801::2001
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:812::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:400c:c08::9c
35.244.159.8
37.252.173.62
45.55.193.240
52.216.98.51
54.161.229.54
54.220.62.151
54.76.176.197
85.239.105.10
88.198.250.30
94.23.99.218
006aabd877ee1ccdc2bd16cee536f4536a4f3981d9cb76ae6cfd1d3f25129a29
05ad3b768943f707a28a890757381563494068df29222c803cb43baba65488b3
062feb542f8f284e7b09eec7e0a1b230ef525b0ead09b1e69a4db24b8969c2d6
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1a64732de92fe691f38055f446c114cba9df7e63b2ccc35015e57c7513fc34
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127f03b6729e14e0ed48502ac5cb34ea1b858594f47dea8ea39e24034ec9f756
147081d0991bf7a44054f9336f60082a2af9637d551c3a02e1536ae292252a33
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1f41c1bfd9141177523d3ba40196be30dc3056fd1fdc5067eca64e9b1b915bad
1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
230352a2bb1ec34f0a4005fd454d2cc90b46eaf3450878a630d21c15dfaf2c9d
26186ef31ef35679017179c6639f347c58e4eb941ba9a262a4b8584dcb4e8ac9
26582cccfc6117c3c8756f1a2c088c92bdd81582a0e2c15ae95ebb2905bf1649
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
3053f072c299ba5c602a07e0ec60683caa8a28d999e9fae7d83f015e2666fc6d
30d8b7673f41672185843f69b79543c5eb50d57eecd92fdec573244a8e413ad9
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
38f0f720d7e01916df407c2f6b0d03e218ed06ba6dc9ff276f7f0e9da9d43a67
390861f36a9e59da2a87301f7c98ba3e3e445dafb76d2cc9aeea40363d349441
3beeb8bcd2546a3dfec7f869f4d81d5f586bc1bce14e946bff034c06bc1c4c3a
3edcd35f57ed9849a3f18522017d304c843e75d4c0195b763222ccb06b003313
40957d27fed2bba04337c6438999951366549151e222180d97c152950cc5990c
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
46f51dfa02a9f96c84032f9ba066f3881096781bc142b26c98a3e4b947566468
48a7dafc3dc6e75c331de0c900aedfa5fc0f245ecdd9ef3db24c08f4667a59c6
48f06ee1e5c731e2cb399cbb155bf6ddddf9e446b949908ea1a0f94860097903
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4a3445720b2c316afb1b17efa5b053f0f1043e1130a124a4c0abb1ee4a18ae9f
4a7d7e70d07f4fb61924549043591387482fc78cf67f6a1fbb80443d5a33febe
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
500058fb7383e26ae1a662be6abbb96b1343d9581f86c5c2c4ec9d121bb91ef2
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
5377b85929b89e53828ca9b7489ea8a9c4a112bd7384c8eadb38b8dea5df6983
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579
5c5a63a864325e51a1ac832da94644b4ec7d66b70626760014ef7bf8b65ec448
5eabb569720cf9db9f9f285e86cfbced49102d0b9ebc83ca30d3c36d59cd089a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6615824df86a250cb19a7d7c47e59e16ad38aa31e2ea7b25896ae4e354fb1c7c
66d301290c1e9b6e4c9732d4d200f8a33f750f97a75b734fcc82c2ee605b073a
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69d5de9468b67828570fedcb88c0672d010bfde363728b06882901d73c769819
69dbc7bb4fed3da648ee16c610ec89e007cf72cd550429fb5f9313c56c591ee2
6b45cbf3c734a35fd4463910676e6120b7324d94272b25ae07ef99e8f0ddd1ec
729cdc5b3af1b5f4ba11edb2dd9826302823362f6ce6743b1cff7dd3905dfb7e
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7cbbf4f3b18f5b1d0b06695d4063b5afd28fd8e9c6cf6d35c987b70c67771567
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
838823d4fc5054d84fbde32bbeb6cd22f18ea7d96edad521aacf170b0ebca411
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87d98603dabb39384e5aecd9614fe72adcf8f60670e5efc1262a2596b680a519
8b572cea301db8dd83844da95934a8e5bfaa4a4046e2523b91705098d595ef91
8fd6d97c5e1e295a7c66bceaff39daf165a8e65ae8a8dd7228443caaf05f2b50
9007a72d0fa0a45bdb1ba8527cdfe7122636a3ae014d75d32ece4de4efea45b4
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
944584b5d1459f2ad56770946a824af7ba15590cc0c35cecc068d1ce33b8cbdb
977f166f073c111c9d3eecd74de1e86e07727a88c21340d7412674d68a3d8983
97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26
9a039972b006b4e15619fbf1106b67083d1474334e1b0965968074c171513a9f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00627326bf236cb41fd6efc664fb7ef1e262bfda9035c198daee11df7f17ed6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f0c11a70973083a31465b27bd503c6cbcf216f208a2bde6862460a38cf01c9
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a37afa4795c0cede82ad0f73f60eafee5e13f6fb3d42a739354d9280966fe434
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79823d2f8bafee2203c97bc65c9ccd8db935bec598b3f66aa07b1874b282adf
a972b4d1cdb31c6ed98e2b2cdb37aeaf482dedf022c278e8579b44d545b87d8d
abbd3d9df6edb6982ac43bbeb61514366582e777e1b501e55f3f9071ffd15f68
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ab87b85f9b4fe02797c9ff8dafbded313b0bde855d1535678619b001be0ffa
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b57ce5cad52d8e8f44f7e03caaf5c533f03f5914ae2609a35602b09d136dc203
b826baf4b1c464fb6f997c20dd47e496f30a58d1efc8432e3b33fb0872a90862
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b9b0d892a7ba0fcd8978c74f8906064d9b5a991dd9f720b26e60ba92d202a1d1
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c4eca190c2b8e5b5f461a8aab435fb2890bc063ebeec9b673441db8922e61755
ce61e05539704fb07f314ebadf3e65416ffa784626a3cda98623b84c1cafefe1
ce8e6d6bbf0a18dbc3bc9e0ebf9854ca1342401af1117b9c493758a86286751a
cefac453b5d3c4986bd18c21d89fd310a320c4af95c0af4d0846501c0fb5e1c6
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815
d8473fb8053600b1ad240df8b4b26a09180c41cb32ca42b05f51d826bcdd8610
d998296e38625f0ff8db0905f3dd073c8665752dfa6c6b8e5b1dc62864fb92ef
dc477ab682fe2729d0dc4fadc416897b131f9209cef31fe5c8b675bdb99663e5
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6
e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391
e0d698c86182256bf48108d7ac3847b43b5c33f273075cd86061e8fdb7c6fadc
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b2128735e020a2505fa343f3086efdd46c702ee4401da138e6c5a22df7afc4
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e91580883163fbe1fe423dcd33eb855f8e3f558ec3b40770e1fb1e2a673fd238
e951b97967974edc90373c03310475fdccaa7dc588c26a1cef531468ee65ba8c
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3404d30f1b9956025fd6221078b56ab9f3301a4af97ddaeb3ef8cc4a8bb88de
f5cd0d0af73325ea04c9b99435d3d4018dc0a048a41987cc94fcf3eb8a06e698
f799149454b87ae89fc9de2ec87a238a75fa84b9d703ffc94c28ff85ba35f21d
f7ee839d3d5f8884a1a56018fb77499f9aeb3325e71ebcd7c323362e56389265
fba8081592823cd3fc4cf67ce7b816c03e9937eab2a96be9796d2b9c5bbad553
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe32d9e8c5b91d60410c08d8fa519796439792744528d5a01bde953a60428712
fe9000c6bb9ceb2b14e71f018a2dbed0ac8d3b572b2a932ba5f216841c3d6faf
ffd0f1a8998b84c05b08ff0e234e5b02d69f4fd5982def489be7dc36ed72b44f

ajuda.serasa.com.br Open in urlscan Pro 104.16.53.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

94 %HTTPS

45 %IPv6

34 Domains

51 Subdomains

44 IPs

7 Countries

2805 kBTransfer

6523 kBSize

35 Cookies

6 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ajuda.serasa.com.br Open in urlscan Pro
104.16.53.111 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

94 %
HTTPS

45 %
IPv6

34
Domains

51
Subdomains

44
IPs

7
Countries

2805 kB
Transfer

6523 kB
Size

35
Cookies

170 HTTP transactions
3 data transactions