utua.com.br Open in urlscan Pro
2606:4700:10::6816:329 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u26750888.ct.sendgrid.net/ls/click?upn=vn3YoinXTzXY3Rqu88Yf0N7G9N0NBBQybwUf4ct6CcZyJFHWkl13SKPz99hKqYQyvBalRe8WoGvfg9ys9s3...
Effective URL:
https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_...
Submission Tags: falconsandbox
Submission: On September 11 via api (September 11th 2022, 9:54:02 pm UTC) from US — Scanned from DE

Summary HTTP 126 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 126 HTTP transactions. The main IP is 2606:4700:10::6816:329, located in United States and belongs to CLOUDFLARENET, US. The main domain is utua.com.br. The Cisco Umbrella rank of the primary domain is 812515.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 24th 2022. Valid for: a year.

This is the only time utua.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.35 167.89.118.35	11377 (SENDGRID) (SENDGRID)
1 1	13.224.189.11 13.224.189.11	16509 (AMAZON-02) (AMAZON-02)
15	2606:4700:10:... 2606:4700:10::6816:329	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::ac43:bc23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.194.181 13.224.194.181	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:20e... 2600:9000:20eb:3a00:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.88 13.225.78.88	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20e... 2600:9000:20eb:4400:1e:3056:9b00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:7600:9:fddd:fc40:93a1	16509 (AMAZON-02) (AMAZON-02)
20	52.1.196.189 52.1.196.189	14618 (AMAZON-AES) (AMAZON-AES)
11	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
8	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
9	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
14	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:401... 2607:f8b0:4012:804::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
126	26

1 167.89.118.35 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net

u26750888.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.11 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-11.fra2.r.cloudfront.net

wizrocketmail.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:329 (United States)

ASN13335 (CLOUDFLARENET, US)

utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bucket.utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:bc23 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.begrowth.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
location.begrowth.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-181.fra2.r.cloudfront.net

d3rxaij56vjege.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:229 (United States)

ASN13335 (CLOUDFLARENET, US)

magicads.utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:3a00:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-88.fra2.r.cloudfront.net

d2r1yp2w7bby2u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:4400:1e:3056:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

wzrkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:7600:9:fddd:fc40:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.1.196.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-196-189.compute-1.amazonaws.com

data.begrowth.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4012:804::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	begrowth.com.br assets.begrowth.com.br location.begrowth.com.br data.begrowth.com.br	25 KB
19	googlesyndication.com e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 174 pagead2.googlesyndication.com — Cisco Umbrella Rank: 129	80 KB
16	utua.com.br utua.com.br — Cisco Umbrella Rank: 812515 bucket.utua.com.br magicads.utua.com.br	227 KB
14	ad4m.at ad4m.at — Cisco Umbrella Rank: 3248 as.ad4m.at — Cisco Umbrella Rank: 25297 assets.ad4m.at — Cisco Umbrella Rank: 32564	109 KB
12	adform.net track.adform.net — Cisco Umbrella Rank: 3442 s1.adform.net — Cisco Umbrella Rank: 6585	74 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	21 KB
10	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 stats.g.doubleclick.net — Cisco Umbrella Rank: 188	203 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	1 KB
4	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 21274 api.rudderlabs.com — Cisco Umbrella Rank: 10987	83 KB
3	wzrkt.com wzrkt.com — Cisco Umbrella Rank: 6258	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	88 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5202 www.google.de — Cisco Umbrella Rank: 3469	1 KB
2	cloudfront.net d3rxaij56vjege.cloudfront.net d2r1yp2w7bby2u.cloudfront.net	17 KB
2	gstatic.com fonts.gstatic.com csi.gstatic.com	45 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	11 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	1 KB
1	wizrocketmail.net 1 redirects wizrocketmail.net — Cisco Umbrella Rank: 131109	766 B
1	sendgrid.net 1 redirects u26750888.ct.sendgrid.net	804 B
126	18

	Domain	Requested by
20	data.begrowth.com.br	cdn.rudderlabs.com
12	utua.com.br	utua.com.br
11	www.google-analytics.com	cdn.rudderlabs.com www.google-analytics.com
9	tpc.googlesyndication.com	e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
9	securepubads.g.doubleclick.net	utua.com.br securepubads.g.doubleclick.net e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
8	ad4m.at	s1.adform.net ad4m.at
8	track.adform.net	e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com s1.adform.net
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	as.ad4m.at	ad4m.at as.ad4m.at
4	s1.adform.net	track.adform.net s1.adform.net
4	www.google.com	e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com tpc.googlesyndication.com
3	wzrkt.com	d2r1yp2w7bby2u.cloudfront.net
3	e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	bucket.utua.com.br	utua.com.br
2	assets.ad4m.at	as.ad4m.at
2	www.googletagservices.com	e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
2	api.rudderlabs.com	cdn.rudderlabs.com
2	cdn.rudderlabs.com	assets.begrowth.com.br cdn.rudderlabs.com
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	d2r1yp2w7bby2u.cloudfront.net	assets.begrowth.com.br
1	magicads.utua.com.br	assets.begrowth.com.br
1	location.begrowth.com.br	assets.begrowth.com.br
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	d3rxaij56vjege.cloudfront.net	utua.com.br
1	fonts.gstatic.com	fonts.googleapis.com
1	assets.begrowth.com.br	utua.com.br
1	cdnjs.cloudflare.com	utua.com.br
1	fonts.googleapis.com	utua.com.br
1	wizrocketmail.net	1 redirects
1	u26750888.ct.sendgrid.net	1 redirects
126	33

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-24` - `2023-06-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.rudderlabs.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
wzrkt.com Amazon	`2022-04-06` - `2023-05-05`	a year	crt.sh
data.begrowth.com.br R3	`2022-08-16` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
Frame ID: 507F4E68549970E45C9B5935E2764890
Requests: 64 HTTP requests in this frame

Frame: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3CC0FA65487EE63B3D89827F38DBC34D
Requests: 1 HTTP requests in this frame

Frame: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4D57A9AF9119F5D383FA94376186BB09
Requests: 20 HTTP requests in this frame

Frame: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A2E25AA66A353FAB77C729A6B7E1E8E3
Requests: 17 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C7CF88AA0F31C330128799DBEB4B7B69
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 586B4B2302BF013917F1F6C68C0ED162
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=36040&b=xEgtQfEK7zTm8XhPHWtrHQt3WXtJT6TM2uA&f=YxqtrfzXW2uQKpTVH8t3HgC1e2TAT1TXqar&c=300&d=250&e=&g=27ee22f0da2db1212c471d033eeb9bfd%2F18235752709799787591&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1662933241277&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCFJ6n-FgeY6DvJ5SV7_UP8caekAjz2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBPABT9B8Xgt5QyulNyG1bzrtrrNDeScQo241I91VTx_al8M4B2n1SpON0QuA76Cl6-DqKAy4ffPSuBFtjdPBbcW5wueAiJScaiysdNPthMM1w1vzuPAVzcxRE55WzqVkpeozcdHzcGNFV3BbVyT0-Ch6snD0KJJ2EklRi8KaM3Vf08DgNTv5xLLf6_RwqVgHbIgV03-O6yKZDCax05DVfcJ5leG8oZqttIUAfO6GgJYpZxsEsfcamWpuVhGBYFduu0gu9dcXS7moY3DzPUhlzl811iSwy7PEoS1ABfiFlQI_DGtFOVMANhcCniKkBClEXcgT4AQBgAbuqZ2Am5-UpGCgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0aYGukx3dX-nOYREtorX8zIRLS9Q%26client%3Dca-pub-1757064723917999%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYx5Y-AAJ96AIu8qUAAejcSVhcpaRZUk9CMbg8g%3Bcrtbdata%3Dv4NggfA3el86mZC_iaQ0y0wyii_nbxlFPZjadiFUMiGdzW4nROmqhT2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcnoIIoYHMuKWKs2MQTjyB-pBvIpvbRTD5pq87iUPvws_S1z0UFkcNjzFUldP7bQ9LwNm3ypN9VbUf3r6L-ht9PUXgrwM8x8c-yOhSJNN0f3YZu0OGqyw-wkj4uAQxCSl-YTZEtk_ZzGKO9cE-jHfeNRlWxwe12PhdfeV8ocKX-D6u0UCs-WEGVSZxlCL2GGQr2ylxoXiQpB3FRd96AjFir8lk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYTpUft1a_OvQNSSuOltCu2cG0D56DGhTVkCsz7VyAVP9CvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTuPDObXMBx2222dgZCtqWIyt2IW6RsUL961wQzE2-sscYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252futua.com.br%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: E4F350E3E34B72EDB19887D77943DD9B
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=36036&b=QxZt4fY4xQf6eAaxH8tRHGtpkqFDT4TeAsV&f=2b9F6f6dKmFV5GCVH6tbHwCAdpTWT7TRPFg&c=970&d=250&e=&g=b39675a7bada8f6aecf59ce195108942%2F6788473861955862468&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1662933241280&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCZFIc-FgeY_qxEaO49u8PgIu2kA3z2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBOABT9D6GA9h7jP_HyddI1qMZY6g04PJLOCigLykqNOwNk8N8sbFQByq3r5ZK48AzQflEj3OAFN-kiT9xjFJkNI2giEcaaLz86YM66jAXBZ6N-sQC7JPrLJpkFLjD2GwO5WjIg3pS8r9D5GPcD83KDeTVvtjMZF6f2WjnvJYHyjP3pkw0ttSFKMfvltWv86-B2Corbwp0bYy0HJT-lyrLxwBiqICTHASUATU0CKhmte8wxcuBHBseohW0fqigEfMtHdLMKiXkEe-5iTe_Mde87jPSBe22jQDwol4LrBfpyG8bxLgBAGABoT38Zv31pn7GKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12hHhIUGGR5zV7j4i_TxRGh7RhRw%26client%3Dca-pub-1757064723917999%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516434%3Bcrtbwp%3DYx5Y-AAEWPoH_ZwjAA2FgBnD1_mPoypP-eyqWA%3Bcrtbdata%3Dv4NggfA3el86mZC_iaQ0y5DlZyT3RRYmGredqddfAhjKPrNzB1Lu-z2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcni6pvBaWjgIbteP4IImAheXAbbnJ6-Ls-7XWQnbJVLYa1z0UFkcNjzHbTY4_PXpWBBty39rJP9poKpAOklTTLgsaTZ73-kfppSy6e9Gg2ecgdNNL5Nv_PASgriyYoGq63HI6CXtA3M_xgmsiRjpypoJXiH5CVNsSmO6hl5fH8xitGJnNRNpWJ0FR4qskzUN7EaJjdfnOlL1K0%3Badfibeg%3D0%3Bcdata%3D7VisvzeG6HbpUft1a_OvQLpB23N9unN5YKZnz3Jm23ReNL6-L_c_4ivZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVG22dgZCtqWIwqxboTXJiM5WdqqKfKEJgcYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252futua.com.br%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: C73A885D11DB067C5DE0993418EAC391
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59D25740444677C3EBC534EA7DC78273
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E9BF58FBBEB42EB325E73D344C3FD09A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Préstamo personal Banbajio: la forma más rápida de obtener un crédito - Utua

Page URL History Show full URLs

https://u26750888.ct.sendgrid.net/ls/click?upn=vn3YoinXTzXY3Rqu88Yf0N7G9N0NBBQybwUf4ct6CcZyJFHWkl13SKPz99hKqYQ... HTTP 302
https://wizrocketmail.net/r?e=K2IAfh8GB256CAV9DSZjewUEAQFnbWY1KSQlNUxOAARgbmJ%2BZ21mN3JwQlEkKTskOQUxJF... HTTP 302
https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-ut... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

126
Requests

100 %
HTTPS

70 %
IPv6

18
Domains

33
Subdomains

26
IPs

4
Countries

988 kB
Transfer

2562 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u26750888.ct.sendgrid.net/ls/click?upn=vn3YoinXTzXY3Rqu88Yf0N7G9N0NBBQybwUf4ct6CcZyJFHWkl13SKPz99hKqYQyvBalRe8WoGvfg9ys9s3XFTsRjVB5Sd8OVyzN-2Fw8UFEs6eZazryhsKl5XTu1vo9PvE6YWnQHZs1P3oCJkhQyB-2BoAhn0lLb-2FsnACaUlCJJLXivenMrj-2FYVmA8gl-2FPrQYeh55PDpuy8OKskg0zZbU091sqWYz18Ny7TI1HLfu-2BSDiAxQFsVBCYCHMX3H-2Fnm6E8uSXXQS0xYM71gZ-2BwThMEZx5J5Pibx3Q-2FFbCy1TCPfsjxcgmwYGg2edq6CUv8koryLnjDuGPZKBHgVGwMrX0-2Bklp0A6MIYMEeodqktG72bBwg6a0G9q-2FKdU70FQiHB7xSX0dtOS-2BFg3FNX1ZrZEJNPtuYL-2BF1lnyzfme4Lkhr5KZfTBWrRKWD1rPReCPppjIhdCLyYf38dZJPTkzwckVTnuG3qN23zK2G5FQrqLR2WD9dU5QI3c32Yb6MwijJbM9IyYpBPMep4-2BkgvYF92Y0IZWMbqPuBvhwlxZHl3aGdGltIeo0GygTEzck5EjUJhVB-2FU8GwMirz-2BM5hZGV9oEkeh3Zh3YplV3KkHN-2BWxid7M6UCoMW50gNrbePZ-2BsD79PdO8Z-2FXamVcJ1wRCb7j5noXn-2BnRriVeeTTTNm4aVc-2BXAwTXj7CkZLY2CvbkB4AK9UfexJAtniuVgdXohLmtIfYJhb1DPf-2B7Hy0MtWRk-2FA0mphF6Ecop-2B2PtOzqY92in8GreN2Tr789-2B7dJ2F01XbkyMRIrQ9gdqZ6VIW1oqKhpqGNA6mF3tv5hQArZkxYLvOzzVeKJhU_6XxCFDhp8l2GcZSq6cn5qN7eJlZN-2Flmk1PgRIiEnx6tSRJglb1xOYiI9o6pvj4aogaCf3QDP-2BW-2BhzboK-2BfUaavWXZwiYTpTo-2FPYGzFyhLN6gDjLYJe-2BlAsFfmNVKJ3l2CZVNXv6t-2BQQvOuBhmxE2U86RttTaqxJCweJcXsUdCl4q7UIdN6TiO0GvVo8goxzi5jJuo46ZVyA6R4f75VTiqfwqdnUKHmEo8I1Ycv-2Bi3TmdzJ-2FqLc6wqJKm2MO3RhrxiPvijkJDfa-2Fh4WOYet4557GEnMa1OsofelcuYqCeqBtU7TAoT6ITejh3TjAKZ5vlFQ6-2F7CR5boDV4n4LIqPU6rhcIjg1vIFwAmk3T4p1QK1UGgU6ON4XgTkYeKKTe5zMGPXmCNlb7jW-2FaDmOIis7dlm9IZI2xufZxacNpAnbgGs8ycwaEZfPae7JZFiCnUCyB8PiGNt1jgd-2BCl049olGQlN-2FgQ9tLfU31ZC5bARz3O-2FQAD6sI-2FhSHVkTuqOKzhcc HTTP 302
https://wizrocketmail.net/r?e=K2IAfh8GB256CAV9DSZjewUEAQFnbWY1KSQlNUxOAARgbmJ%2BZ21mN3JwQlEkKTskOQUxJF1bWFEXGi56Kz8kLlxETXo4LjstPjkzP1tfXxQUNjsoPD82N0kSRk4lMQ0iM3hoaQMGBwZjY2Z%2BZW4NeQICAwRuamVpe3glMUBbbkQ%2BLD0%2FdWBwPEhCWmszPzQqIjYmaU8%3D&r=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231%26an_uid%3Decfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804&c=716073216&token=BldTCARXBggBBg%3D%3D&try=1&$follow_redirect=true HTTP 302
https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

126 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
utua.com.br/mx-emp-banbajio-p1/
Redirect Chain

https://u26750888.ct.sendgrid.net/ls/click?upn=vn3YoinXTzXY3Rqu88Yf0N7G9N0NBBQybwUf4ct6CcZyJFHWkl13SKPz99hKqYQyvBalRe8WoGvfg9ys9s3XFTsRjVB5Sd8OVyzN-2Fw8UFEs6eZazryhsKl5XTu1vo9PvE6YWnQHZs1P3oCJkhQyB...
https://wizrocketmail.net/r?e=K2IAfh8GB256CAV9DSZjewUEAQFnbWY1KSQlNUxOAARgbmJ%2BZ21mN3JwQlEkKTskOQUxJF1bWFEXGi56Kz8kLlxETXo4LjstPjkzP1tfXxQUNjsoPD82N0kSRk4lMQ0iM3hoaQMGBwZjY2Z%2BZW4NeQICAwRuamVpe3g...
https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd6...

162 KB
52 KB

196ms
140ms

Document
text/html

2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

349405c2a3831fd7da43d8b62000a12c810cc40be467d86105d241d49462ed74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=300
cf-apo-via: origin,host
cf-cache-status: HIT
cf-ray: 7493a3aa3bf1917c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 11 Sep 2022 21:53:59 GMT
expires: Sun, 11 Sep 2022 21:52:50 GMT
last-modified: Sun, 11 Sep 2022 21:52:50 GMT
link: <https://utua.com.br/wp-json/>; rel="https://api.w.org/", <https://utua.com.br/wp-json/wp/v2/posts/18052>; rel="alternate"; type="application/json", <https://utua.com.br/?p=18052>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: X-Forwarded-Proto,Accept,Accept-Encoding
x-powered-by: PHP/7.4.30

Redirect headers

Cache-Control: no-cache, no-store no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Sun, 11 Sep 2022 21:53:59 GMT
Expires: 0
Location: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
Pragma: no-cache
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ll9v5Y1NbGxvcs40SL9BU_RZKjbNTVRnlPP5mLeXYUWF9kA2gbNKqA==
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
X-Frame-Options: SAMEORIGIN

GET
H2 200 style.min.css
utua.com.br/wp-includes/css/dist/block-library/ 81 KB
11 KB 124ms
122ms Stylesheet
text/css 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4

Requested by

Host: utua.com.br
URL: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Sep 2022 06:22:17 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 7493a3ab4eb3917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 11 Sep 2023 21:28:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 132ms
45ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40400%3B700&display=swap&ver=5.9.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Sep 2022 20:07:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 11 Sep 2022 21:53:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Sep 2022 21:53:59 GMT

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 69 KB
11 KB 63ms
21ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css?ver=5.9.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9925225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10277
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-1137b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlRoDjjTK%2FW10zO96sUIud2x8ziNH6XZuOIXgPA46W0%2FFFHVHYgoTXMuBcAgCHGTT7I8DQ7aiwRGIKcHzV1oG8JIO7cIBfj7iq1Qqb5Bkxwn0g2%2FvXPXHUJIDkbDuUs2nI5YdooRPC8cNByIo1eJeuu5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7493a3ab8d999948-FRA
expires: Fri, 01 Sep 2023 21:53:59 GMT

GET
H2 200 style.css
utua.com.br/wp-content/themes/clean-n-beauty-theme/ 65 KB
12 KB 144ms
143ms Stylesheet
text/css 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style.css?ver=11092022185250

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec2d5f704f530c141a42502b8ae1f99cbf410a28a5f67c0b86fc655285fd32d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Sep 2022 06:22:16 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 7493a3ab4eb4917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 11 Sep 2023 21:52:50 GMT

GET
H2 200 style-mobile.css
utua.com.br/wp-content/themes/clean-n-beauty-theme/ 15 KB
3 KB 129ms
128ms Stylesheet
text/css 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style-mobile.css?ver=11092022185250

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f31ee3bea961cdb081adb0902356efcb2c08b744b0ae4fdb00fc480795f829

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Sep 2022 06:22:16 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 7493a3ab4eb5917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 11 Sep 2023 21:52:50 GMT

GET
H2 200 jquery.min.js Show response
utua.com.br/wp-includes/js/jquery/ 87 KB
31 KB 140ms
139ms Script
application/javascript 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Sep 2022 06:22:17 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 7493a3ab4eb6917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 11 Sep 2023 21:39:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
utua.com.br/wp-includes/js/jquery/ 11 KB
4 KB 134ms
134ms Script
application/javascript 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Sep 2022 06:22:17 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 7493a3ab4eb7917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 11 Sep 2023 21:39:16 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 148ms
48ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

d466a4b2b852286223f23f149a78587be16f7b24eb507fa9268bcccd6d60bc0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28684
x-xss-protection: 0
server: sffe
etag: "1331 / 848 of 1000 / last-modified: 1662761167"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 11 Sep 2022 21:53:59 GMT

GET
H2 200 9cee88ca-icon.png
bucket.utua.com.br/img/2022/03/ 1 KB
2 KB 113ms
30ms Image
image/webp 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2022/03/9cee88ca-icon.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8620531ddf40f9b732bbf3674516f4bf32f209c5403380ff2d7d456a291ef770

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2841
x-guploader-uploadid: ADPycduz4-Sf7nQww8WAL5Eb5WaP2IVs9kz9-Zp7JQ_60VZ4vNWPjYPfP2V42ui249Fv5eMouoVtME-BTuMYuM6tWBgjuL0AxFSJ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 15312
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="9cee88ca-icon.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1080
x-goog-meta-height: 64
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 12 Sep 2022 07:09:20 GMT
last-modified: Wed, 09 Mar 2022 21:23:50 GMT
server: cloudflare
etag: "86f94356542b615039edf075d053c7a6"
vary: Accept
x-goog-hash: crc32c=9HpwKA==, md5=hvlDVlQrYVA57fB10FPHpg==
x-goog-generation: 1646861030010508
content-type: image/webp
x-goog-meta-width: 132
cache-control: public, max-age=691200, must-revalidate
x-goog-meta-source-id: c68da69b99674873c1c1950a88e96835
x-goog-stored-content-length: 2841
accept-ranges: bytes
cf-ray: 7493a3ace89e917c-FRA
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 a5c666ac-favicon2.png
bucket.utua.com.br/img/2022/03/ 872 B
1 KB 115ms
32ms Image
image/webp 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2022/03/a5c666ac-favicon2.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691171b5764dfbadde30c21093afb347c83532080d764d8b1396a133f6828a00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2144
x-guploader-uploadid: ADPycduU8kvAmWgxqcjM98Id5nMozF_TGL2Y-39LdRCdwYj2xlCBZ1ar16KgN5i90GqfOUotIIYG8qgh-WZjj8-wI-lTKA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 15313
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="a5c666ac-favicon2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 872
x-goog-meta-height: 84
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 12 Sep 2022 07:09:20 GMT
last-modified: Wed, 09 Mar 2022 21:28:10 GMT
server: cloudflare
etag: "56f4936cc0ce436c0195325de8e378f0"
vary: Accept
x-goog-hash: crc32c=gNU6mw==, md5=VvSTbMDOQ2wBlTJd6ON48A==
x-goog-generation: 1646861290115134
content-type: image/webp
x-goog-meta-width: 85
cache-control: public, max-age=691200, must-revalidate
x-goog-meta-source-id: 6002bbb2892984438019950df995e524
x-goog-stored-content-length: 2144
accept-ranges: bytes
cf-ray: 7493a3ace8a1917c-FRA
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 089be692-220d-46c7-b1be-a49881f30f11-442x272.jpeg
bucket.utua.com.br/img/2022/06/ 19 KB
19 KB 812ms
730ms Image
image/jpeg 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2022/06/089be692-220d-46c7-b1be-a49881f30f11-442x272.jpeg
Requested by: Host: utua.com.br
URL: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9951fe6f113c0f855a8aeb5cdea863818fde99cb975f9429a58386e95e96e3c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:00 GMT
cf-cache-status: MISS
cf-ray: 7493a3ace89f917c-FRA
x-guploader-uploadid: ADPycdubatNI_-2mp6UEDo2tukHHoc2HO0wTEx1X-v0GPUaaYWFsD69REICVH5rFuwAzMljAQ1A6z638CJpx-5rIuJ1fz4iB0i3Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Wed, 01 Jun 2022 13:13:51 GMT
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18997
x-goog-meta-height: 272
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of: 18061
server: cloudflare
etag: "1695343a60c3a7bfd64fd7d458fb39a7"
vary: Accept-Encoding
x-goog-hash: crc32c=sxWzRg==, md5=FpU0OmDDp7/WT9fUWPs5pw==
x-goog-generation: 1654089231381372
x-goog-meta-width: 442
cache-control: public, max-age=691200, must-revalidate
x-goog-stored-content-length: 18997
accept-ranges: bytes
content-type: image/jpeg
x-goog-meta-size: img-442
expires: Mon, 12 Sep 2022 07:53:59 GMT

GET
H3 200 email-decode.min.js Show response
utua.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
871 B 11ms
10ms Script
application/javascript 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 17:30:56 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"631783d0-4d7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7493a3ac3e59994e-FRA
expires: Tue, 13 Sep 2022 21:53:59 GMT

GET
H3 200 custom.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 3 KB
1 KB 117ms
117ms Script
application/javascript 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/custom.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db03e6f154c3d21ddc377c6089ea1e200d9e7ea52fa793d827d85cef115d4d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Sep 2022 06:22:16 GMT
server: cloudflare
cf-polished: origSize=9836
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Mon, 11 Sep 2023 21:41:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 7493a3ac3e69994e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H3 200 LinkDinamic.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 602 B
597 B 119ms
118ms Script
application/javascript 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/LinkDinamic.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c3f6db6f21ccdac1602281d3d4b876489550b7970fca91d8205d0d0b451af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Sep 2022 06:22:16 GMT
server: cloudflare
cf-polished: origSize=877
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Mon, 11 Sep 2023 21:41:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 7493a3ac6eac994e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H3 200 wp-emoji-release.min.js Show response
utua.com.br/wp-includes/js/ 18 KB
5 KB 121ms
121ms Script
application/javascript 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Sep 2022 06:22:17 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 7493a3ac6eb4994e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 11 Sep 2023 21:33:25 GMT

GET
H2 200 bganalytcs.build.js Show response
assets.begrowth.com.br/scripts/analytics/ 81 KB
22 KB 372ms
253ms Script
text/javascript 2606:4700:3037::ac43:bc23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.begrowth.com.br/scripts/analytics/bganalytcs.build.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11e264078b65f7b787006eb9c316d9d92706a8e29e8c4ba3fd6ac37593257d67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash: crc32c=F2ddUA==, md5=cnRiqoKLI9DsBWfCfxS2sA==
date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=83326
x-guploader-uploadid: ADPycdsHd7AhCVdn27AF-g3Bx7-s45IWnGd_hx0bozcWzHQoWcP6lv0i5hfLep_LWtMXDJSfT2L_EhwcgV1W9B_e3TBN2g
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Sep 2022 21:55:59 GMT
last-modified: Wed, 17 Aug 2022 00:28:41 GMT
server: cloudflare
etag: W/"727462aa828b23d0ec0567c27f14b6b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtNlQBA%2B2OA5tU599JclC%2BNOmyIeNLLf9UigGU7TXBZamByTKQ1PIHppXmZJy3PeAdy5Aau1DWwyv0NQFB52xrtHi%2FLl08h9dFFusfNcGMebjKULQOfNqV1TFFTQiscBGCxvdEn9W2yzL%2Bq27jeEqz1CEy4N"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1660696121194188
access-control-allow-origin: *
content-type: text/javascript
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
x-goog-stored-content-length: 83326
cf-ray: 7493a3ad2a529076-FRA
cf-bgj: minify

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 125ms
43ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40400%3B700&display=swap&ver=5.9.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://utua.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 529415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 18:50:24 GMT

GET
H3 200 fontawesome-webfont.woff
utua.com.br/wp-content/themes/clean-n-beauty-theme/css/fonts/ 82 KB
82 KB 128ms
127ms Font
font/woff 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/fonts/fontawesome-webfont.woff?v=4.5.0

Requested by

Host: utua.com.br
URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style.css?ver=11092022185250

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c812ddc9e475d3e65d68a6b3b589ce598a2a5babb7afc55477d59215c4a38a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style.css?ver=11092022185250
Origin: https://utua.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Sep 2022 06:22:16 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
content-type: font/woff
cache-control: max-age=10368000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 7493a3ac8ee0994e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 09 Jan 2023 21:39:06 GMT

GET
H2 200 serialize.min.js Show response
d3rxaij56vjege.cloudfront.net/form-serialize/0.3/ 1 KB
1 KB 38ms
7ms Script
application/javascript 13.224.194.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rxaij56vjege.cloudfront.net/form-serialize/0.3/serialize.min.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd5127d88d20bfc74fb94869e2026ddfbb9119934c6b441b12ed7762a948a702

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:08:56 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Mon, 02 Nov 2015 22:04:54 GMT
server: AmazonS3
age: 71104
etag: "7d3e5f83849d8d66381fd41ac97eb5a1"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1197
x-amz-cf-id: DhAnhdlDIS678ccBtvcUWfsuC0Dd3XFrxo1qrAHnMW1n2GxHBeXYgw==

GET
H3 200 child_units.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 2 KB
1 KB 117ms
116ms Script
application/javascript 2606:4700:10::6816:329
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/child_units.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:329 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acce8d1e47e808659891d8811a64419dd584488e62e93e2067c1f71fbba071ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:53:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Sep 2022 06:22:16 GMT
server: cloudflare
cf-polished: origSize=3335
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Mon, 11 Sep 2023 21:47:59 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 7493a3ad3fce994e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H3 200 pubads_impl_2022090601.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 93ms
31ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 17:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133157
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 08:35:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 11 Sep 2023 17:43:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 113 B
120 B 135ms
68ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

4c9792bcdbc162a494c34a806d36fe0cda555b443f784d59949d255bb94f33de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Sun, 11 Sep 2022 21:54:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 153ms
49ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 142ms
46ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 332ms
332ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=760680257519951&correlator=3769434242029888&eid=31069331%2C21068766%2C31068528&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fif&iu_parts=21862753527%2Cutua_desk_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90%7C970x90&ifi=1&adks=3076446341&sfv=1-0-38&fsapi=false&cust_params=request_uri%3D%252Fmx-emp-banbajio-p1%252F%26utm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231%26placement%3Ddirect%26hour%3D21%26dayshifts%3Dnight%26post_category%3DEmpr%25C3%25A9stimo&sc=1&cookie_enabled=1&abxe=1&dt=1662933236506&lmt=1662933170&dlt=1662933235803&idt=623&adxs=250&adys=83&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&frm=20&vis=1&psz=1100x10&msz=1100x0&fws=4&ohw=1600&ga_vid=220397642.1662933237&ga_sid=1662933237&ga_hid=1019481331&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a9868ccb1023699102785a742e8f7a62f8ed1bcdd4533b729eb48aa294e8c1c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10288
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3CC0 6 KB
4 KB 176ms
44ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 21:54:00 GMT
expires: Mon, 11 Sep 2023 21:54:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 583ms
582ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=760680257519951&correlator=3769434242029888&eid=31069331%2C21068766%2C31068528&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fif&iu_parts=21862753527%2Cutua_desk_content&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C480x320%7C336x280&ifi=2&adks=769964902&sfv=1-0-38&fsapi=false&cust_params=request_uri%3D%252Fmx-emp-banbajio-p1%252F%26utm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231%26placement%3Ddirect%26hour%3D21%26dayshifts%3Dnight%26post_category%3DEmpr%25C3%25A9stimo&sc=1&cookie_enabled=1&abxe=1&dt=1662933236518&lmt=1662933170&dlt=1662933235803&idt=623&adxs=260&adys=772&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&frm=20&vis=1&psz=730x0&msz=730x0&fws=4&ohw=1600&ga_vid=220397642.1662933237&ga_sid=1662933237&ga_hid=1019481331&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a194158b2beeaa87a20e2ee945486a6a0955c257220833b8ee59f271ccc80321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 454 B
270 B 418ms
418ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=760680257519951&correlator=3769434242029888&eid=31069331%2C21068766%2C31068528&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fif&iu_parts=21862753527%2Cutua_desk_sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600%7C300x600&ifi=3&adks=228666452&sfv=1-0-38&fsapi=false&cust_params=request_uri%3D%252Fmx-emp-banbajio-p1%252F%26utm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231%26placement%3Ddirect%26hour%3D21%26dayshifts%3Dnight%26post_category%3DEmpr%25C3%25A9stimo&sc=1&cookie_enabled=1&abxe=1&dt=1662933236525&lmt=1662933170&dlt=1662933235803&idt=623&adxs=1030&adys=428&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&frm=20&vis=1&psz=328x10&msz=328x0&fws=4&ohw=1600&ga_vid=220397642.1662933237&ga_sid=1662933237&ga_hid=1019481331&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

713501520173bd17a3a17675d7c4cac65a1257a5d93bd6f3daaa28c202327a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
location.begrowth.com.br/ 179 B
634 B 80ms
28ms Fetch
application/json 2606:4700:3037::ac43:bc23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.begrowth.com.br/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/scripts/analytics/bganalytcs.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a4103d605654affe513d99d1754f9b3c7cae058370f2b1b3813fcb278823b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mix1KEuV5q1qxu3I3LGVq5sZC6ZkylvP7fO9p4PZYZ%2B2r1La%2B%2B5w6HvnJEyvmSiazoVbpTqDy69wTAf1w1qDCmlOvQIQZjy6TP1ZfZr5MXXAhwoRILXQg%2BjV6hlXm8Xj1py4KLOAbG98Pmg9Itu566v039QjByg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7493a3b02e699bc8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
magicads.utua.com.br/ 176 B
373 B 369ms
327ms Fetch
application/json 2606:4700:10::6816:229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://magicads.utua.com.br/?url=utua.com.br/mx-emp-banbajio-p1
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/scripts/analytics/bganalytcs.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec93d00091cdbf7d40580b6119e8adeb7c9ef1e6601d67a61faaeaa6de5bc12d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: br
x-apikey: 59a7ad19f5a9fa0808f11931
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-apo-via: origin,host
cf-ray: 7493a3b01e3f9b64-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v1.1/ 116 KB
38 KB 61ms
24ms Script
application/javascript 2600:9000:20eb:3a00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/scripts/analytics/bganalytcs.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc29526cb408acb158b88ebbbfecd9312172fad0fe424979a48c8c5268a694b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:04:12 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 12:08:20 GMT
server: AmazonS3
age: 2989
etag: W/"b87da4b95af4674c2113d3c4f3793b0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: hucbQIZzErpCqmid_aOlq6rr6OuRKxYIn_DzHkkTRF1JphkN0GhBrQ==

GET
H/1.1 200
OK a.js Show response
d2r1yp2w7bby2u.cloudfront.net/js/ 45 KB
15 KB 35ms
9ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/scripts/analytics/bganalytcs.build.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-88.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a69dcd566deb9aa452447b8c0ab461f1a8194d91e96f44e9ea8cecba1549054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 21:51:15 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 26 Nov 2021 12:38:11 GMT
Server: AmazonS3
Age: 168
ETag: W/"302b621b546dd41b7010d10f46b1937a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 df26103dc140569d7032449c70c3b140.cloudfront.net (CloudFront)
Cache-Control: max-age=1800, private
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: 8X6ZtcpSAFUa_Y2sFOlaY653sKu1aRNUX_C6j1eC0ivT7noGl1h8Mg==

GET
H/1.1 200
OK a Show response
wzrkt.com/ 290 B
816 B 72ms
36ms Script
text/javascript 2600:9000:20eb:4400:1e:3056:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wzrkt.com/a?t=96&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIABwAlAKwBaAGxSAWhJEB1OSAJQA5ggCMXIAA%3D%3D&optOut=false&rn=1&i=1662933236&sn=0&useIP=false&r=1662933236607

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4400:1e:3056:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bcaa2abb4fb59ca9390be17b12bd80c46f2214dd39f913b8fcf48a2f19628d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Sep 2022 21:54:00 GMT
Via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
Vary: Accept-Encoding, User-Agent
X-Amz-Cf-Pop: FRA2-C1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
X-Amz-Cf-Id: rT0kDSHvezMnWIwkETVxioeb3juZnYGFObU1u0INLOBo1_dI036X8A==
Expires: 0

OPTIONS
H2 204 /
api.rudderlabs.com/sourceConfig/ Frame 0
0 50ms
11ms Preflight 2600:9000:20eb:7600:9:fddd:fc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderlabs.com/sourceConfig/?p=cdn&v=2.13.0&writeKey=26aBWGH2pRWvMHiAFbZ47ckuRUF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7600:9:fddd:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
age: 185
date: Sun, 11 Sep 2022 21:50:55 GMT
vary: Origin
via: 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id: NiHib_xXBtRsZ5hjJmEIWG3jVkw6pJT1WVbKtN-CJ9Zs9hdpm-dyIw==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-request-id: cfff6340-321b-11ed-8860-a7cafeac5adc

GET
H2 200 / Show response
api.rudderlabs.com/sourceConfig/ 19 KB
20 KB 15ms
15ms XHR
application/json 2600:9000:20eb:7600:9:fddd:fc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderlabs.com/sourceConfig/?p=cdn&v=2.13.0&writeKey=26aBWGH2pRWvMHiAFbZ47ckuRUF

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:7600:9:fddd:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6808e98c22003f91e778bf2188d616a2711377fa68726ca8bdc822cc8914a0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: Basic MjZhQldHSDJwUld2TUhpQUZiWjQ3Y2t1UlVGOg==
Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:50:56 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 184
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
vary: Origin
content-length: 19847
x-xss-protection: 1; mode=block
x-request-id: d038c2c0-321b-11ed-a020-e5d0174e6c10
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: vn6yFOr3FeSgRqZtaZeqTdkY476yzqi8UeeYS8REpEXoWarOmaKZEA==

OPTIONS
H2 200 identify
data.begrowth.com.br/v1/ Frame 0
0 326ms
98ms Preflight 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/identify

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://utua.com.br
access-control-max-age: 900
content-length: 0
date: Sun, 11 Sep 2022 21:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200
OK a Show response
wzrkt.com/ 326 B
861 B 37ms
37ms Script
text/javascript 2600:9000:20eb:4400:1e:3056:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wzrkt.com/a?t=96&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVG1QGMBDMTVAOwH0LUBXesZCBEAEQFEQBctVoNmmSDwBiyKvQDW6VsjAACKgFs1AWSqZ6QkCJp0mLDgZgce%2FAKpGTYpshgBzMzwASMAM6%2F8Y0pTcVcPBgBhVAATOEQvQWFg50ZaTRgALwY4kH4VVFgAegAhGGRsA0dks0ZsUzBWWJ4AVgAGADoARlaAFgBOVqrRGvJ6DwamxAAOdoA2ACY%2BtqMASVjLKUQYCnRohebozoB2dCpY2Zh5o4BmaPnW3qWqCmaAIx6qa6PL%2BZ6pzuOL2a8xgfU6U1anVe0WuzRgPVa6BgEJ6RjAGR4AHEdAAVADUDweIAAvgRMNEeFMAErNAC0s1mAC1aVSAOpMoxuSk9aHzXavKY9HoUHrI1p9I69I5HfrzKbwgXXKhGXwIToMxbXa6%2FVoEKBc%2BCdYlAAAA%3D%3D&rn=3&i=1662933236&sn=1&gc=84bd2fdb844c4e809704774928e4b83a&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW06IFsAXARwFMBBAVQEkAhCgEwMxEYiIGc4AGLRgBa8sANzgBGLJG7xgAAgC%2BrbI3wAOAEoBWALQA2PQh0aA6odZkOMviABOViQYBMATgDMbpwBYeCoAA%3D%3D&useIP=false&r=1662933236750

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4400:1e:3056:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d4c353a7ebd8d731c68747509285a0f47d39fc4afa62431e6248882e210c704b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Sep 2022 21:54:00 GMT
Via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
Vary: Accept-Encoding, User-Agent
X-Amz-Cf-Pop: FRA2-C1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
X-Amz-Cf-Id: VYGm87KYR4RHqM9Pj_FfMftQ3EO9oU1JYxx9xzgxvMmN4lKE8LPGKw==
Expires: 0

POST
H2 200 identify Show response
data.begrowth.com.br/v1/ 2 B
199 B 134ms
119ms XHR
text/plain 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/identify

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
Authorization: Basic MjZhQldHSDJwUld2TUhpQUZiWjQ3Y2t1UlVGOg==
AnonymousId: MzYwYTMxNDgtMGJhYS00NzcwLWIxMjEtZTBkMjc3NzgwNWUz
Content-Type: application/json

Response headers

access-control-allow-origin: https://utua.com.br
date: Sun, 11 Sep 2022 21:54:00 GMT
access-control-allow-credentials: true
vary: Origin
content-length: 2
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=utf-8

POST
H2 200 page Show response
data.begrowth.com.br/v1/ 2 B
199 B 210ms
204ms XHR
text/plain 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/page

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
Authorization: Basic MjZhQldHSDJwUld2TUhpQUZiWjQ3Y2t1UlVGOg==
AnonymousId: MzYwYTMxNDgtMGJhYS00NzcwLWIxMjEtZTBkMjc3NzgwNWUz
Content-Type: application/json

Response headers

access-control-allow-origin: https://utua.com.br
date: Sun, 11 Sep 2022 21:54:00 GMT
access-control-allow-credentials: true
vary: Origin
content-length: 2
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 page
data.begrowth.com.br/v1/ Frame 0
0 327ms
104ms Preflight 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/page

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://utua.com.br
access-control-max-age: 900
content-length: 0
date: Sun, 11 Sep 2022 21:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 GA360.min.js Show response
cdn.rudderlabs.com/v1.1/js-integrations/ 79 KB
25 KB 23ms
23ms Script
application/javascript 2600:9000:20eb:3a00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1.1/js-integrations/GA360.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91126d9dcc87df86749d1ef30440e3dd767e8ef44198039250ff679460d332be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 20:54:34 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 12:08:21 GMT
server: AmazonS3
age: 3567
etag: W/"4dd6fa7c51c25e50639897b3d67f655b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: mcpLEZqThZmrJ3DyvLE00a7PdlWOFxo71OuO0wg2Ll-ZNJAacdnWyg==

GET
H/1.1 200
OK a Show response
wzrkt.com/ 446 B
958 B 126ms
126ms Script
text/javascript 2600:9000:20eb:4400:1e:3056:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wzrkt.com/a?t=96&type=page&d=N4IgrgziBcIMYBsCmA3JAnALgQwA4gBpwBbGEJY7ASwUPDjOIA8BaMTMbFuTFi6hH2L4iVACZkAHACUArCwBsCgFotpAdRV1cAcxgBGInF1kAFpky4I0APQ32nAHRwA9sUcAjdDeZDcLD2wAO0CAKyoXFlx9GwB%2BdmIAfQgXMHQ4JABeRFQMHFwAMgTE4iQxKjBiTP4aIswkuGxhah0gzN8HLh4hAT86hpcgzCQh9tZO7l4awQp%2FbB1%2BxOH0Ko6OLqnKGj8WeZYAJgBmfTp1ZWkAaUSAYQBBAFkABRhQAHdhGAAGIkwEBmgANoAXQAviCgA%3D&rn=2&i=1662933236&sn=0&gc=84bd2fdb844c4e809704774928e4b83a&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW06IFsAXARwFMBBAVQEkAhCgEwMxEYiIGc4AGLRgBa8sANzgBGLJG7xgAAgC%2BrbI3wAOAEoBWALQA2PQh0aA6odZkOMviABOViQYBMATgDMbpwBYbAazzwANpyADogZADGAGaMek5ajOIA7FEAhoxkemROSW6MTjw8Xi5aqRFaAEZeqW5J2d5q4snlWk5kLuJqPOIVjG5aZD5RZF1eYQC6IApAAAA%3D%3D&useIP=false&r=1662933236794

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4400:1e:3056:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8cf9611934804f10ecdba4dff5679fdffa3cddd08783fd4d8afcef753917371e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Sep 2022 21:54:00 GMT
Via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
Vary: Accept-Encoding, User-Agent
X-Amz-Cf-Pop: FRA2-C1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
X-Amz-Cf-Id: 0o-eVzMGBtfjG-5x_CWzOK9nWaWIbbA115Ast0nxHif7RmKiK648HQ==
Expires: 0

GET
H3 200 container.html Show response
e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4D57 6 KB
3 KB 111ms
37ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 21:54:00 GMT
expires: Mon, 11 Sep 2023 21:54:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
39ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/js-integrations/GA360.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2282
date: Sun, 11 Sep 2022 21:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 11 Sep 2022 23:15:58 GMT

OPTIONS
H2 200 track
data.begrowth.com.br/v1/ Frame 0
0 148ms
100ms Preflight 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://utua.com.br
access-control-max-age: 900
content-length: 0
date: Sun, 11 Sep 2022 21:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 track
data.begrowth.com.br/v1/ Frame 0
0 145ms
101ms Preflight 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://utua.com.br
access-control-max-age: 900
content-length: 0
date: Sun, 11 Sep 2022 21:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
data.begrowth.com.br/v1/ 2 B
199 B 120ms
106ms XHR
text/plain 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
Authorization: Basic MjZhQldHSDJwUld2TUhpQUZiWjQ3Y2t1UlVGOg==
AnonymousId: MzYwYTMxNDgtMGJhYS00NzcwLWIxMjEtZTBkMjc3NzgwNWUz
Content-Type: application/json

Response headers

access-control-allow-origin: https://utua.com.br
date: Sun, 11 Sep 2022 21:54:00 GMT
access-control-allow-credentials: true
vary: Origin
content-length: 2
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=utf-8

POST
H2 200 track Show response
data.begrowth.com.br/v1/ 2 B
199 B 122ms
109ms XHR
text/plain 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
Authorization: Basic MjZhQldHSDJwUld2TUhpQUZiWjQ3Y2t1UlVGOg==
AnonymousId: MzYwYTMxNDgtMGJhYS00NzcwLWIxMjEtZTBkMjc3NzgwNWUz
Content-Type: application/json

Response headers

access-control-allow-origin: https://utua.com.br
date: Sun, 11 Sep 2022 21:54:00 GMT
access-control-allow-credentials: true
vary: Origin
content-length: 2
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 track
data.begrowth.com.br/v1/ Frame 0
0 132ms
102ms Preflight 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://utua.com.br
access-control-max-age: 900
content-length: 0
date: Sun, 11 Sep 2022 21:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 track
data.begrowth.com.br/v1/ Frame 0
0 130ms
103ms Preflight 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://utua.com.br
access-control-max-age: 900
content-length: 0
date: Sun, 11 Sep 2022 21:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
data.begrowth.com.br/v1/ 2 B
199 B 206ms
198ms XHR
text/plain 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
Authorization: Basic MjZhQldHSDJwUld2TUhpQUZiWjQ3Y2t1UlVGOg==
AnonymousId: MzYwYTMxNDgtMGJhYS00NzcwLWIxMjEtZTBkMjc3NzgwNWUz
Content-Type: application/json

Response headers

access-control-allow-origin: https://utua.com.br
date: Sun, 11 Sep 2022 21:54:00 GMT
access-control-allow-credentials: true
vary: Origin
content-length: 2
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=utf-8

POST
H2 200 track Show response
data.begrowth.com.br/v1/ 2 B
199 B 221ms
214ms XHR
text/plain 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
Authorization: Basic MjZhQldHSDJwUld2TUhpQUZiWjQ3Y2t1UlVGOg==
AnonymousId: MzYwYTMxNDgtMGJhYS00NzcwLWIxMjEtZTBkMjc3NzgwNWUz
Content-Type: application/json

Response headers

access-control-allow-origin: https://utua.com.br
date: Sun, 11 Sep 2022 21:54:01 GMT
access-control-allow-credentials: true
vary: Origin
content-length: 2
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=utf-8

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4D57 0
0 70ms
70ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4oq0-FgeY_qxEaO49u8PgIu2kA3z2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBN0BT9D6GA9h7jP_HyddI1qMZY6g04PJLOCigLykqNOwNk8N8sbFQByq3r5ZK48AzQflEj3OAFN-kiT9xjFJkNI2giEcaaLz86YM66jAXBZ6N-sQC7JPrLJpkFLjD2GwO5WjIg3pS8r9D5GPcD83KDeTVvtjMZF6f2WjnvJYHyjP3pkw0ttSFKMfvltWv86-B2Corbwp0bYy0HJT-lyrLxwBiqICTHASUATU0CKhmte8wxcuBHBseohWk_iDEtpwC0rGj7I7QlIWHCTK9mpU3aB38t2jcsSu3KVgsSn4mqzgBAGABoT38Zv31pn7GKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTE3NTcwNjQ3MjM5MTc5OTkYmYF0&sigh=mJBGgom1CyM&uach_m=[UACH]&cid=CAQSPgCsnQUx__Qac2aN7ISQCSqupQJ7IYtPVfBRaOIOHSZ9hSDyxRTaJh3qWXt2fxWgNXabUiYURikKbaEQlXgzGAE
Requested by: Host: utua.com.br
URL: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 4D57 2 KB
2 KB 102ms
21ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=38516434;rtbwp=Yx5Y-AAEWPoH_ZwjAA2FgBnD1_mPoypP-eyqWA;rtbdata=v4NggfA3el86mZC_iaQ0y5DlZyT3RRYmGredqddfAhjKPrNzB1Lu-z2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcni6pvBaWjgIbteP4IImAheXAbbnJ6-Ls-7XWQnbJVLYa1z0UFkcNjzHbTY4_PXpWBBty39rJP9poKpAOklTTLgsaTZ73-kfppSy6e9Gg2ecgdNNL5Nv_PASgriyYoGq63HI6CXtA3M_xgmsiRjpypoJXiH5CVNsSmO6hl5fH8xitGJnNRNpWJ0FR4qskzUN7EaJjdfnOlL1K0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CZFIc-FgeY_qxEaO49u8PgIu2kA3z2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBOABT9D6GA9h7jP_HyddI1qMZY6g04PJLOCigLykqNOwNk8N8sbFQByq3r5ZK48AzQflEj3OAFN-kiT9xjFJkNI2giEcaaLz86YM66jAXBZ6N-sQC7JPrLJpkFLjD2GwO5WjIg3pS8r9D5GPcD83KDeTVvtjMZF6f2WjnvJYHyjP3pkw0ttSFKMfvltWv86-B2Corbwp0bYy0HJT-lyrLxwBiqICTHASUATU0CKhmte8wxcuBHBseohW0fqigEfMtHdLMKiXkEe-5iTe_Mde87jPSBe22jQDwol4LrBfpyG8bxLgBAGABoT38Zv31pn7GKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_12hHhIUGGR5zV7j4i_TxRGh7RhRw&client=ca-pub-1757064723917999&adurl=

Requested by

Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

aa5d245bf08bdcf4690bdee73132b0ffcd168064c66bdc192d1e82a3a2b3873b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1674
expires: -1

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 4D57 3 KB
1 KB 170ms
49ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Sep 2022 21:48:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 4D57 17 KB
8 KB 159ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Sep 2022 21:48:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4D57 0
0 164ms
44ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTx-VWWOQ8ATUSiI7GvwcSrBGjzzZtt0SF1qYG2u3KMXuY5JWs9sn9APrVZwO9psT047q3M3JNpdGXZkOaQpb67A-YNJQ
Requested by: Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4D57 22 KB
7 KB 163ms
43ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 11:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Sep 2023 11:07:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D57 141 KB
44 KB 162ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 21:54:00 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 120ms
39ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:51:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 11 Sep 2022 22:51:07 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 4D57 33 KB
16 KB 133ms
26ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=38516434;rtbwp=Yx5Y-AAEWPoH_ZwjAA2FgBnD1_mPoypP-eyqWA;rtbdata=v4NggfA3el86mZC_iaQ0y5DlZyT3RRYmGredqddfAhjKPrNzB1Lu-z2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcni6pvBaWjgIbteP4IImAheXAbbnJ6-Ls-7XWQnbJVLYa1z0UFkcNjzHbTY4_PXpWBBty39rJP9poKpAOklTTLgsaTZ73-kfppSy6e9Gg2ecgdNNL5Nv_PASgriyYoGq63HI6CXtA3M_xgmsiRjpypoJXiH5CVNsSmO6hl5fH8xitGJnNRNpWJ0FR4qskzUN7EaJjdfnOlL1K0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CZFIc-FgeY_qxEaO49u8PgIu2kA3z2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBOABT9D6GA9h7jP_HyddI1qMZY6g04PJLOCigLykqNOwNk8N8sbFQByq3r5ZK48AzQflEj3OAFN-kiT9xjFJkNI2giEcaaLz86YM66jAXBZ6N-sQC7JPrLJpkFLjD2GwO5WjIg3pS8r9D5GPcD83KDeTVvtjMZF6f2WjnvJYHyjP3pkw0ttSFKMfvltWv86-B2Corbwp0bYy0HJT-lyrLxwBiqICTHASUATU0CKhmte8wxcuBHBseohW0fqigEfMtHdLMKiXkEe-5iTe_Mde87jPSBe22jQDwol4LrBfpyG8bxLgBAGABoT38Zv31pn7GKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_12hHhIUGGR5zV7j4i_TxRGh7RhRw&client=ca-pub-1757064723917999&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0ce978a7907fdf3a7b393ff68e8c0c17703c7f2eae4772b4bdce769668118dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 07:02:09 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 13 Sep 2022 01:23:56 GMT

OPTIONS
H2 200 track
data.begrowth.com.br/v1/ Frame 0
0 183ms
183ms Preflight 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://utua.com.br
access-control-max-age: 900
content-length: 0
date: Sun, 11 Sep 2022 21:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
data.begrowth.com.br/v1/ 2 B
199 B 115ms
113ms XHR
text/plain 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
Authorization: Basic MjZhQldHSDJwUld2TUhpQUZiWjQ3Y2t1UlVGOg==
AnonymousId: MzYwYTMxNDgtMGJhYS00NzcwLWIxMjEtZTBkMjc3NzgwNWUz
Content-Type: application/json

Response headers

access-control-allow-origin: https://utua.com.br
date: Sun, 11 Sep 2022 21:54:01 GMT
access-control-allow-credentials: true
vary: Origin
content-length: 2
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=utf-8

GET
H3 200 container.html Show response
e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A2E2 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 21:54:00 GMT
expires: Mon, 11 Sep 2023 21:54:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 track
data.begrowth.com.br/v1/ Frame 0
0 169ms
169ms Preflight 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://utua.com.br
access-control-max-age: 900
content-length: 0
date: Sun, 11 Sep 2022 21:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
data.begrowth.com.br/v1/ 2 B
199 B 110ms
109ms XHR
text/plain 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
Authorization: Basic MjZhQldHSDJwUld2TUhpQUZiWjQ3Y2t1UlVGOg==
AnonymousId: MzYwYTMxNDgtMGJhYS00NzcwLWIxMjEtZTBkMjc3NzgwNWUz
Content-Type: application/json

Response headers

access-control-allow-origin: https://utua.com.br
date: Sun, 11 Sep 2022 21:54:01 GMT
access-control-allow-credentials: true
vary: Origin
content-length: 2
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=utf-8

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A2E2 0
0 70ms
70ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBM00-FgeY6DvJ5SV7_UP8caekAjz2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBO0BT9B8Xgt5QyulNyG1bzrtrrNDeScQo241I91VTx_al8M4B2n1SpON0QuA76Cl6-DqKAy4ffPSuBFtjdPBbcW5wueAiJScaiysdNPthMM1w1vzuPAVzcxRE55WzqVkpeozcdHzcGNFV3BbVyT0-Ch6snD0KJJ2EklRi8KaM3Vf08DgNTv5xLLf6_RwqVgHbIgV03-O6yKZDCax05DVfcJ5leG8oZqttIUAfO6GgJYpZxsEsfcamWpuVhGBYFduu0gu9dcXS7moYzLxHNr4cuAIW5uqZ2HRCddAEfIonywntNGPLPvwmwkuhr09oxTJ4AQBgAbuqZ2Am5-UpGCgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xNzU3MDY0NzIzOTE3OTk5GJmBdA&sigh=ghg5i9cBHts&uach_m=[UACH]&cid=CAQSPwCsnQUxXqKIfHHLubEIXOcWQtlgq13HEB1xxL8O4J2uFXxAUVa5NCtNrbueWbriEDH201Dcczf0qrPAWOhbYhgB
Requested by: Host: utua.com.br
URL: https://utua.com.br/mx-emp-banbajio-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=mx-utua-ct-email-emp&utm_content=mx-utua-ct-email-emp-ag&utm_term=mx-utua-ct-email-emp-ag-231&an_uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame A2E2 2 KB
2 KB 22ms
20ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=38516438;rtbwp=Yx5Y-AAJ96AIu8qUAAejcSVhcpaRZUk9CMbg8g;rtbdata=v4NggfA3el86mZC_iaQ0y0wyii_nbxlFPZjadiFUMiGdzW4nROmqhT2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcnoIIoYHMuKWKs2MQTjyB-pBvIpvbRTD5pq87iUPvws_S1z0UFkcNjzFUldP7bQ9LwNm3ypN9VbUf3r6L-ht9PUXgrwM8x8c-yOhSJNN0f3YZu0OGqyw-wkj4uAQxCSl-YTZEtk_ZzGKO9cE-jHfeNRlWxwe12PhdfeV8ocKX-D6u0UCs-WEGVSZxlCL2GGQr2ylxoXiQpB3FRd96AjFir8lk9JUJFwE_MQ2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CFJ6n-FgeY6DvJ5SV7_UP8caekAjz2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBPABT9B8Xgt5QyulNyG1bzrtrrNDeScQo241I91VTx_al8M4B2n1SpON0QuA76Cl6-DqKAy4ffPSuBFtjdPBbcW5wueAiJScaiysdNPthMM1w1vzuPAVzcxRE55WzqVkpeozcdHzcGNFV3BbVyT0-Ch6snD0KJJ2EklRi8KaM3Vf08DgNTv5xLLf6_RwqVgHbIgV03-O6yKZDCax05DVfcJ5leG8oZqttIUAfO6GgJYpZxsEsfcamWpuVhGBYFduu0gu9dcXS7moY3DzPUhlzl811iSwy7PEoS1ABfiFlQI_DGtFOVMANhcCniKkBClEXcgT4AQBgAbuqZ2Am5-UpGCgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0aYGukx3dX-nOYREtorX8zIRLS9Q&client=ca-pub-1757064723917999&adurl=

Requested by

Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d20937010c67435d3383393bf397e00e1ed8ae2f19c1b2c49c7e80cbba5f51ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1715
expires: -1

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame A2E2 3 KB
1 KB 113ms
36ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Sep 2022 21:44:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A2E2 141 KB
44 KB 127ms
52ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 21:54:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame A2E2 17 KB
7 KB 114ms
37ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Sep 2022 21:48:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A2E2 0
0 120ms
44ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTL7uvmJE026d-SVdifvRhtjpZtSpEq5yUoIfnHmqNJSwqSRHIJxwK4-DEPI2IUsn8AV6FoaBt3UDKNnRDNJsKtupaxRw
Requested by: Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A2E2 22 KB
7 KB 118ms
42ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 11:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Sep 2023 11:07:09 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame A2E2 33 KB
16 KB 68ms
61ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=38516438;rtbwp=Yx5Y-AAJ96AIu8qUAAejcSVhcpaRZUk9CMbg8g;rtbdata=v4NggfA3el86mZC_iaQ0y0wyii_nbxlFPZjadiFUMiGdzW4nROmqhT2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcnoIIoYHMuKWKs2MQTjyB-pBvIpvbRTD5pq87iUPvws_S1z0UFkcNjzFUldP7bQ9LwNm3ypN9VbUf3r6L-ht9PUXgrwM8x8c-yOhSJNN0f3YZu0OGqyw-wkj4uAQxCSl-YTZEtk_ZzGKO9cE-jHfeNRlWxwe12PhdfeV8ocKX-D6u0UCs-WEGVSZxlCL2GGQr2ylxoXiQpB3FRd96AjFir8lk9JUJFwE_MQ2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CFJ6n-FgeY6DvJ5SV7_UP8caekAjz2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBPABT9B8Xgt5QyulNyG1bzrtrrNDeScQo241I91VTx_al8M4B2n1SpON0QuA76Cl6-DqKAy4ffPSuBFtjdPBbcW5wueAiJScaiysdNPthMM1w1vzuPAVzcxRE55WzqVkpeozcdHzcGNFV3BbVyT0-Ch6snD0KJJ2EklRi8KaM3Vf08DgNTv5xLLf6_RwqVgHbIgV03-O6yKZDCax05DVfcJ5leG8oZqttIUAfO6GgJYpZxsEsfcamWpuVhGBYFduu0gu9dcXS7moY3DzPUhlzl811iSwy7PEoS1ABfiFlQI_DGtFOVMANhcCniKkBClEXcgT4AQBgAbuqZ2Am5-UpGCgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0aYGukx3dX-nOYREtorX8zIRLS9Q&client=ca-pub-1757064723917999&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0ce978a7907fdf3a7b393ff68e8c0c17703c7f2eae4772b4bdce769668118dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 07:02:09 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 13 Sep 2022 01:23:56 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 4D57 8 KB
4 KB 21ms
20ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=38516434;rtbwp=Yx5Y-AAEWPoH_ZwjAA2FgBnD1_mPoypP-eyqWA;rtbdata=v4NggfA3el86mZC_iaQ0y5DlZyT3RRYmGredqddfAhjKPrNzB1Lu-z2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcni6pvBaWjgIbteP4IImAheXAbbnJ6-Ls-7XWQnbJVLYa1z0UFkcNjzHbTY4_PXpWBBty39rJP9poKpAOklTTLgsaTZ73-kfppSy6e9Gg2ecgdNNL5Nv_PASgriyYoGq63HI6CXtA3M_xgmsiRjpypoJXiH5CVNsSmO6hl5fH8xitGJnNRNpWJ0FR4qskzUN7EaJjdfnOlL1K0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CZFIc-FgeY_qxEaO49u8PgIu2kA3z2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBOABT9D6GA9h7jP_HyddI1qMZY6g04PJLOCigLykqNOwNk8N8sbFQByq3r5ZK48AzQflEj3OAFN-kiT9xjFJkNI2giEcaaLz86YM66jAXBZ6N-sQC7JPrLJpkFLjD2GwO5WjIg3pS8r9D5GPcD83KDeTVvtjMZF6f2WjnvJYHyjP3pkw0ttSFKMfvltWv86-B2Corbwp0bYy0HJT-lyrLxwBiqICTHASUATU0CKhmte8wxcuBHBseohW0fqigEfMtHdLMKiXkEe-5iTe_Mde87jPSBe22jQDwol4LrBfpyG8bxLgBAGABoT38Zv31pn7GKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_12hHhIUGGR5zV7j4i_TxRGh7RhRw&client=ca-pub-1757064723917999&adurl=;js=1;adfxid=1x;5745;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Futua.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

175547677f37b034124b045e6fc6f2ddc253e03c6ae261df20217f99cd0d70b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3345
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame A2E2 8 KB
4 KB 22ms
22ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=38516438;rtbwp=Yx5Y-AAJ96AIu8qUAAejcSVhcpaRZUk9CMbg8g;rtbdata=v4NggfA3el86mZC_iaQ0y0wyii_nbxlFPZjadiFUMiGdzW4nROmqhT2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcnoIIoYHMuKWKs2MQTjyB-pBvIpvbRTD5pq87iUPvws_S1z0UFkcNjzFUldP7bQ9LwNm3ypN9VbUf3r6L-ht9PUXgrwM8x8c-yOhSJNN0f3YZu0OGqyw-wkj4uAQxCSl-YTZEtk_ZzGKO9cE-jHfeNRlWxwe12PhdfeV8ocKX-D6u0UCs-WEGVSZxlCL2GGQr2ylxoXiQpB3FRd96AjFir8lk9JUJFwE_MQ2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CFJ6n-FgeY6DvJ5SV7_UP8caekAjz2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBPABT9B8Xgt5QyulNyG1bzrtrrNDeScQo241I91VTx_al8M4B2n1SpON0QuA76Cl6-DqKAy4ffPSuBFtjdPBbcW5wueAiJScaiysdNPthMM1w1vzuPAVzcxRE55WzqVkpeozcdHzcGNFV3BbVyT0-Ch6snD0KJJ2EklRi8KaM3Vf08DgNTv5xLLf6_RwqVgHbIgV03-O6yKZDCax05DVfcJ5leG8oZqttIUAfO6GgJYpZxsEsfcamWpuVhGBYFduu0gu9dcXS7moY3DzPUhlzl811iSwy7PEoS1ABfiFlQI_DGtFOVMANhcCniKkBClEXcgT4AQBgAbuqZ2Am5-UpGCgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0aYGukx3dX-nOYREtorX8zIRLS9Q&client=ca-pub-1757064723917999&adurl=;js=1;adfxid=2x;2451;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Futua.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1fc8da3113976195c28b7ea265caae032a2de95f16363f6c316c64e843347532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3404
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4D57 36 KB
13 KB 68ms
28ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 472446
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kO0lWoad3pT3bL6VAvhTasBuGRlBoVmaDF95RzAqfxwDYWvirCGJIUrX4D2a6N3XL%2Fkv7B5bv1DUdlyyZWWlsz%2BRkXsfyV7zgzWH9pF%2FFlacs97an2V7oo5if0HI3GzgswSbemo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 10:56:39 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7493a3b49decbb62-FRA
cf-bgj: minify

POST
H2 200 /
track.adform.net/csimpr/ Frame 4D57 35 B
494 B 22ms
22ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=38516434&csi=FBvUbbRKcOR4NycUDMCzdc9yaTs7edipnKRWaOGiMrDrygPkIxxfkxaVZ2fPTHe5ATVDS21nGBty5DGIySGqcmQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A2E2 36 KB
12 KB 48ms
32ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 472446
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpNFsaIpRyORV3Omj57v4WWNTm55%2Fi1lboYCipOLLaSKX0iys6OAmxJyPR0HcmWHXF3hwE2MRqnUCnBVlkG8njbWtMHv8LIwPKLLf06HAS3QaAXRHg1J6AWOleH9RrUcxZVHWO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 10:56:39 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7493a3b49dedbb62-FRA
cf-bgj: minify

POST
H2 200 /
track.adform.net/csimpr/ Frame A2E2 35 B
503 B 21ms
20ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=38516438&csi=H9A-ms7G2jsUxjCP8rnbNGIOVY7jiw5snKRWaOGiMrAJDwKV3Zer3BaVZ2fPTHe5wx_cLQYhUx_GBlkLlTUKQmQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.221/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 4D57 34 KB
15 KB 32ms
31ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.221/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 49a549c0595e8477f6d2f5cf125bc454f1ae26dbbd92a3efaf992aa16ab32b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:01 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 07:02:09 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 13 Sep 2022 01:38:06 GMT

GET
DATA 200
OK truncated
/ Frame 4D57 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 320354a0e7da3daf5c1608d8b971e5d17053a979836c74f5f0439207bd0a75fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.221/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame A2E2 34 KB
15 KB 34ms
34ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.221/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 49a549c0595e8477f6d2f5cf125bc454f1ae26dbbd92a3efaf992aa16ab32b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:01 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 07:02:09 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 13 Sep 2022 01:38:06 GMT

GET
DATA 200
OK truncated
/ Frame A2E2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8455e6c36897c5127cf6924bc127886784a4cbe98d83f8890e771b5d9c527be

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame C7CF 2 KB
1 KB 44ms
25ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1475330
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7493a3b54e2d9091-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 11 Sep 2022 21:54:01 GMT
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVL2TSryIdfPRvIOhE%2BJ9PEWZ6z2BYPMxlpR%2FsVmoAjNlIGJih3CaAUy5MPRkVQUveA56MlkpWQu8MJb6ZLErLvAiH9GXL2zKOSg1IHIaEtQAeU%2FNmVHaqxOlj4KysnXP3Y06Q0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 586B 2 KB
1 KB 43ms
28ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1475330
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7493a3b54e309091-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 11 Sep 2022 21:54:01 GMT
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaNGbKvElh5bH54hYPj18xlHmVt54dpSdOJIvfvHMeAh0EMA6ACAD5nmMrW4cWcmSd27imL7dGsOwUvAX3RSnYkYajSjO5I%2Fhl1%2FcZGH0tiQ0LmO6JP%2BGQFwWDKA7emZTIH%2Fp7s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 4D57 63 KB
24 KB 30ms
29ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
URL: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

0e5ecdc767dab401677a88743ed088fcae15b6670aa22ec28cad585cd5da876d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24190
x-xss-protection: 0
server: cafe
etag: 6142364239576130187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 22:43:36 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 187ms
87ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08e5de348e1242b00790f9a5e6159bf794049c447315377330e1204b1d7fbe1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Sep 2022 21:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10956
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 4D57 2 KB
2 KB 39ms
39ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd54f7ed2d8e8fb2a338a288e4adcc3fa04756db4173c9c836a5fa6d6552a912

Request headers

Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 7493a3b5dd9791ef-FRA
date: Sun, 11 Sep 2022 21:54:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMg7G7CZIB4tU7jLlsoen9n3VD6N2fxkqFAAhtgxSHlK%2B9f5PyzxFTtP2xP4rEE5KaKgRRCYHAdVcnPT%2B0%2FS1DeVn4VTyqOjraAeBeFM%2FASXJyy%2Bb97b1agHi7vQg0p60Vf8iLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2p34

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 37ms
29ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7493a3b5ad6591ef-FRA
content-length: 24
content-type: text/plain
date: Sun, 11 Sep 2022 21:54:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjkPR6SNc3ZHEDsCNb03aK%2BDQjlt75pE7aQl9hpVq7RlOyIc32IfJnHgyvngmhgrAaCaODVNYqcZEMYrza8ooN67ZB%2FD5tW%2Flbk9czTYEiQeUXUVwPStst3uNrcoNolqG0M1Szo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-2p34

POST
H3 200 rs Show response
ad4m.at/ Frame A2E2 2 KB
2 KB 33ms
32ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daab218a2b188b28fe4a9d1472543aa76464330913f93cd56c830c2383940e9f

Request headers

Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 7493a3b5dd9691ef-FRA
date: Sun, 11 Sep 2022 21:54:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L509MiEN3HHeTGISnMVsr9U9Ta7IwQKk8uwU3hd4flIuIlIR6exeygNgc4aJTIUW3wqSC63yfvH86MrySzETrBiXFlVUCAByscH0TyPQA5hKrk6uC5XmebcI%2FdPTbwDWkgp%2FwnY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2p34

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 33ms
28ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7493a3b5ad6691ef-FRA
content-length: 24
content-type: text/plain
date: Sun, 11 Sep 2022 21:54:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0tdwrXagUS7r6VKXk1mCw6ywgnygHPX4oeFzRBWksCovU9rgqz7O%2BPqvA5d6xOAn4NUSSDfeTMMiMFJAXZXs25gGbPeWPLm9%2B49O81mVAutS34z%2Ftn094MWQpsn0jMbIsIK6bg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-2p34

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D57 0
442 B 155ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=urind

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4D57 0
327 B 543ms
187ms Ping
image/gif 2607:f8b0:4012:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l7xvii2r&e=21068133&ctx=2&qqid=CPqNyojdjfoCFSOc_QcdgIUN0g&met.4=fb.3c~lb.dm~ol.gs~idt.7b~dt.-a0&met.3=733.dr~742.dq_1~749.go_3~740.gy_1~736.h1~735.h4_1~113.hu_6~112.ht_7&met.1=1.l7xvihky~6.1~7.1~8.1~9.1~10.23~11.1~12.23~13.34~14.35~15.36~16.eh~17.eh~18.eh~19.go~20.go~21.gs~22.eh~23.eh&met.7=CBsQCBgBMHA43ARQAVhLYAFoS3BweNAagAGkGIgBzi-wAQG4AQM~CCEQBBgBIHsoezDDAThI~CBsQCiB7OGg~CB4QChgBIHwofDCmAjirAWj0AXCmAnj7DIABzwqIAbEVsAEBuAED~CBwQChgBIHwofDCeAjijAUB8SIsBUIsBWOkBYK4BaPMBcJsCeNQ9gAGoO4gBp4sBsAEBuAED~CBsQBhgBIHwofDChAjilAQ~CBEQChgBIHwofDCmAjiqAWj0AXCgAniaOYAB7jaIAeOzAbABAbgBAw~CCoQChgBIHwofDDQAjjUAQ~CBsQCiDoATiRAQ~CBsQCiCAAzgW~CBsQCiCaAzhF~CBsQASCaAzgX~CBsQCiCEBDgh~CBsQBSCbBDgt~CCgQChgBIN0EKN0EMP0EOCBo3gRw-wR4qr8BgAH-vAGIAfD3A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame E4F3 3 KB
2 KB 50ms
41ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=36040&b=xEgtQfEK7zTm8XhPHWtrHQt3WXtJT6TM2uA&f=YxqtrfzXW2uQKpTVH8t3HgC1e2TAT1TXqar&c=300&d=250&e=&g=27ee22f0da2db1212c471d033eeb9bfd%2F18235752709799787591&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1662933241277&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCFJ6n-FgeY6DvJ5SV7_UP8caekAjz2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBPABT9B8Xgt5QyulNyG1bzrtrrNDeScQo241I91VTx_al8M4B2n1SpON0QuA76Cl6-DqKAy4ffPSuBFtjdPBbcW5wueAiJScaiysdNPthMM1w1vzuPAVzcxRE55WzqVkpeozcdHzcGNFV3BbVyT0-Ch6snD0KJJ2EklRi8KaM3Vf08DgNTv5xLLf6_RwqVgHbIgV03-O6yKZDCax05DVfcJ5leG8oZqttIUAfO6GgJYpZxsEsfcamWpuVhGBYFduu0gu9dcXS7moY3DzPUhlzl811iSwy7PEoS1ABfiFlQI_DGtFOVMANhcCniKkBClEXcgT4AQBgAbuqZ2Am5-UpGCgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0aYGukx3dX-nOYREtorX8zIRLS9Q%26client%3Dca-pub-1757064723917999%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYx5Y-AAJ96AIu8qUAAejcSVhcpaRZUk9CMbg8g%3Bcrtbdata%3Dv4NggfA3el86mZC_iaQ0y0wyii_nbxlFPZjadiFUMiGdzW4nROmqhT2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcnoIIoYHMuKWKs2MQTjyB-pBvIpvbRTD5pq87iUPvws_S1z0UFkcNjzFUldP7bQ9LwNm3ypN9VbUf3r6L-ht9PUXgrwM8x8c-yOhSJNN0f3YZu0OGqyw-wkj4uAQxCSl-YTZEtk_ZzGKO9cE-jHfeNRlWxwe12PhdfeV8ocKX-D6u0UCs-WEGVSZxlCL2GGQr2ylxoXiQpB3FRd96AjFir8lk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYTpUft1a_OvQNSSuOltCu2cG0D56DGhTVkCsz7VyAVP9CvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTuPDObXMBx2222dgZCtqWIyt2IW6RsUL961wQzE2-sscYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252futua.com.br%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b935581c44cbaec6101b5af8a87a6c6123bea5222b6c5b07fc69f305fe1675a0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7493a3b62810bb62-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 21:54:01 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame C73A 3 KB
3 KB 34ms
33ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=36036&b=QxZt4fY4xQf6eAaxH8tRHGtpkqFDT4TeAsV&f=2b9F6f6dKmFV5GCVH6tbHwCAdpTWT7TRPFg&c=970&d=250&e=&g=b39675a7bada8f6aecf59ce195108942%2F6788473861955862468&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1662933241280&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCZFIc-FgeY_qxEaO49u8PgIu2kA3z2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBOABT9D6GA9h7jP_HyddI1qMZY6g04PJLOCigLykqNOwNk8N8sbFQByq3r5ZK48AzQflEj3OAFN-kiT9xjFJkNI2giEcaaLz86YM66jAXBZ6N-sQC7JPrLJpkFLjD2GwO5WjIg3pS8r9D5GPcD83KDeTVvtjMZF6f2WjnvJYHyjP3pkw0ttSFKMfvltWv86-B2Corbwp0bYy0HJT-lyrLxwBiqICTHASUATU0CKhmte8wxcuBHBseohW0fqigEfMtHdLMKiXkEe-5iTe_Mde87jPSBe22jQDwol4LrBfpyG8bxLgBAGABoT38Zv31pn7GKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12hHhIUGGR5zV7j4i_TxRGh7RhRw%26client%3Dca-pub-1757064723917999%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516434%3Bcrtbwp%3DYx5Y-AAEWPoH_ZwjAA2FgBnD1_mPoypP-eyqWA%3Bcrtbdata%3Dv4NggfA3el86mZC_iaQ0y5DlZyT3RRYmGredqddfAhjKPrNzB1Lu-z2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcni6pvBaWjgIbteP4IImAheXAbbnJ6-Ls-7XWQnbJVLYa1z0UFkcNjzHbTY4_PXpWBBty39rJP9poKpAOklTTLgsaTZ73-kfppSy6e9Gg2ecgdNNL5Nv_PASgriyYoGq63HI6CXtA3M_xgmsiRjpypoJXiH5CVNsSmO6hl5fH8xitGJnNRNpWJ0FR4qskzUN7EaJjdfnOlL1K0%3Badfibeg%3D0%3Bcdata%3D7VisvzeG6HbpUft1a_OvQLpB23N9unN5YKZnz3Jm23ReNL6-L_c_4ivZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVG22dgZCtqWIwqxboTXJiM5WdqqKfKEJgcYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252futua.com.br%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e8d29be787661760607287f2addc2feefade6537e1447280d9f94733ba3ac0d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7493a3b62814bb62-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 21:54:01 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame C73A 85 KB
11 KB 51ms
50ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=36036&b=QxZt4fY4xQf6eAaxH8tRHGtpkqFDT4TeAsV&f=2b9F6f6dKmFV5GCVH6tbHwCAdpTWT7TRPFg&c=970&d=250&e=&g=b39675a7bada8f6aecf59ce195108942%2F6788473861955862468&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1662933241280&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCZFIc-FgeY_qxEaO49u8PgIu2kA3z2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBOABT9D6GA9h7jP_HyddI1qMZY6g04PJLOCigLykqNOwNk8N8sbFQByq3r5ZK48AzQflEj3OAFN-kiT9xjFJkNI2giEcaaLz86YM66jAXBZ6N-sQC7JPrLJpkFLjD2GwO5WjIg3pS8r9D5GPcD83KDeTVvtjMZF6f2WjnvJYHyjP3pkw0ttSFKMfvltWv86-B2Corbwp0bYy0HJT-lyrLxwBiqICTHASUATU0CKhmte8wxcuBHBseohW0fqigEfMtHdLMKiXkEe-5iTe_Mde87jPSBe22jQDwol4LrBfpyG8bxLgBAGABoT38Zv31pn7GKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12hHhIUGGR5zV7j4i_TxRGh7RhRw%26client%3Dca-pub-1757064723917999%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516434%3Bcrtbwp%3DYx5Y-AAEWPoH_ZwjAA2FgBnD1_mPoypP-eyqWA%3Bcrtbdata%3Dv4NggfA3el86mZC_iaQ0y5DlZyT3RRYmGredqddfAhjKPrNzB1Lu-z2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcni6pvBaWjgIbteP4IImAheXAbbnJ6-Ls-7XWQnbJVLYa1z0UFkcNjzHbTY4_PXpWBBty39rJP9poKpAOklTTLgsaTZ73-kfppSy6e9Gg2ecgdNNL5Nv_PASgriyYoGq63HI6CXtA3M_xgmsiRjpypoJXiH5CVNsSmO6hl5fH8xitGJnNRNpWJ0FR4qskzUN7EaJjdfnOlL1K0%3Badfibeg%3D0%3Bcdata%3D7VisvzeG6HbpUft1a_OvQLpB23N9unN5YKZnz3Jm23ReNL6-L_c_4ivZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVG22dgZCtqWIwqxboTXJiM5WdqqKfKEJgcYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252futua.com.br%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=36036&b=QxZt4fY4xQf6eAaxH8tRHGtpkqFDT4TeAsV&f=2b9F6f6dKmFV5GCVH6tbHwCAdpTWT7TRPFg&c=970&d=250&e=&g=b39675a7bada8f6aecf59ce195108942%2F6788473861955862468&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1662933241280&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCZFIc-FgeY_qxEaO49u8PgIu2kA3z2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBOABT9D6GA9h7jP_HyddI1qMZY6g04PJLOCigLykqNOwNk8N8sbFQByq3r5ZK48AzQflEj3OAFN-kiT9xjFJkNI2giEcaaLz86YM66jAXBZ6N-sQC7JPrLJpkFLjD2GwO5WjIg3pS8r9D5GPcD83KDeTVvtjMZF6f2WjnvJYHyjP3pkw0ttSFKMfvltWv86-B2Corbwp0bYy0HJT-lyrLxwBiqICTHASUATU0CKhmte8wxcuBHBseohW0fqigEfMtHdLMKiXkEe-5iTe_Mde87jPSBe22jQDwol4LrBfpyG8bxLgBAGABoT38Zv31pn7GKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12hHhIUGGR5zV7j4i_TxRGh7RhRw%26client%3Dca-pub-1757064723917999%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516434%3Bcrtbwp%3DYx5Y-AAEWPoH_ZwjAA2FgBnD1_mPoypP-eyqWA%3Bcrtbdata%3Dv4NggfA3el86mZC_iaQ0y5DlZyT3RRYmGredqddfAhjKPrNzB1Lu-z2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcni6pvBaWjgIbteP4IImAheXAbbnJ6-Ls-7XWQnbJVLYa1z0UFkcNjzHbTY4_PXpWBBty39rJP9poKpAOklTTLgsaTZ73-kfppSy6e9Gg2ecgdNNL5Nv_PASgriyYoGq63HI6CXtA3M_xgmsiRjpypoJXiH5CVNsSmO6hl5fH8xitGJnNRNpWJ0FR4qskzUN7EaJjdfnOlL1K0%3Badfibeg%3D0%3Bcdata%3D7VisvzeG6HbpUft1a_OvQLpB23N9unN5YKZnz3Jm23ReNL6-L_c_4ivZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVG22dgZCtqWIwqxboTXJiM5WdqqKfKEJgcYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252futua.com.br%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:01 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1147520
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86775
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 29 Aug 2022 15:08:41 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 7493a3b66ede9091-FRA
cf-bgj: minify

GET
H2 200 87F2ED2F961CEB0C20E16615114B95F49C58C2841040E43B4A3BDC6BB7BA53854800184833E76EB04CF6A8A13D85263603C5F620648AAAEB60FC764DC1DE81E3
assets.ad4m.at/product_image/ Frame C73A 36 KB
36 KB 37ms
27ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/87F2ED2F961CEB0C20E16615114B95F49C58C2841040E43B4A3BDC6BB7BA53854800184833E76EB04CF6A8A13D85263603C5F620648AAAEB60FC764DC1DE81E3
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=36036&b=QxZt4fY4xQf6eAaxH8tRHGtpkqFDT4TeAsV&f=2b9F6f6dKmFV5GCVH6tbHwCAdpTWT7TRPFg&c=970&d=250&e=&g=b39675a7bada8f6aecf59ce195108942%2F6788473861955862468&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1662933241280&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCZFIc-FgeY_qxEaO49u8PgIu2kA3z2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBOABT9D6GA9h7jP_HyddI1qMZY6g04PJLOCigLykqNOwNk8N8sbFQByq3r5ZK48AzQflEj3OAFN-kiT9xjFJkNI2giEcaaLz86YM66jAXBZ6N-sQC7JPrLJpkFLjD2GwO5WjIg3pS8r9D5GPcD83KDeTVvtjMZF6f2WjnvJYHyjP3pkw0ttSFKMfvltWv86-B2Corbwp0bYy0HJT-lyrLxwBiqICTHASUATU0CKhmte8wxcuBHBseohW0fqigEfMtHdLMKiXkEe-5iTe_Mde87jPSBe22jQDwol4LrBfpyG8bxLgBAGABoT38Zv31pn7GKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12hHhIUGGR5zV7j4i_TxRGh7RhRw%26client%3Dca-pub-1757064723917999%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516434%3Bcrtbwp%3DYx5Y-AAEWPoH_ZwjAA2FgBnD1_mPoypP-eyqWA%3Bcrtbdata%3Dv4NggfA3el86mZC_iaQ0y5DlZyT3RRYmGredqddfAhjKPrNzB1Lu-z2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcni6pvBaWjgIbteP4IImAheXAbbnJ6-Ls-7XWQnbJVLYa1z0UFkcNjzHbTY4_PXpWBBty39rJP9poKpAOklTTLgsaTZ73-kfppSy6e9Gg2ecgdNNL5Nv_PASgriyYoGq63HI6CXtA3M_xgmsiRjpypoJXiH5CVNsSmO6hl5fH8xitGJnNRNpWJ0FR4qskzUN7EaJjdfnOlL1K0%3Badfibeg%3D0%3Bcdata%3D7VisvzeG6HbpUft1a_OvQLpB23N9unN5YKZnz3Jm23ReNL6-L_c_4ivZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVG22dgZCtqWIwqxboTXJiM5WdqqKfKEJgcYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252futua.com.br%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbb03289a50e9a92ef3ceece0bd27a15e6fafc8010a807a685da337f61549a47

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 309399
cf-polished: qual=85, origFmt=jpeg, origSize=246735
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36400
last-modified: Wed, 07 Sep 2022 10:21:51 GMT
server: cloudflare
etag: "be1d541b2b53ad57d1d7454882ba538e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfIIZtkvQZl%2FO4kJBMfzfCYAU7AAncvRiuZNj9w0IXLdc0lnj8CL6We5FQERUF3V7WBrNO%2B4HMG5wZ42uwXoWx0Iey9G6BTv9vLfN68lgjWeTGSza5c8oL3%2BZTnIzRa4mTCEmaKIhE840hCd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Mon, 12 Sep 2022 21:54:01 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7493a3b6789ebb62-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame E4F3 85 KB
11 KB 41ms
40ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=36040&b=xEgtQfEK7zTm8XhPHWtrHQt3WXtJT6TM2uA&f=YxqtrfzXW2uQKpTVH8t3HgC1e2TAT1TXqar&c=300&d=250&e=&g=27ee22f0da2db1212c471d033eeb9bfd%2F18235752709799787591&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1662933241277&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCFJ6n-FgeY6DvJ5SV7_UP8caekAjz2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBPABT9B8Xgt5QyulNyG1bzrtrrNDeScQo241I91VTx_al8M4B2n1SpON0QuA76Cl6-DqKAy4ffPSuBFtjdPBbcW5wueAiJScaiysdNPthMM1w1vzuPAVzcxRE55WzqVkpeozcdHzcGNFV3BbVyT0-Ch6snD0KJJ2EklRi8KaM3Vf08DgNTv5xLLf6_RwqVgHbIgV03-O6yKZDCax05DVfcJ5leG8oZqttIUAfO6GgJYpZxsEsfcamWpuVhGBYFduu0gu9dcXS7moY3DzPUhlzl811iSwy7PEoS1ABfiFlQI_DGtFOVMANhcCniKkBClEXcgT4AQBgAbuqZ2Am5-UpGCgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0aYGukx3dX-nOYREtorX8zIRLS9Q%26client%3Dca-pub-1757064723917999%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYx5Y-AAJ96AIu8qUAAejcSVhcpaRZUk9CMbg8g%3Bcrtbdata%3Dv4NggfA3el86mZC_iaQ0y0wyii_nbxlFPZjadiFUMiGdzW4nROmqhT2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcnoIIoYHMuKWKs2MQTjyB-pBvIpvbRTD5pq87iUPvws_S1z0UFkcNjzFUldP7bQ9LwNm3ypN9VbUf3r6L-ht9PUXgrwM8x8c-yOhSJNN0f3YZu0OGqyw-wkj4uAQxCSl-YTZEtk_ZzGKO9cE-jHfeNRlWxwe12PhdfeV8ocKX-D6u0UCs-WEGVSZxlCL2GGQr2ylxoXiQpB3FRd96AjFir8lk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYTpUft1a_OvQNSSuOltCu2cG0D56DGhTVkCsz7VyAVP9CvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTuPDObXMBx2222dgZCtqWIyt2IW6RsUL961wQzE2-sscYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252futua.com.br%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=36040&b=xEgtQfEK7zTm8XhPHWtrHQt3WXtJT6TM2uA&f=YxqtrfzXW2uQKpTVH8t3HgC1e2TAT1TXqar&c=300&d=250&e=&g=27ee22f0da2db1212c471d033eeb9bfd%2F18235752709799787591&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1662933241277&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCFJ6n-FgeY6DvJ5SV7_UP8caekAjz2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBPABT9B8Xgt5QyulNyG1bzrtrrNDeScQo241I91VTx_al8M4B2n1SpON0QuA76Cl6-DqKAy4ffPSuBFtjdPBbcW5wueAiJScaiysdNPthMM1w1vzuPAVzcxRE55WzqVkpeozcdHzcGNFV3BbVyT0-Ch6snD0KJJ2EklRi8KaM3Vf08DgNTv5xLLf6_RwqVgHbIgV03-O6yKZDCax05DVfcJ5leG8oZqttIUAfO6GgJYpZxsEsfcamWpuVhGBYFduu0gu9dcXS7moY3DzPUhlzl811iSwy7PEoS1ABfiFlQI_DGtFOVMANhcCniKkBClEXcgT4AQBgAbuqZ2Am5-UpGCgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0aYGukx3dX-nOYREtorX8zIRLS9Q%26client%3Dca-pub-1757064723917999%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYx5Y-AAJ96AIu8qUAAejcSVhcpaRZUk9CMbg8g%3Bcrtbdata%3Dv4NggfA3el86mZC_iaQ0y0wyii_nbxlFPZjadiFUMiGdzW4nROmqhT2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcnoIIoYHMuKWKs2MQTjyB-pBvIpvbRTD5pq87iUPvws_S1z0UFkcNjzFUldP7bQ9LwNm3ypN9VbUf3r6L-ht9PUXgrwM8x8c-yOhSJNN0f3YZu0OGqyw-wkj4uAQxCSl-YTZEtk_ZzGKO9cE-jHfeNRlWxwe12PhdfeV8ocKX-D6u0UCs-WEGVSZxlCL2GGQr2ylxoXiQpB3FRd96AjFir8lk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYTpUft1a_OvQNSSuOltCu2cG0D56DGhTVkCsz7VyAVP9CvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTuPDObXMBx2222dgZCtqWIyt2IW6RsUL961wQzE2-sscYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252futua.com.br%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:01 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1147520
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86775
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 29 Aug 2022 15:08:41 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 7493a3b67eec9091-FRA
cf-bgj: minify

GET
H2 200 DAD3439C89C70A22A9103D92B148782A1D7010E01EC4DD0F9C2A0A8454D31C66D1FC4FFF1CDB985AC737DAB645A9802A5F6A4797886DF0BCD0898EFB82966244
assets.ad4m.at/product_image/ Frame E4F3 15 KB
16 KB 32ms
30ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/DAD3439C89C70A22A9103D92B148782A1D7010E01EC4DD0F9C2A0A8454D31C66D1FC4FFF1CDB985AC737DAB645A9802A5F6A4797886DF0BCD0898EFB82966244
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=36040&b=xEgtQfEK7zTm8XhPHWtrHQt3WXtJT6TM2uA&f=YxqtrfzXW2uQKpTVH8t3HgC1e2TAT1TXqar&c=300&d=250&e=&g=27ee22f0da2db1212c471d033eeb9bfd%2F18235752709799787591&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1662933241277&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCFJ6n-FgeY6DvJ5SV7_UP8caekAjz2KuTXMm81LOiB8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzU3MDY0NzIzOTE3OTk5oAGY2reCA8gBCakChr7End3YsD7gAgCoAwGqBPABT9B8Xgt5QyulNyG1bzrtrrNDeScQo241I91VTx_al8M4B2n1SpON0QuA76Cl6-DqKAy4ffPSuBFtjdPBbcW5wueAiJScaiysdNPthMM1w1vzuPAVzcxRE55WzqVkpeozcdHzcGNFV3BbVyT0-Ch6snD0KJJ2EklRi8KaM3Vf08DgNTv5xLLf6_RwqVgHbIgV03-O6yKZDCax05DVfcJ5leG8oZqttIUAfO6GgJYpZxsEsfcamWpuVhGBYFduu0gu9dcXS7moY3DzPUhlzl811iSwy7PEoS1ABfiFlQI_DGtFOVMANhcCniKkBClEXcgT4AQBgAbuqZ2Am5-UpGCgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0aYGukx3dX-nOYREtorX8zIRLS9Q%26client%3Dca-pub-1757064723917999%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYx5Y-AAJ96AIu8qUAAejcSVhcpaRZUk9CMbg8g%3Bcrtbdata%3Dv4NggfA3el86mZC_iaQ0y0wyii_nbxlFPZjadiFUMiGdzW4nROmqhT2wR9KFCOurPTkZIFQE2RNvhUPGvjGWcThTtD70u-I_rp2MFEjP4ZCbnUsErhgcnoIIoYHMuKWKs2MQTjyB-pBvIpvbRTD5pq87iUPvws_S1z0UFkcNjzFUldP7bQ9LwNm3ypN9VbUf3r6L-ht9PUXgrwM8x8c-yOhSJNN0f3YZu0OGqyw-wkj4uAQxCSl-YTZEtk_ZzGKO9cE-jHfeNRlWxwe12PhdfeV8ocKX-D6u0UCs-WEGVSZxlCL2GGQr2ylxoXiQpB3FRd96AjFir8lk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYTpUft1a_OvQNSSuOltCu2cG0D56DGhTVkCsz7VyAVP9CvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTuPDObXMBx2222dgZCtqWIyt2IW6RsUL961wQzE2-sscYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252futua.com.br%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745365a66ede09d8fbdbc9cc93af6b1c5a9e78fa5ec7d36b57000b4db435d8da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 335994
cf-polished: qual=85, origFmt=jpeg, origSize=97892
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15418
last-modified: Wed, 07 Sep 2022 10:18:30 GMT
server: cloudflare
etag: "f236404041bb7dc8d5992925be2a1e05"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6R1K4Ca0wVuSJ7RH%2BHkafVABIaqEubbUx1w0ZU1YKwGOhmcv7MW2hNi7c69gXyJveujyCHy4Haj7E27mg0%2BM7sXT1PrOc8XFC2M4o8Jl6kFFUtvbL6TgtSuyMWxWX7KOrTuD1EYthQBUyx%2FY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Mon, 12 Sep 2022 21:54:01 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7493a3b678a0bb62-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 21:54:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 59D2 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 19:24:35 GMT
expires: Mon, 11 Sep 2023 19:24:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E9BF 783 B
535 B 49ms
48ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

edc2caf9a2793f9c84ca918a55a143c657dabf934bb11fa5d72c946024b6e408

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xaX-vNhO4Y3ATGMMxln1wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-xaX-vNhO4Y3ATGMMxln1wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 21:54:01 GMT
expires: Sun, 11 Sep 2022 21:54:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E9BF 0
0 157ms
76ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090601&jk=760680257519951&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js Show response
pagead2.googlesyndication.com/bg/ Frame 59D2 36 KB
16 KB 120ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 15:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15893
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Sep 2023 15:28:52 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 59D2 0
10 B 36ms
36ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_dWjRg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 21:54:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A2E2 42 B
64 B 147ms
70ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5O7JHj25fqQT43GWbx4Le2eX_fzkMLltgCpTjzR0m_ICBuPC2VvPh4tqn2iFrv2PlRXrubxU5hN_oLOah0yXCd8io&sig=Cg0ArKJSzJsA8GItx3ivEAE&id=lidar2&mcvt=1001&p=942,475,1192,775&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=769964902&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662933237127&rpt=346&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4D57 42 B
64 B 143ms
71ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZBoz6szFM_SnbPys-DuLMgoU77YMZ-ZqSfifv74C-t6A7zs3grl_VPYvjKxFnEPVzY9wjj-M9ItvdeJJ2Cb2sXc0D&sig=Cg0ArKJSzLxYpNe6MuXsEAE&id=lidar2&mcvt=1008&p=83,315,333,1285&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3076446341&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662933236866&rpt=600&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 track
data.begrowth.com.br/v1/ Frame 0
0 99ms
98ms Preflight 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://utua.com.br
access-control-max-age: 900
content-length: 0
date: Sun, 11 Sep 2022 21:54:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
data.begrowth.com.br/v1/ 2 B
199 B 110ms
110ms XHR
text/plain 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
Authorization: Basic MjZhQldHSDJwUld2TUhpQUZiWjQ3Y2t1UlVGOg==
AnonymousId: MzYwYTMxNDgtMGJhYS00NzcwLWIxMjEtZTBkMjc3NzgwNWUz
Content-Type: application/json

Response headers

access-control-allow-origin: https://utua.com.br
date: Sun, 11 Sep 2022 21:54:02 GMT
access-control-allow-credentials: true
vary: Origin
content-length: 2
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 track
data.begrowth.com.br/v1/ Frame 0
0 98ms
98ms Preflight 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://utua.com.br
access-control-max-age: 900
content-length: 0
date: Sun, 11 Sep 2022 21:54:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
data.begrowth.com.br/v1/ 2 B
199 B 118ms
118ms XHR
text/plain 52.1.196.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://data.begrowth.com.br/v1/track

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.1.196.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-196-189.compute-1.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
Authorization: Basic MjZhQldHSDJwUld2TUhpQUZiWjQ3Y2t1UlVGOg==
AnonymousId: MzYwYTMxNDgtMGJhYS00NzcwLWIxMjEtZTBkMjc3NzgwNWUz
Content-Type: application/json

Response headers

access-control-allow-origin: https://utua.com.br
date: Sun, 11 Sep 2022 21:54:02 GMT
access-control-allow-credentials: true
vary: Origin
content-length: 2
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=utf-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090601&jk=760680257519951&bg=!R0SlRADNAAZTikH4c4o7ACkAdvg8WvzpOX2-UEVIITzsUBaTajqfxxEgFzuWKldZdTYv8qE3FW8kgAIAAACCUgAAAAJoAQcKAElRbe6a-5F3yf3DnYw011Zg2Vp3adKvV85gKMfSx6BGsm_cQ5mNk6MRxpS_GToMPH0bXvnu1ibJZLsiyMm4cag5LYi0HM1Awb88mQLgiu3XF8oIjR998TBwO1WODzCOUMTabu3xXy6zN99iyr4iH7-Tmu5Yf5VC98JbqaNeJYsKzC-qZfZqfdWMwg-ZMLLwJq7gOIyB4Nium9xjDCWhjB2lHlqwHUCRLm6IwhrlPgePMOY3hVsFxloP0kjgSxvC-J7rxx6sbLPzXqxvzrY7iLQYz1ssz7x6nh-CkG0QBIcdtx05USkI8MAs9RF9G3alku5ebF6bcCi2Ftc9rEUmkZhAIX_3WQCpOjDESuv2DmPZEL6CTxbDbOIIHl7264zNK8I-na7Bx7aILS-biD3bFPZhgKvgcoI8jRk2SKiC1bn_Xyk029su9qwTn3YStUD4bkrYQjrh_I9YukCkL8JQZ1trYzUTz67cs6YrstsR5TZx7kkCqTagQRCBo6YDbJGo0b12p-9geQsZVNu7ErDkz2I2HxCWU9DyDbpLK0cEKbyBQCserDDuS__NUCzwmfNWlF1FbSPWq5mFwJzQyhB_RzXixkKyqSgnqEbgnpM_yOUyXFBG9-enVKPKoni2ZEXGZkjX873SSSGPNNBw36GSUDj-mUz4kElSTBWG1dicwN6QmWJ_ZAWg0HGYqmuxegigoRtsbYxcTTthLUBPPVVt2oIwpepP2MnajdSMWBOJo7AthBGR7WbDSgeygwgroLELN18GppDWDumCYY-rwWR4tyu3Bz2sReayFKt5zWeC450CwdFSA-8XmPGXjn20M0U-EQAH82c6l3S7NKm7sGcax9AD0OnA39A6Wvcwz3oOITvJAqZcP-VGWlDaFfh6Ro9RejfwtIeTAcv6NjKWN1aXiSNnv5kXzc_N9avj2IGvC7wINe24zS_KcJTzS27_RvpZ2EiYGWpLNB82m5E9CAPzDIviS8CCRZuRFdgN53xE3xDkQ_99o-YqXItwGn5YxkbrCCLT9UhIUs7HMGGiLj-FP0mZhjrtBeJxW9829h8pg_TShV2Afycswtl66rQVSA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 47ms
46ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1019481331&t=pageview&_s=1&dl=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&dr=%24direct&dp=%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&ul=en-us&de=UTF-8&dt=Pr%C3%A9stamo%20personal%20Banbajio%3A%20la%20forma%20m%C3%A1s%20r%C3%A1pida%20de%20obtener%20un%20cr%C3%A9dito%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=mx-utua-ct-email-emp&cs=clevertap&cm=email&ck=mx-utua-ct-email-emp-ag-231&cc=mx-utua-ct-email-emp-ag&_u=aChAAEIRAAAAAC~&jid=952681329&gjid=612860412&cid=220397642.1662933237&uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804&tid=UA-146231564-5&_gid=1615295364.1662933237&_r=1&_slc=1&z=1540866163

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1019481331&t=event&ni=0&_s=2&dl=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&dr=%24direct&dp=%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&ul=en-us&de=UTF-8&dt=Pr%C3%A9stamo%20personal%20Banbajio%3A%20la%20forma%20m%C3%A1s%20r%C3%A1pida%20de%20obtener%20un%20cr%C3%A9dito%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=mx-utua-ct-email-emp&cs=clevertap&cm=email&ck=mx-utua-ct-email-emp-ag-231&cc=mx-utua-ct-email-emp-ag&ec=emp&ea=slotResponseReceived&ev=0&_u=aChAAEIRAAAAAC~&jid=&gjid=&cid=220397642.1662933237&uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804&tid=UA-146231564-5&_gid=1615295364.1662933237&z=1534643922

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 06:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56149
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
39ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1019481331&t=event&ni=0&_s=3&dl=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&dr=%24direct&dp=%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&ul=en-us&de=UTF-8&dt=Pr%C3%A9stamo%20personal%20Banbajio%3A%20la%20forma%20m%C3%A1s%20r%C3%A1pida%20de%20obtener%20un%20cr%C3%A9dito%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=mx-utua-ct-email-emp&cs=clevertap&cm=email&ck=mx-utua-ct-email-emp-ag-231&cc=mx-utua-ct-email-emp-ag&ec=emp&ea=slotRenderEnded&ev=0&_u=aChAAEIRAAAAAC~&jid=&gjid=&cid=220397642.1662933237&uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804&tid=UA-146231564-5&_gid=1615295364.1662933237&z=894758180

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 06:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56149
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 43ms
40ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1019481331&t=event&ni=0&_s=4&dl=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&dr=%24direct&dp=%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&ul=en-us&de=UTF-8&dt=Pr%C3%A9stamo%20personal%20Banbajio%3A%20la%20forma%20m%C3%A1s%20r%C3%A1pida%20de%20obtener%20un%20cr%C3%A9dito%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=mx-utua-ct-email-emp&cs=clevertap&cm=email&ck=mx-utua-ct-email-emp-ag-231&cc=mx-utua-ct-email-emp-ag&ec=emp&ea=slotResponseReceived&ev=0&_u=aChAAEIRAAAAAC~&jid=&gjid=&cid=220397642.1662933237&uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804&tid=UA-146231564-5&_gid=1615295364.1662933237&z=367340364

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 06:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56149
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 44ms
41ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1019481331&t=event&ni=0&_s=5&dl=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&dr=%24direct&dp=%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&ul=en-us&de=UTF-8&dt=Pr%C3%A9stamo%20personal%20Banbajio%3A%20la%20forma%20m%C3%A1s%20r%C3%A1pida%20de%20obtener%20un%20cr%C3%A9dito%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=mx-utua-ct-email-emp&cs=clevertap&cm=email&ck=mx-utua-ct-email-emp-ag-231&cc=mx-utua-ct-email-emp-ag&ec=emp&ea=slotRenderEnded&ev=0&_u=aChAAEIRAAAAAC~&jid=&gjid=&cid=220397642.1662933237&uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804&tid=UA-146231564-5&_gid=1615295364.1662933237&z=1674304095

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 06:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56149
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 45ms
42ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1019481331&t=event&ni=0&_s=6&dl=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&dr=%24direct&dp=%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&ul=en-us&de=UTF-8&dt=Pr%C3%A9stamo%20personal%20Banbajio%3A%20la%20forma%20m%C3%A1s%20r%C3%A1pida%20de%20obtener%20un%20cr%C3%A9dito%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=mx-utua-ct-email-emp&cs=clevertap&cm=email&ck=mx-utua-ct-email-emp-ag-231&cc=mx-utua-ct-email-emp-ag&ec=emp&ea=slotResponseReceived&ev=0&_u=aChAAEIRAAAAAC~&jid=&gjid=&cid=220397642.1662933237&uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804&tid=UA-146231564-5&_gid=1615295364.1662933237&z=32165663

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 06:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56149
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 46ms
43ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1019481331&t=event&ni=0&_s=7&dl=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&dr=%24direct&dp=%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&ul=en-us&de=UTF-8&dt=Pr%C3%A9stamo%20personal%20Banbajio%3A%20la%20forma%20m%C3%A1s%20r%C3%A1pida%20de%20obtener%20un%20cr%C3%A9dito%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=mx-utua-ct-email-emp&cs=clevertap&cm=email&ck=mx-utua-ct-email-emp-ag-231&cc=mx-utua-ct-email-emp-ag&ec=emp&ea=slotRenderEnded&ev=0&_u=aChAAEIRAAAAAC~&jid=&gjid=&cid=220397642.1662933237&uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804&tid=UA-146231564-5&_gid=1615295364.1662933237&z=238121944

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 06:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56149
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 46ms
44ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1019481331&t=event&ni=0&_s=8&dl=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&dr=%24direct&dp=%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&ul=en-us&de=UTF-8&dt=Pr%C3%A9stamo%20personal%20Banbajio%3A%20la%20forma%20m%C3%A1s%20r%C3%A1pida%20de%20obtener%20un%20cr%C3%A9dito%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=mx-utua-ct-email-emp&cs=clevertap&cm=email&ck=mx-utua-ct-email-emp-ag-231&cc=mx-utua-ct-email-emp-ag&ec=emp&ea=impressionViewable&ev=0&_u=aChAAEIRAAAAAC~&jid=&gjid=&cid=220397642.1662933237&uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804&tid=UA-146231564-5&_gid=1615295364.1662933237&z=976826908

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 06:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56149
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
44ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1019481331&t=event&ni=0&_s=9&dl=https%3A%2F%2Futua.com.br%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&dr=%24direct&dp=%2Fmx-emp-banbajio-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dmx-utua-ct-email-emp%26utm_content%3Dmx-utua-ct-email-emp-ag%26utm_term%3Dmx-utua-ct-email-emp-ag-231&ul=en-us&de=UTF-8&dt=Pr%C3%A9stamo%20personal%20Banbajio%3A%20la%20forma%20m%C3%A1s%20r%C3%A1pida%20de%20obtener%20un%20cr%C3%A9dito%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=mx-utua-ct-email-emp&cs=clevertap&cm=email&ck=mx-utua-ct-email-emp-ag-231&cc=mx-utua-ct-email-emp-ag&ec=emp&ea=impressionViewable&ev=0&_u=aChAAEIRAAAAAC~&jid=&gjid=&cid=220397642.1662933237&uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804&tid=UA-146231564-5&_gid=1615295364.1662933237&z=2062883729

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 06:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56149
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 76ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-146231564-5&cid=220397642.1662933237&jid=952681329&uid=ecfd625d17fade6e273d200495ac5b4a37e2248117c552e91801bd35e40fe804&gjid=612860412&_gid=1615295364.1662933237&_u=aChAAEIQAAAAAC~&z=554854778

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 11 Sep 2022 21:54:02 GMT
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
47ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-146231564-5&cid=220397642.1662933237&jid=952681329&_u=aChAAEIQAAAAAC~&z=950245242

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 156ms
49ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-146231564-5&cid=220397642.1662933237&jid=952681329&_u=aChAAEIQAAAAAC~&z=950245242

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 4D57 35 B
503 B 21ms
20ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8114099312726144314@@38516434,1252258816195748752,100|1100|0|0|0|0|0|0|0||139|1|||||1|0|0|CVuB6iJtt1VX7EYoWZQhUbbZ2BkK2pYjCrFuhNcmIzlZ2qop8oQmBxhpnBRkvb3lA7z_uuw_WOM1||1|11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A2E2 35 B
503 B 22ms
21ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8114099312726144314@@38516438,3474313769958758898,100|1100|0|0|0|0|0|0|0||43|1|||||1|0|0|-4gYUTxBLLG48M5tcwHHbbbZ2BkK2pYjK3YhbpGxQv3rXBDMTb6yxxhpnBRkvb3lA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 21:54:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
utua.com.br/mx-emp-banbajio-p1	1970-01-20 05:56:59	Name: bg_location Value: %7B%22location%22%3A%7B%22country%22%3A%22DE%22%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22continent%22%3A%22EU%22%2C%22region%22%3A%22Hesse%22%2C%22regionCode%22%3A%22HE%22%2C%22timezone%22%3A%22Europe%2FBerlin%22%2C%22latitude%22%3A%2250.10490%22%2C%22longitude%22%3A%228.62950%22%7D%7D
.utua.com.br/	1970-01-20 13:07:33	Name: bg_anonymousId Value: 360a3148-0baa-4770-b121-e0d2777805e3
.utua.com.br/	1970-01-20 14:41:09	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX187cd9DkLCkX6WSPb8EtaifQVNqylRwhOs%3D
.utua.com.br/	1970-01-20 14:41:09	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX19MtFpitL0Kbg%2BGIgA3j2aH0a8jr1ZP8GA%3D
.utua.com.br/	1970-01-20 14:41:09	Name: rl_page_init_referrer Value: RudderEncrypt%3AU2FsdGVkX19wV6msydhjsXbxsITSvH2qKu1i0JcqVqQ%3D
.utua.com.br/	1970-01-20 14:41:09	Name: rl_page_init_referring_domain Value: RudderEncrypt%3AU2FsdGVkX19vv74Kw6cNMhVWT8Xu0MUVCoMzgU7QXCc%3D
.utua.com.br/	1970-01-20 14:41:09	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX19Vy2yLU4aRVZBYbVHq6x7LjlM7jAZ0TnYldfD%2FxhBe4Xgg%2B1yAcA9P9uThtuKamLjdDbxz476MRQ%3D%3D
.utua.com.br/	1970-01-20 15:31:33	Name: WZRK_G Value: 84bd2fdb844c4e809704774928e4b83a
.utua.com.br/	1970-01-20 05:55:34	Name: WZRK_S_8R5-66Z-RW6Z Value: %7B%22p%22%3A1%2C%22s%22%3A1662933240%2C%22t%22%3A1662933236%7D
.utua.com.br/	1970-01-20 05:55:35	Name: bg_sessionId Value: 08f10dce-74ea-4c04-95f4-31a2996c161a
.utua.com.br/	1970-01-20 14:41:09	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX19piKUCyIJxLlaAxFbQRl8yxq1UKIaSENrTNlNuvFo%2BbC3vqUMXZ5L2gKoPcMK9My0JjC7fENp0ofAUvssh1Pwj9%2BqMQ7OD8%2B9vArMbcdv5XeESsL8R2sF5
.utua.com.br/	1970-01-20 14:41:09	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX181aTsNRHIUk1VLQPLT3oC3mqavLDs6CP%2B%2Fed62unp%2FWxTFzcpXsWE6mI%2F5zLmuVBJ0s2flaSNiExkCAxl%2BBTdOBCzoMS2nbeV7Rlg0RKh8CxfWvFMboLWJ0y%2BNgvK0G4OOH2IbsdMobU%2BEIj2JB2iGpXheUr9j75HMAwirqqo7NMwrGW7bDvM29oBMG0vSCrqJIg78Ryi1WSmpCaqePvc0bGLisiglSONVZgvrQO0tn56CzPgh8EYPaF8k1kgJetaTwWrdLrXx7o%2BSA%2B2D%2F2E5uWXGP%2BZdxy%2BecCi4a63nwAGJYs6OU7N%2F4Hy2hB32acwR0Te%2F3UB3VQ%3D%3D
.utua.com.br/	1970-01-20 15:31:33	Name: _ga Value: GA1.3.220397642.1662933237
.utua.com.br/	1970-01-20 05:56:59	Name: _gid Value: GA1.3.1615295364.1662933237
.doubleclick.net/	1970-01-20 15:17:09	Name: IDE Value: AHWqTUnlyCH39C9o41Eoxlq6DcOEbcbRx7SoYWTeoWT9kpOyjWM5f1GtYGi8MJIgQWo
.adform.net/	1970-01-20 06:38:45	Name: C Value: 1
.doubleclick.net/	1970-01-20 05:55:34	Name: test_cookie Value: CheckForPermission
.utua.com.br/	1970-01-20 15:17:09	Name: __gads Value: ID=8d72fdedbad74555-224a60901cce0065:T=1662933240:S=ALNI_MbXDslqxbzeKShiX7250e-TBiCOoQ
.adform.net/	1970-01-20 07:22:00	Name: uid Value: 8114099312726144314
.adform.net/	1970-01-20 06:05:38	Name: TPC Value: 1662933240982
.utua.com.br/	1970-01-20 05:55:33	Name: _gat Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
adservice.google.com
adservice.google.de
api.rudderlabs.com
as.ad4m.at
assets.ad4m.at
assets.begrowth.com.br
bucket.utua.com.br
cdn.rudderlabs.com
cdnjs.cloudflare.com
csi.gstatic.com
d2r1yp2w7bby2u.cloudfront.net
d3rxaij56vjege.cloudfront.net
data.begrowth.com.br
e71ce0d92855365d55c531bac814e415.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
location.begrowth.com.br
magicads.utua.com.br
pagead2.googlesyndication.com
s1.adform.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
u26750888.ct.sendgrid.net
utua.com.br
wizrocketmail.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
wzrkt.com
13.224.189.11
13.224.194.181
13.225.78.88
142.250.185.162
167.89.118.35
2600:9000:20eb:3a00:16:a497:9700:93a1
2600:9000:20eb:4400:1e:3056:9b00:93a1
2600:9000:20eb:7600:9:fddd:fc40:93a1
2606:4700:10::6816:229
2606:4700:10::6816:329
2606:4700:20::681a:bd1
2606:4700:3037::ac43:bc23
2606:4700::6811:180e
2607:f8b0:4012:804::2003
2a00:1450:4001:800::2001
2a00:1450:4001:802::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:400c:c07::9b
37.157.2.249
37.157.4.25
52.1.196.189
012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
08e5de348e1242b00790f9a5e6159bf794049c447315377330e1204b1d7fbe1f
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce978a7907fdf3a7b393ff68e8c0c17703c7f2eae4772b4bdce769668118dda
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
0e5ecdc767dab401677a88743ed088fcae15b6670aa22ec28cad585cd5da876d
11e264078b65f7b787006eb9c316d9d92706a8e29e8c4ba3fd6ac37593257d67
175547677f37b034124b045e6fc6f2ddc253e03c6ae261df20217f99cd0d70b9
1db03e6f154c3d21ddc377c6089ea1e200d9e7ea52fa793d827d85cef115d4d4
1fc8da3113976195c28b7ea265caae032a2de95f16363f6c316c64e843347532
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e8d29be787661760607287f2addc2feefade6537e1447280d9f94733ba3ac0d
31f31ee3bea961cdb081adb0902356efcb2c08b744b0ae4fdb00fc480795f829
320354a0e7da3daf5c1608d8b971e5d17053a979836c74f5f0439207bd0a75fd
32c3f6db6f21ccdac1602281d3d4b876489550b7970fca91d8205d0d0b451af0
349405c2a3831fd7da43d8b62000a12c810cc40be467d86105d241d49462ed74
49a549c0595e8477f6d2f5cf125bc454f1ae26dbbd92a3efaf992aa16ab32b41
4c9792bcdbc162a494c34a806d36fe0cda555b443f784d59949d255bb94f33de
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6808e98c22003f91e778bf2188d616a2711377fa68726ca8bdc822cc8914a0be
691171b5764dfbadde30c21093afb347c83532080d764d8b1396a133f6828a00
713501520173bd17a3a17675d7c4cac65a1257a5d93bd6f3daaa28c202327a74
745365a66ede09d8fbdbc9cc93af6b1c5a9e78fa5ec7d36b57000b4db435d8da
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8620531ddf40f9b732bbf3674516f4bf32f209c5403380ff2d7d456a291ef770
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8a4103d605654affe513d99d1754f9b3c7cae058370f2b1b3813fcb278823b2b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cf9611934804f10ecdba4dff5679fdffa3cddd08783fd4d8afcef753917371e
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
91126d9dcc87df86749d1ef30440e3dd767e8ef44198039250ff679460d332be
9951fe6f113c0f855a8aeb5cdea863818fde99cb975f9429a58386e95e96e3c2
9a69dcd566deb9aa452447b8c0ab461f1a8194d91e96f44e9ea8cecba1549054
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a194158b2beeaa87a20e2ee945486a6a0955c257220833b8ee59f271ccc80321
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8455e6c36897c5127cf6924bc127886784a4cbe98d83f8890e771b5d9c527be
a9868ccb1023699102785a742e8f7a62f8ed1bcdd4533b729eb48aa294e8c1c0
aa5d245bf08bdcf4690bdee73132b0ffcd168064c66bdc192d1e82a3a2b3873b
acce8d1e47e808659891d8811a64419dd584488e62e93e2067c1f71fbba071ff
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b935581c44cbaec6101b5af8a87a6c6123bea5222b6c5b07fc69f305fe1675a0
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
bcaa2abb4fb59ca9390be17b12bd80c46f2214dd39f913b8fcf48a2f19628d0d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd5127d88d20bfc74fb94869e2026ddfbb9119934c6b441b12ed7762a948a702
bd54f7ed2d8e8fb2a338a288e4adcc3fa04756db4173c9c836a5fa6d6552a912
c812ddc9e475d3e65d68a6b3b589ce598a2a5babb7afc55477d59215c4a38a40
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
d20937010c67435d3383393bf397e00e1ed8ae2f19c1b2c49c7e80cbba5f51ec
d466a4b2b852286223f23f149a78587be16f7b24eb507fa9268bcccd6d60bc0d
d4c353a7ebd8d731c68747509285a0f47d39fc4afa62431e6248882e210c704b
daab218a2b188b28fe4a9d1472543aa76464330913f93cd56c830c2383940e9f
dbb03289a50e9a92ef3ceece0bd27a15e6fafc8010a807a685da337f61549a47
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec2d5f704f530c141a42502b8ae1f99cbf410a28a5f67c0b86fc655285fd32d0
ec93d00091cdbf7d40580b6119e8adeb7c9ef1e6601d67a61faaeaa6de5bc12d
edc2caf9a2793f9c84ca918a55a143c657dabf934bb11fa5d72c946024b6e408
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc29526cb408acb158b88ebbbfecd9312172fad0fe424979a48c8c5268a694b5

utua.com.br Open in urlscan Pro 2606:4700:10::6816:329 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

100 %HTTPS

70 %IPv6

18 Domains

33 Subdomains

26 IPs

4 Countries

988 kBTransfer

2562 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

utua.com.br Open in urlscan Pro
2606:4700:10::6816:329 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

100 %
HTTPS

70 %
IPv6

18
Domains

33
Subdomains

26
IPs

4
Countries

988 kB
Transfer

2562 kB
Size

21
Cookies

126 HTTP transactions
2 data transactions