utua.com.br Open in urlscan Pro
172.67.21.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://begrowth-gg-news-03.acemlnb.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532
Effective URL:
https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newslette...
Submission Tags: falconsandbox
Submission: On November 27 via api (November 27th 2020, 9:36:52 pm UTC) from US

Summary HTTP 152 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 23 domains to perform 152 HTTP transactions. The main IP is 172.67.21.27, located in United States and belongs to CLOUDFLARENET, US. The main domain is utua.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 25th 2020. Valid for: a year.

This is the only time utua.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.165.225.92 54.165.225.92	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700::68... 2606:4700::6811:576d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	172.67.21.27 172.67.21.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.215.43 143.204.215.43	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:cf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.89.204 13.224.89.204	16509 (AMAZON-02) (AMAZON-02)
2	54.230.237.114 54.230.237.114	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4 10	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1 8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 10	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
33	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:81e::2003	15169 (GOOGLE) (GOOGLE)
152	26

1 54.165.225.92 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-225-92.compute-1.amazonaws.com

begrowth-gg-news-03.acemlnb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:576d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

begrowth-gg-news-03.activehosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.67.21.27 (United States)

ASN13335 (CLOUDFLARENET, US)

utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bucket.utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-43.fra53.r.cloudfront.net

d2r1yp2w7bby2u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.204 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-204.zrh50.r.cloudfront.net

d3rxaij56vjege.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.237.114 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-237-114.ccu50.r.cloudfront.net

wzrkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c4b579b841b9b3d1ae3e18d26cb2590f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:81e::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com c4b579b841b9b3d1ae3e18d26cb2590f.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	39 KB
20	utua.com.br utua.com.br bucket.utua.com.br	240 KB
18	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	175 KB
17	ampproject.org cdn.ampproject.org	319 KB
14	google-analytics.com www.google-analytics.com	38 KB
12	gstatic.com fonts.gstatic.com csi.gstatic.com	84 KB
11	google.com 4 redirects www.google.com adservice.google.com	2 KB
8	facebook.com 1 redirects www.facebook.com	2 KB
6	navdmp.com tag.navdmp.com usr.navdmp.com cdn.navdmp.com sync2.navdmp.com sync.navdmp.com	5 KB
5	google.de www.google.de	855 B
5	googletagmanager.com www.googletagmanager.com	39 KB
4	googleapis.com fonts.googleapis.com	3 KB
2	googleadservices.com www.googleadservices.com	13 KB
2	wzrkt.com wzrkt.com	2 KB
2	cloudfront.net d2r1yp2w7bby2u.cloudfront.net d3rxaij56vjege.cloudfront.net	17 KB
2	facebook.net connect.facebook.net	92 KB
1	atdmt.com cx.atdmt.com	457 B
1	yahoo.com cms.analytics.yahoo.com
1	mathtag.com 1 redirects pixel.mathtag.com	565 B
1	google.be adservice.google.be	803 B
1	cloudflare.com cdnjs.cloudflare.com	11 KB
1	activehosted.com 1 redirects begrowth-gg-news-03.activehosted.com	917 B
1	acemlnb.com 1 redirects begrowth-gg-news-03.acemlnb.com	209 B
152	23

	Domain	Requested by
17	cdn.ampproject.org	securepubads.g.doubleclick.net cdn.ampproject.org
16	tpc.googlesyndication.com	utua.com.br securepubads.g.doubleclick.net tpc.googlesyndication.com cdn.ampproject.org
16	utua.com.br	utua.com.br
14	www.google-analytics.com	utua.com.br www.google-analytics.com www.googletagmanager.com
10	www.google.com	4 redirects utua.com.br
9	securepubads.g.doubleclick.net	utua.com.br securepubads.g.doubleclick.net
8	www.facebook.com	1 redirects utua.com.br connect.facebook.net
8	fonts.gstatic.com	fonts.googleapis.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
5	www.google.de	utua.com.br
5	www.googletagmanager.com	utua.com.br
4	csi.gstatic.com	cdn.ampproject.org securepubads.g.doubleclick.net
4	googleads.g.doubleclick.net	1 redirects utua.com.br
4	stats.g.doubleclick.net	www.google-analytics.com
4	bucket.utua.com.br	utua.com.br
4	fonts.googleapis.com	utua.com.br securepubads.g.doubleclick.net
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	wzrkt.com	d2r1yp2w7bby2u.cloudfront.net
2	tag.navdmp.com	utua.com.br tag.navdmp.com
2	connect.facebook.net	utua.com.br connect.facebook.net
1	cx.atdmt.com
1	cms.analytics.yahoo.com	utua.com.br
1	sync.navdmp.com	utua.com.br
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	utua.com.br
1	cm.g.doubleclick.net	1 redirects
1	cdn.navdmp.com	tag.navdmp.com
1	c4b579b841b9b3d1ae3e18d26cb2590f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	usr.navdmp.com	tag.navdmp.com
1	d3rxaij56vjege.cloudfront.net	utua.com.br
1	d2r1yp2w7bby2u.cloudfront.net	utua.com.br
1	cdnjs.cloudflare.com	utua.com.br
1	begrowth-gg-news-03.activehosted.com	1 redirects
1	begrowth-gg-news-03.acemlnb.com	1 redirects
152	36

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-25` - `2021-08-25`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
wzrkt.com Amazon	`2020-05-19` - `2021-06-19`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.be GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-10-10` - `2021-01-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Frame ID: 7AAB4F85FBE8DA57CFBC66868D670C2D
Requests: 93 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 5FE2DB589661D8A9C5A0F0DF76799B11
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: D9C5E04AE64D158EDBD36DA32227BFF6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: E4A56A9586A2DD7869FD971A85F690D9
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 85BB47CDFB816D963D4B548A6115CB10
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://begrowth-gg-news-03.acemlnb.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532 HTTP 301
https://begrowth-gg-news-03.activehosted.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532 HTTP 302
https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&ut... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /tag\.navdmp\.com/i

Page Statistics

152
Requests

97 %
HTTPS

68 %
IPv6

23
Domains

36
Subdomains

26
IPs

7
Countries

1080 kB
Transfer

3203 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://begrowth-gg-news-03.acemlnb.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532 HTTP 301
https://begrowth-gg-news-03.activehosted.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532 HTTP 302
https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/711557820/?random=13050262&cv=9&fst=*&num=1&value=0&label=Qo3XCPb07swBELyFptMC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https://utua.com.br/cartao-de-credito-picpay-card/%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&tiba=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=T3HBX9CGEdrd7_UPpKipmAk&sscte=1&crd=&eitems=ChAIgOSC_gUQ-PTm8a-Bw6YMEh0ACBD_nqoSFBpqhrPr_k2KpJb2kBFa16a7WMutlw HTTP 302
https://www.google.com/pagead/1p-conversion/711557820/?random=13050262&cv=9&fst=*&num=1&value=0&label=Qo3XCPb07swBELyFptMC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https://utua.com.br/cartao-de-credito-picpay-card/%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&tiba=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=T3HBX9CGEdrd7_UPpKipmAk&eitems=ChAIgOSC_gUQ-PTm8a-Bw6YMEh0ACBD_nn85vZSiS7Il55lfl-_rRUQHsWT7Uik9zA&random=1137694406&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/711557820/?random=13050262&cv=9&fst=*&num=1&value=0&label=Qo3XCPb07swBELyFptMC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https://utua.com.br/cartao-de-credito-picpay-card/%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&tiba=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=T3HBX9CGEdrd7_UPpKipmAk&eitems=ChAIgOSC_gUQ-PTm8a-Bw6YMEh0ACBD_nn85vZSiS7Il55lfl-_rRUQHsWT7Uik9zA&random=1137694406&resp=GooglemKTybQhCsO&ipr=y

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=55694612943 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=55694612943&google_gid=CAESECc2bjq7K05n_pbuw7__Fpo&google_cver=1

Request Chain 63

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=7cec5fc1-714f-4e00-b1e1-410482b5a8f9

Request Chain 67

https://www.facebook.com/tr/?id=261573414841719&ev=ViewCartao%2025&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&rl=&if=false&ts=1606512975858&cd[value]=0.01&cd[currency]=BRL&cd[content_name]=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&sw=1600&sh=1200&v=2.9.29&r=stable&ec=7&o=30&fbp=fb.2.1606512975231.1751213563&it=1606512975151&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=5660901942633964842&f=AYwkZV_Znj5l7iuaoLIyJlzfEEquZ3FglWcYZsCwYaIY-zd6Xjob-XZh33Pjz2rafJLJOVdg2xym3QOZEfBzB8LW&id=261573414841719&l=3&v=0

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 125

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 143

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

152 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
utua.com.br/cartao-de-credito-picpay-card/
Redirect Chain

https://begrowth-gg-news-03.acemlnb.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532
https://begrowth-gg-news-03.activehosted.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532
https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhm...

102 KB
27 KB

472ms
386ms

Document
text/html

172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fb38dfe05706f1245c777f0fb5b67f9258519bc23113b12a419e912e600e195

Request headers

:method: GET
:authority: utua.com.br
:scheme: https
:path: /cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:14 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=daca878c054151e566aa47d94eccebce91606512974; expires=Sun, 27-Dec-20 21:36:14 GMT; path=/; domain=.utua.com.br; HttpOnly; SameSite=Lax; Secure
link: <https://utua.com.br/wp-json/>; rel="https://api.w.org/" <https://utua.com.br/wp-json/wp/v2/posts/3911>; rel="alternate"; type="application/json" <https://utua.com.br/?p=3911>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: MISS
cf-request-id: 06ad3bb24f00000c213bb42000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f8efbca1ea10c21-AMS
content-encoding: br

Redirect headers

date: Fri, 27 Nov 2020 21:36:14 GMT
content-type: text/html; charset=UTF-8
content-length: 0
set-cookie: __cfduid=d16ada46608958ba6e9585c2818fc5dfb1606512973; expires=Sun, 27-Dec-20 21:36:13 GMT; path=/; domain=.activehosted.com; HttpOnly; SameSite=Lax PHPSESSID=a4ac2e7453b921b9f9ae6d0ca2b7bb4f; path=/; secure; HttpOnly em_acp_globalauth_cookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.begrowth-gg-news-03.activehosted.com em_acp_globalauth_cookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.begrowth-gg-news-03.activehosted.com em_acp_globalauth_cookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.begrowth-gg-news-03.activehosted.com cmp26415370=775281d0f753b00a1b581140250e065c; expires=Sun, 27-Dec-2020 21:36:14 GMT; Max-Age=2592000; path=/ em_acp_globalauth_cookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.begrowth-gg-news-03.activehosted.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-request-id: cd208bf4767d6a4456f9c875c6e04f65
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
location: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
cf-cache-status: DYNAMIC
cf-request-id: 06ad3bb0a000000610698db000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f8efbc76d7e0610-FRA

GET
H2 200 style.min.css
utua.com.br/wp-includes/css/dist/block-library/ 53 KB
7 KB 56ms
54ms Stylesheet
text/css 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
age: 636937
etag: W/"d293-5b20e016f7534-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-ray: 5f8efbccbc460c21-AMS
cf-request-id: 06ad3bb3f300000c217b18a000000001

GET
H2 200 ai-aos.css
utua.com.br/wp-content/plugins/ad-inserter-pro/includes/aos/ 33 KB
2 KB 55ms
53ms Stylesheet
text/css 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/plugins/ad-inserter-pro/includes/aos/ai-aos.css?ver=2.6.17
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 522cc4ddf3c2daf42d71bd1ce57b9bd0c118068c0b4e363ebcb438f48dab7c0a

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Nov 2020 13:45:26 GMT
server: cloudflare
age: 636937
etag: W/"85c7-5b334134136a1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-ray: 5f8efbccbc470c21-AMS
cf-request-id: 06ad3bb3f300000c21159cf000000001

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 34ms
15ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40400%3B700&display=swap&ver=5.5.1

Requested by

Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

754fac4810074e8a762844e6929031a73054640d0a51e8428653762553e0a3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Nov 2020 21:03:22 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Fri, 27 Nov 2020 21:36:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 27 Nov 2020 21:36:14 GMT

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 69 KB
11 KB 58ms
45ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css?ver=5.5.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 643087
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 10277
cf-request-id: 06ad3bb3e2000007469e32e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
etag: "5eb03e60-1137b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1fziPiwyuW%2Fa8S70os8T%2Fgabqhy0rX%2BzTpPw8U2YPn%2F9ZETAB%2FFuCwF8erjNqiVFy1t5kb6dxtxCJLpUIKzhCctseIo86xweyVKhwuCPb893B9iksvtSL2rAViISQm6HCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f8efbcc99910746-FRA
expires: Wed, 17 Nov 2021 21:36:14 GMT

GET
H2 200 style.css
utua.com.br/wp-content/themes/clean-n-beauty-theme/ 65 KB
11 KB 181ms
180ms Stylesheet
text/css 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style.css?ver=27112020183614
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6ba33197a7c01fc95a40a0d9aab1bcaa16db1fcf6419d33a26ac7bc6a2c4491

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
etag: W/"1051a-5b20e016ddef4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-ray: 5f8efbccbc490c21-AMS
cf-request-id: 06ad3bb3f300000c2141076000000001

GET
H2 200 style-mobile.css
utua.com.br/wp-content/themes/clean-n-beauty-theme/ 15 KB
3 KB 179ms
178ms Stylesheet
text/css 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style-mobile.css?ver=27112020183614
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d907e119beb5818bc2ca905f61e640cdddc2d0019fd4e131214cab21d4c73504

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
etag: W/"3b1a-5b20e016ddef4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-ray: 5f8efbccbc4a0c21-AMS
cf-request-id: 06ad3bb3f300000c21359e7000000001

GET
H2 200 jquery.js Show response
utua.com.br/wp-includes/js/jquery/ 95 KB
32 KB 203ms
202ms Script
application/javascript 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
etag: W/"17a69-5b20e016f55f4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5f8efbccbc4b0c21-AMS
cf-request-id: 06ad3bb3f300000c211217e000000001

GET
H2 200 set_utm_cookie.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 1 KB
661 B 52ms
51ms Script
application/javascript 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/set_utm_cookie.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52616fa6d9f0a07909c0cf493b1e0ba2e51a59dd369bd49880ab1e946c9caebf

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Nov 2020 15:41:42 GMT
server: cloudflare
age: 636937
etag: W/"5da-5b335b30e776c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5f8efbccbc4c0c21-AMS
cf-request-id: 06ad3bb3f400000c2110925000000001

GET
H2 200 set_navegg.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 182 KB
32 KB 62ms
61ms Script
application/javascript 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/set_navegg.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495d02e4259b643fed520ef17885510f0ead8649c3e516530aca33b76c442262

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Nov 2020 01:28:00 GMT
server: cloudflare
age: 636937
etag: W/"2d663-5b33de3d93832-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5f8efbccbc4d0c21-AMS
cf-request-id: 06ad3bb3f400000c213bb68000000001

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
18 KB 111ms
55ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

0cfd4cfe13e8111907d03b1efd5dff9bf2a8102005d03ab0046ad2b858668794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "707 / 818 of 1000 / last-modified: 1606134076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18520
x-xss-protection: 0
expires: Fri, 27 Nov 2020 21:36:15 GMT

GET
H2 200 ad_refresher.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 4 KB
1 KB 54ms
53ms Script
application/javascript 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ad_refresher.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9c612e6809cb99fd4ac4a9db4ad7237baf07d51cbac8003c87ce1648af19b12

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 06 Nov 2020 01:14:11 GMT
server: cloudflare
age: 636937
etag: W/"f1c-5b365ee16ae98-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5f8efbccbc4e0c21-AMS
cf-request-id: 06ad3bb3f400000c214180b000000001

GET
H2 200 73f8e752-utua-brand-negative.png
bucket.utua.com.br/img/2020/10/ 3 KB
4 KB 45ms
25ms Image
image/png 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2020/10/73f8e752-utua-brand-negative.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e238b64a7d929fbae156932c23a33fa6d961aee4aa1e9249598bb7b79177728

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
cf-cache-status: HIT
age: 34154
cf-polished: origSize=6467
x-guploader-uploadid: ABg5-Uz1S4jUepm3eRjFL9fTjlCmlW5I2r8Pee-YlKr1y-1YjR52l_h1QOq_Jgd5NtpVdpB1gyoeS_3ty_IPAgMV07ZVBd7lEg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 7485
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 3435
cf-request-id: 06ad3bb4cb00000c2149116000000001
x-goog-meta-height: 320
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Fri, 27 Nov 2020 22:07:01 GMT
last-modified: Fri, 16 Oct 2020 19:20:43 GMT
server: cloudflare
etag: "ca2a084e1091ac50c6797966ca8d3570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=BHhppw==, md5=yioIThCRrFDGeXlmyo01cA==
x-goog-generation: 1602876043559076
x-goog-meta-width: 320
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: 71f5734979c366750733445f7741b725
x-goog-stored-content-length: 6467
accept-ranges: bytes
cf-ray: 5f8efbce1fa00c21-AMS
x-goog-meta-size: __full
cf-bgj: imgq:100,h2pri

GET
H2 200 favicon.png
bucket.utua.com.br/img/2020/06/ 1 KB
2 KB 57ms
36ms Image
image/png 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2020/06/favicon.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8548716c2e789a4b3a7f57a8580bce2b0151049e44e3ea9c3c897a55a1f62760

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
cf-cache-status: HIT
age: 18206
cf-polished: origSize=2265
x-guploader-uploadid: ABg5-Uy98MPXDdpNeTO4GPbho7PaUYzY_LiR6qOyYly3Hf07D7HfFqmchHac7hvYKJN7fpVI9REfD4lWOLbrX8tLBbnUOYBGIw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 4995
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1253
cf-request-id: 06ad3bb4cb00000c213aa10000000001
x-goog-meta-height: 48
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Sat, 28 Nov 2020 02:32:49 GMT
last-modified: Wed, 02 Sep 2020 04:20:43 GMT
server: cloudflare
etag: "18db365c9be38de804e1f7f6e2a11b5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=qw4bBg==, md5=GNs2XJvjjegE4ff24qEbWw==
x-goog-generation: 1599020443656115
x-goog-meta-width: 48
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: fea8663074d73f0f53ce4175e19afa09
x-goog-stored-content-length: 2265
accept-ranges: bytes
cf-ray: 5f8efbce1fa20c21-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 wp-emoji-release.min.js Show response
utua.com.br/wp-includes/js/ 14 KB
4 KB 29ms
27ms Script
application/javascript 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
age: 638700
etag: W/"37a6-5b20e016f6594-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5f8efbcdff6a0c21-AMS
cf-request-id: 06ad3bb4bb00000c216e0e6000000001

GET
H2 200 aos.js Show response
utua.com.br/wp-content/plugins/ad-inserter-pro/includes/aos/ 14 KB
4 KB 26ms
26ms Script
application/javascript 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/plugins/ad-inserter-pro/includes/aos/aos.js?ver=2.6.17
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8acb04628394993656dad11f23029fc6ad13cf90cfaa1f5df89150b2727684a9

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Nov 2020 13:45:26 GMT
server: cloudflare
age: 197080
etag: W/"37a4-5b334134136a1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5f8efbcdaec70c21-AMS
cf-request-id: 06ad3bb49000000c217b19c000000001

GET
H2 200 jquery.iframetracker.min.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 3 KB
1 KB 37ms
37ms Script
application/javascript 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/jquery.iframetracker.min.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5aa43dd663f0c19ce98c0e4975838ee36c04b4df81592f5189637742226d57

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
age: 197081
etag: W/"c73-5b20e016ddef4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5f8efbcddf380c21-AMS
cf-request-id: 06ad3bb4a900000c2177211000000001

GET
H2 200 custom.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 13 KB
4 KB 26ms
26ms Script
application/javascript 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/custom.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa5354ffd745a7473fe225230784b642c6a3df23ab79ee1345c1a5a2214f23c5

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
age: 636938
etag: W/"33ea-5b20e016ddef4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5f8efbcddf390c21-AMS
cf-request-id: 06ad3bb4a900000c2140944000000001

GET
H2 200 wp-embed.min.js Show response
utua.com.br/wp-includes/js/ 1 KB
772 B 29ms
27ms Script
application/javascript 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
age: 636938
etag: W/"59a-5b20e016f6594-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5f8efbcdff690c21-AMS
cf-request-id: 06ad3bb4bb00000c21130ea000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6384
date: Fri, 27 Nov 2020 19:49:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 27 Nov 2020 21:49:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
39 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ee3697943fd3f0d482d845e32b5eef928be9b277e27eacea47caeff65e30609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39656
x-xss-protection: 0
last-modified: Fri, 27 Nov 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Nov 2020 21:36:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23320
x-xss-protection: 0
pragma: public
x-fb-debug: 5PhGb/1pwyj46NFGW0Cwx346P9eustR4xVKYy09zLNoHgzXUji+HNMzmFmpxRMLcOwLWLGqRqyz91Pnr8o8Y2Q==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 27 Nov 2020 21:36:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK a.js Show response
d2r1yp2w7bby2u.cloudfront.net/js/ 44 KB
15 KB 80ms
27ms Script
application/javascript 143.204.215.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-43.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ca7d48017aea03b1f6b984584f5956140842cfdc329db1de675afb26c727cb9

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 27 Nov 2020 21:32:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 16 Sep 2020 17:31:27 GMT
Server: AmazonS3
Age: 237
ETag: "6aa00503df5c198c61e8c57e26496b20"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Cache-Control: max-age=1800, private
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: COnPZ8d2_HD8GHTZ_jGxhuou-y4-DVoiUPTN2T7E2ghXurqY14QJ0w==

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 8 KB
3 KB 34ms
16ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c23533b2dcb73c3435e60d435042b1ef7076f4ddce6af81b596c26e66e814e1

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2397
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 06ad3bb4c500001f2d1919b000000001
last-modified: Tue, 05 Feb 2019 21:24:03 GMT
server: cloudflare
etag: W/"5c59fef3-1f1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 5f8efbce0f7b1f2d-FRA
expires: Fri, 27 Nov 2020 21:56:18 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40400%3B700&display=swap&ver=5.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40400%3B700&display=swap&ver=5.5.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 296138
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 24 Nov 2021 11:20:37 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 20ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40400%3B700&display=swap&ver=5.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40400%3B700&display=swap&ver=5.5.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 11:20:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 296135
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Wed, 24 Nov 2021 11:20:40 GMT

GET
H2 200 fontawesome-webfont.woff
utua.com.br/wp-content/themes/clean-n-beauty-theme/css/fonts/ 82 KB
82 KB 34ms
34ms Font
font/woff 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/fonts/fontawesome-webfont.woff?v=4.5.0
Requested by: Host: utua.com.br
URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style.css?ver=27112020183614
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c812ddc9e475d3e65d68a6b3b589ce598a2a5babb7afc55477d59215c4a38a40

Request headers

Origin: https://utua.com.br
Referer: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style.css?ver=27112020183614
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
age: 197068
etag: "14684-5b20e016ddef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
accept-ranges: bytes
cf-ray: 5f8efbce0f8a0c21-AMS
content-length: 83588
cf-request-id: 06ad3bb4c500000c21159e4000000001

GET
H2 200 szilvia-basso-HptxPPct2d4-unsplash-1-e1589339648399-768x412.jpg
bucket.utua.com.br/img/2020/05/ 15 KB
16 KB 1189ms
1189ms Image
image/jpeg 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2020/05/szilvia-basso-HptxPPct2d4-unsplash-1-e1589339648399-768x412.jpg
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8f2cd2605b070d9e4ad0dd83281d81d22df899007e4c17e1da352f0adf7d243

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:16 GMT
cf-cache-status: MISS
cf-ray: 5f8efbce68600c21-AMS
x-guploader-uploadid: ABg5-Uwq5-PTWSpmYwancFjnSZvbB5QwilgqPbnXg7VDUxGUr0i4N1wvt6v_9HJCJ03VofX0rykR5QaA1N8-ZvzwkbY
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Wed, 02 Sep 2020 04:20:42 GMT
x-goog-stored-content-encoding: identity
content-length: 15810
cf-request-id: 06ad3bb50300000c217721b000000001
x-goog-meta-height: 412
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of: 3946
server: cloudflare
etag: "22d76253618867d63e97291dcdb6b236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=bHm+Yw==, md5=ItdiU2GIZ9Y+lykdzbayNg==
x-goog-generation: 1599020442361056
x-goog-meta-width: 768
cache-control: public, max-age=36000, must-revalidate
x-goog-stored-content-length: 15810
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 28 Nov 2020 07:36:15 GMT

GET
H2 200 Esseartigotemcomointuitobeneficiarquemest%C3%A1nabuscadeumempr%C3%A9stimocomgarantiaedesejasabermaisinforma%C3%A7%C3%B5es1_optimized-1.png
bucket.utua.com.br/img/2019/12/ 4 KB
5 KB 287ms
286ms Image
image/png 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2019/12/Esseartigotemcomointuitobeneficiarquemest%C3%A1nabuscadeumempr%C3%A9stimocomgarantiaedesejasabermaisinforma%C3%A7%C3%B5es1_optimized-1.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 280be8ab011ce8edf330df7ddf55b326739281943a51d7786f416685a86c7014

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=5243
x-guploader-uploadid: ABg5-UwtrUYGdPVzmc4fQ4krD-neNrZDUHwWeScwA719YIfsd9dBu-iIVf_atL5yZYpMkBkZhuCZO1xMYex03Xc5wzc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 1475
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 4603
cf-request-id: 06ad3bb50400000c21159e9000000001
x-goog-meta-height: 533
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Sat, 28 Nov 2020 07:36:15 GMT
last-modified: Wed, 02 Sep 2020 04:20:27 GMT
server: cloudflare
etag: "95122e94b6aee3480b99960b93e80a8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=3Ir+Qg==, md5=lRIulLau40gLmZYLk+gKjQ==
x-goog-generation: 1599020427294952
x-goog-meta-width: 800
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: 8ffc37bc3fac90093f3717b25338422b
x-goog-stored-content-length: 5243
accept-ranges: bytes
cf-ray: 5f8efbce68610c21-AMS
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK serialize.min.js Show response
d3rxaij56vjege.cloudfront.net/form-serialize/0.3/ 1 KB
2 KB 109ms
35ms Script
application/javascript 13.224.89.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rxaij56vjege.cloudfront.net/form-serialize/0.3/serialize.min.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-204.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd5127d88d20bfc74fb94869e2026ddfbb9119934c6b441b12ed7762a948a702

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 21:44:20 GMT
Via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
Last-Modified: Mon, 02 Nov 2015 22:04:54 GMT
Server: AmazonS3
Age: 85916
ETag: "7d3e5f83849d8d66381fd41ac97eb5a1"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 1197
X-Amz-Cf-Id: wSpohHID94Y5ihku7MBuoCMYUcIFF5z5C0CVDCMEjPaeozhhv2hs9g==

GET
H2 200 child_units.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 3 KB
1 KB 23ms
23ms Script
application/javascript 172.67.21.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/child_units.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d95c3a87d599e84e498f259f85d36051a6233b037e8ccf99c657051f3f81b28

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Nov 2020 23:57:13 GMT
server: cloudflare
age: 554818
etag: W/"d6a-5b3b5523f05d5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5f8efbcea8e90c21-AMS
cf-request-id: 06ad3bb52600000c21159ed000000001

GET
H2 200 261573414841719 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/261573414841719?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eacbf8d1ccf3a574cc431100d30c3ccecae67f26bdb6ee6e6eed8417ef9d7f77

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: KQ8a8ol8eNGH1gQROKoNPg0grN0zn52QaGIWMIIgp/tx3fMLBv48qeOm2S5I8Zoe+9h1GdvSTi1VuICfQSk7BA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 27 Nov 2020 21:36:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 192342270
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=411111174&t=pageview&_s=1&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&ul=en-us&de=UTF-8&dt=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1289271974&gjid=262466744&cid=316293808.1606512975&uid=&tid=UA-77843728-30&_gid=152270665.1606512975&_r=1&_slc=1&cd1=&cd2=&cd3=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&z=910918988

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
27 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=411111174&t=pageview&_s=1&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&ul=en-us&de=UTF-8&dt=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=329321957&gjid=1860897304&cid=316293808.1606512975&uid=&tid=UA-146231564-5&_gid=152270665.1606512975&_r=1&_slc=1&cd1=&cd2=&cd3=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&z=143335008

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 70457 Show response
tag.navdmp.com/u/ 511 B
537 B 133ms
133ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/70457
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10f06361cc0f4a1b50b1d8aac2369959d5d0904043ca85371c72641deca7a1e3

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 29 Sep 2020 00:35:06 GMT
server: cloudflare
etag: W/"5f72813a-1ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 5f8efbcec8cd1f2d-FRA
content-type: application/javascript
cf-request-id: 06ad3bb54100001f2d268ed000000001
expires: Fri, 27 Nov 2020 22:36:15 GMT

GET
H/1.1 200
OK a Show response
wzrkt.com/ 290 B
748 B 672ms
320ms Script
text/javascript 54.230.237.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wzrkt.com/a?t=96&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIABwAlAKwBaAGxSAWhJEB1OSAJQA5ggCMXIAA%3D%3D&optOut=false&rn=1&i=1606512975&sn=0&r=1606512975175

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.230.237.114 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-237-114.ccu50.r.cloudfront.net

Software

Resource Hash

788f6621ed221fb591239858a0d3b1cb728a78e249f6d140fdd7a0982c5be6c2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 21:36:15 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: CCU50-C2
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding, User-Agent
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Via: 1.1 0955350518c2b6b9de47200fe8a193ae.cloudfront.net (CloudFront)
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: h5WmOzaYA13u5T1BJ-DO2xPqqzeUuTn8HJrUkIZlSK_SX6VyQSxUSA==
Expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-77843728-30&cid=316293808.1606512975&jid=1289271974&gjid=262466744&_gid=152270665.1606512975&_u=IEBAAEAAAAAAAC~&z=282191527

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 27 Nov 2020 21:36:15 GMT
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 32ms
31ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11761
x-xss-protection: 0
server: cafe
etag: 8854462785499610041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 27 Nov 2020 21:36:15 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
21 B 43ms
30ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-T48CH8D&cv=153&v=3&t=t&pid=1577670481&rv=b41&es=1&e=gtm.js&eid=1&tc=36&tr=1awct.1paused.1evl.1evl.1evl.1evl.1evl.1tl.1html.5html&ti=1awct.1paused.1evl.1evl.1evl.1evl.1evl.1tl.1html.1html&z=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
318 B 41ms
29ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-T48CH8D&cv=153&v=3&t=t&pid=1577670481&rv=b41&es=1&e=*&eid=2&tc=36&z=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020111701.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 100ms
68ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 09:43:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99766
x-xss-protection: 0
expires: Fri, 27 Nov 2020 21:36:15 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
421 B 40ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-146231564-5&cid=316293808.1606512975&jid=329321957&gjid=1860897304&_gid=152270665.1606512975&_u=IEDAAEABAAAAAC~&z=675464618

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 27 Nov 2020 21:36:15 GMT
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-77843728-30&cid=316293808.1606512975&jid=1289271974&_u=IEBAAEAAAAAAAC~&z=1897296092

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-77843728-30&cid=316293808.1606512975&jid=1289271974&_u=IEBAAEAAAAAAAC~&z=1897296092

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
260 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261573414841719&ev=PageView&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&rl=&if=false&ts=1606512975260&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.2.1606512975231.1751213563&it=1606512975151&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 27 Nov 2020 21:36:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261573414841719&ev=src_activecampaign&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&rl=&if=false&ts=1606512975261&sw=1600&sh=1200&v=2.9.29&r=stable&ec=1&o=30&fbp=fb.2.1606512975231.1751213563&it=1606512975151&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 27 Nov 2020 21:36:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261573414841719&ev=md_email&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&rl=&if=false&ts=1606512975262&sw=1600&sh=1200&v=2.9.29&r=stable&ec=2&o=30&fbp=fb.2.1606512975231.1751213563&it=1606512975151&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 27 Nov 2020 21:36:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261573414841719&ev=cp_newsletters&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&rl=&if=false&ts=1606512975263&sw=1600&sh=1200&v=2.9.29&r=stable&ec=3&o=30&fbp=fb.2.1606512975231.1751213563&it=1606512975151&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 27 Nov 2020 21:36:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261573414841719&ev=ct_cartao-de-credito&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&rl=&if=false&ts=1606512975264&sw=1600&sh=1200&v=2.9.29&r=stable&ec=4&o=30&fbp=fb.2.1606512975231.1751213563&it=1606512975151&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 27 Nov 2020 21:36:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261573414841719&ev=tm_gg-news-03-0063&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&rl=&if=false&ts=1606512975265&sw=1600&sh=1200&v=2.9.29&r=stable&ec=5&o=30&fbp=fb.2.1606512975231.1751213563&it=1606512975151&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 27 Nov 2020 21:36:15 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 58ms
44ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-146231564-5&cid=316293808.1606512975&jid=329321957&_u=IEDAAEABAAAAAC~&z=675739102

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 58ms
44ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-146231564-5&cid=316293808.1606512975&jid=329321957&_u=IEDAAEABAAAAAC~&z=675739102

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/711557820/ 2 KB
2 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/711557820/?random=1606512975269&cv=9&fst=1606512975269&num=1&value=0&label=Qo3XCPb07swBELyFptMC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&tiba=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e013cb6b36461b253a82a514bea7b30938bdf85a6b113e3c2bc672e41901321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/711557820/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/711557820/?random=13050262&cv=9&fst=*&num=1&value=0&label=Qo3XCPb07swBELyFptMC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=...
https://www.google.com/pagead/1p-conversion/711557820/?random=13050262&cv=9&fst=*&num=1&value=0&label=Qo3XCPb07swBELyFptMC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=2...
https://www.google.de/pagead/1p-conversion/711557820/?random=13050262&cv=9&fst=*&num=1&value=0&label=Qo3XCPb07swBELyFptMC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24...

42 B
112 B

22ms
22ms

Image
image/gif

2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/711557820/?random=13050262&cv=9&fst=*&num=1&value=0&label=Qo3XCPb07swBELyFptMC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https://utua.com.br/cartao-de-credito-picpay-card/%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&tiba=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=T3HBX9CGEdrd7_UPpKipmAk&eitems=ChAIgOSC_gUQ-PTm8a-Bw6YMEh0ACBD_nn85vZSiS7Il55lfl-_rRUQHsWT7Uik9zA&random=1137694406&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/711557820/?random=13050262&cv=9&fst=*&num=1&value=0&label=Qo3XCPb07swBELyFptMC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https://utua.com.br/cartao-de-credito-picpay-card/%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&tiba=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=T3HBX9CGEdrd7_UPpKipmAk&eitems=ChAIgOSC_gUQ-PTm8a-Bw6YMEh0ACBD_nn85vZSiS7Il55lfl-_rRUQHsWT7Uik9zA&random=1137694406&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 358 B
456 B 141ms
140ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=9&acc=70457&u=1&new=1&wst=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569a58d4a6fbc017e42ae280b4e9c0172cfeb1d362e49009fadeb890151f9a42

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5f8efbcfaae51f2d-FRA
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
cf-request-id: 06ad3bb5ca00001f2d79118000000001
expires: Fri, 27 Nov 2020 22:36:15 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 109 B
803 B 61ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 37ms
16ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ 52 KB
20 KB 23ms
23ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

f2c54508e244fad6d1019ab0484369bb6712eb1d7b09ee97f9f2a742b72b707e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 20:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2542
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20658
x-xss-protection: 0
server: cafe
etag: 3049979879964453995
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 27 Nov 2020 21:53:53 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
12 KB 1085ms
1083ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2704853528771972&correlator=3882528663832832&output=ldjh&impl=fif&eid=21068727%2C21068418%2C21066613%2C21066614&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201127&iu_parts=21862753527%2Cutua_desk_sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600%7C300x600&cust_params=pageurl%3D%252Fcartao-de-credito-picpay-card%252F%26request_uri%3D%252Fcartao-de-credito-picpay-card%252F%26utm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26placement%3Ddirect%26keyword%3Ddirect&cookie_enabled=1&bc=31&abxe=1&lmt=1606512975&dt=1606512975393&dlt=1606512974795&idt=574&frm=20&biw=1600&bih=1200&oid=3&adxs=1030&adys=546&adks=228666452&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&dssz=49&icsg=68636159999&std=0&rumc=2704853528771972&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=328x610&msz=328x600&ga_vid=316293808.1606512975&ga_sid=1606512975&ga_hid=411111174&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

597432a68cfa8b7b6d37e45bd0dbc0984001f62525d2eb4c3d9208b566ba92e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11745
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c4b579b841b9b3d1ae3e18d26cb2590f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 46ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c4b579b841b9b3d1ae3e18d26cb2590f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
12 KB 571ms
571ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2704853528771972&correlator=3882528663832832&output=ldjh&impl=fif&eid=21068727%2C21068418%2C21066613%2C21066614&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201127&iu_parts=21862753527%2Cutua_desk_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90%7C970x90&cust_params=pageurl%3D%252Fcartao-de-credito-picpay-card%252F%26request_uri%3D%252Fcartao-de-credito-picpay-card%252F%26utm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26placement%3Ddirect%26keyword%3Ddirect&cookie_enabled=1&bc=31&abxe=1&lmt=1606512975&dt=1606512975403&dlt=1606512974795&idt=574&frm=20&biw=1600&bih=1200&oid=3&adxs=250&adys=83&adks=3076446341&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&dssz=49&icsg=68636159999&std=0&rumc=2704853528771972&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1100x260&msz=1100x250&ga_vid=316293808.1606512975&ga_sid=1606512975&ga_hid=411111174&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e50e5177a952c38c922793c25e931ef5075d3b4e72270a5416530f6deb33b3dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12206
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
12 KB 823ms
822ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2704853528771972&correlator=3882528663832832&output=ldjh&impl=fif&eid=21068727%2C21068418%2C21066613%2C21066614&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201127&iu_parts=21862753527%2Cutua_desk_content&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C480x320%7C336x280&cust_params=pageurl%3D%252Fcartao-de-credito-picpay-card%252F%26request_uri%3D%252Fcartao-de-credito-picpay-card%252F%26utm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26placement%3Ddirect%26keyword%3Ddirect&cookie_enabled=1&bc=31&abxe=1&lmt=1606512975&dt=1606512975406&dlt=1606512974795&idt=574&frm=20&biw=1600&bih=1200&oid=3&adxs=260&adys=894&adks=3494684567&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&dssz=49&icsg=68636159999&std=0&rumc=2704853528771972&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x250&msz=730x250&ga_vid=316293808.1606512975&ga_sid=1606512975&ga_hid=411111174&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

767ff27e4b254ebd7e5217776d4e314141eb3909cb28d8443fa2deb8b8822e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12463
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
104 B 132ms
131ms Script
application/x-javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=9&id=cf7a859cf26dbc76daee489b809%7C0&acc=70457&tit=Conhe%25E7a%2520o%2520Picpay%2520Card%2520e%2520aproveite%2520seus%2520benef%25EDcios%2521%2520-%2520Utua&upd=1&new=1&h1=Conhe%25E7a%2520o%2520Picpay%2520Card%2520e%2520aproveite%2520seus%2520benef%25EDcios%2521
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 5f8efbd08ca91f2d-FRA
content-length: 6
cf-request-id: 06ad3bb65900001f2d79123000000001

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=55694612943
https://sync2.navdmp.com/sync?prtid=2&id=55694612943&google_gid=CAESECc2bjq7K05n_pbuw7__Fpo&google_cver=1

7 B
105 B

143ms
134ms

Script
application/x-javascript

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=55694612943&google_gid=CAESECc2bjq7K05n_pbuw7__Fpo&google_cver=1
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6185b9879d35631edaf4d3d17cb55266a18f822cf0c7d289b800adcd3ae87

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 5f8efbd0dd1b1f2d-FRA
cf-request-id: 06ad3bb68600001f2d6d2e6000000001

Redirect headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync2.navdmp.com/sync?prtid=2&id=55694612943&google_gid=CAESECc2bjq7K05n_pbuw7__Fpo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=7cec5fc1-714f-4e00-b1e1-410482b5a8f9

43 B
156 B

147ms
146ms

Image
image/gif

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=7cec5fc1-714f-4e00-b1e1-410482b5a8f9
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:15 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 5f8efbd11dcc1f2d-FRA
content-length: 43
cf-request-id: 06ad3bb6ae00001f2d7912c000000001

Redirect headers

Date: Fri, 27 Nov 2020 21:36:15 GMT
Server: MT3 3322 7ec6219 master zrh-pixel-x17
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://sync.navdmp.com/sync?img=1&mdia=7cec5fc1-714f-4e00-b1e1-410482b5a8f9
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 27 Nov 2020 21:36:14 GMT

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
0 35ms
34ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H2 200 /
www.facebook.com/tr/ 0
45 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBRdJefPTaypSHuNX

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 27 Nov 2020 21:36:15 GMT
content-type: text/plain
access-control-allow-origin: https://utua.com.br
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
692 B 33ms
13ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=utua.com.br&doc=complete&pg_h=4325&pg_w=1616&pg_hs=4325&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=261573414841719&ev=ViewCartao%2025&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%...
https://cx.atdmt.com/?c=5660901942633964842&f=AYwkZV_Znj5l7iuaoLIyJlzfEEquZ3FglWcYZsCwYaIY-zd6Xjob-XZh33Pjz2rafJLJOVdg2xym3QOZEfBzB8LW&id=261573414841719&l=3&v=0

43 B
457 B

49ms
35ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=5660901942633964842&f=AYwkZV_Znj5l7iuaoLIyJlzfEEquZ3FglWcYZsCwYaIY-zd6Xjob-XZh33Pjz2rafJLJOVdg2xym3QOZEfBzB8LW&id=261573414841719&l=3&v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
x-fb-debug: Bbzfd6bCJbdP5F2QKQyWP6t4/79YmT3w/BxqjkyClDLRzSKIn9X/K7e/kSqVT5tSL19ebx1ARpc4v9jne/Lnyg==
content-encoding: br
x-content-type-options: nosniff
date: Fri, 27 Nov 2020 13:36:15 PST
x-frame-options: DENY
content-type: image/gif
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
expires: Fri, 27 Nov 2020 13:36:15 PST

Redirect headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:15 GMT
server: proxygen-bolt
content-type: text/plain
location: https://cx.atdmt.com/?c=5660901942633964842&f=AYwkZV_Znj5l7iuaoLIyJlzfEEquZ3FglWcYZsCwYaIY-zd6Xjob-XZh33Pjz2rafJLJOVdg2xym3QOZEfBzB8LW&id=261573414841719&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=411111174&t=event&_s=2&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&ul=en-us&de=UTF-8&dt=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ViewContent%20%25&ea=ViewContent%2025&_u=KEDAAEABAAAAAC~&jid=&gjid=&cid=316293808.1606512975&uid=&tid=UA-77843728-30&_gid=152270665.1606512975&cd3=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&z=307514159

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 10:21:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40485
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=411111174&t=event&_s=2&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&ul=en-us&de=UTF-8&dt=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ViewContent%20%25&ea=ViewContent%2025&_u=KEDAAEABAAAAAC~&jid=&gjid=&cid=316293808.1606512975&uid=&tid=UA-146231564-5&_gid=152270665.1606512975&cd3=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&z=1491571779

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 10:21:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40485
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK a Show response
wzrkt.com/ 362 B
831 B 324ms
324ms Script
text/javascript 54.230.237.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wzrkt.com/a?t=96&type=page&d=N4IgrgziBcIIYGMAuBLAbgUwXAtgBzhQHMA7EAGnBxhAx0IBsLwEaSMB3CBjJJDAE5RKKACY0AHACUArAFoAbAoBacqQHUVzPERgBGSgh00AFnzwRoAeitgkYOADoEAexyOARgKvYBSOC5yohhyCAIYoihIgXgoRnAAnqFwAqJWAPx2OAD6EC5gAggYALyIqJjY%2BISkAGRZ2TgRKGA4xXSMdUg5lQTEJMXsXDx8ghCd3S4k%2FFPFvv6BwaHhkdHj2fwCrUREcoMQcgAMAMyHBwpHNWhELtkYJQBMHiYoAJIAsgCk9wBiANYuAEEABo4Ew4ABmABYXABNJAvCQAETwAA9RAAvX4ARQAcgwAJwAGSIohRynxeBI6MJUhhHyOiOY6mUUgA0tkAMIAt4ABRgoA4%2BBgB0oSAYrGgAG0ALoAX1lQAAA&rn=2&i=1606512975&sn=0&gc=d66b45c6774a412fa8a95ba02f66369c&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW06IHEA5ARwFMBzAZwEEAhGtTEAEwgBcq4AGLFgCx5YAbnACMWSF3jAABAF9m2FvgAcAJQCsAWgBsuhNvUB1A8zIdpvEACdL43d12axAJgCcAdk3ygAAA%3D%3D&r=1606512975865

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.230.237.114 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-237-114.ccu50.r.cloudfront.net

Software

Resource Hash

9bcc9ded833b83a7180a8b2d02826f3da719e8d79586c970b9858ce01b1b6b49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 21:36:16 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: CCU50-C2
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding, User-Agent
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Via: 1.1 0955350518c2b6b9de47200fe8a193ae.cloudfront.net (CloudFront)
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: eKv_ifZvKKtjBcgmcit6MVUfXcaw6gvelw0aCAz2GlOf0xOCPZ5Fsg==
Expires: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 5FE2 180 KB
50 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214276
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:05:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 5FE2 13 KB
5 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 189302
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:01:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 5FE2 90 KB
27 KB 33ms
10ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 213936
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:10:40 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 5FE2 3 KB
1 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 188201
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 5FE2 41 KB
14 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 188201
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 5FE2 4 KB
1 KB 43ms
30ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Nov 2020 21:11:00 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Fri, 27 Nov 2020 21:36:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 27 Nov 2020 21:36:16 GMT

GET
H2 200 13876947088642314343
tpc.googlesyndication.com/simgad/ Frame 5FE2 2 KB
3 KB 27ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13876947088642314343?w=300&h=300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd41bd4393b919e5b4870b333c9bf894a35351c9d4fc02dd29c1ef2a5ec06218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 14:36:08 GMT
x-content-type-options: nosniff
age: 111608
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2550
x-xss-protection: 0
last-modified: Wed, 17 Apr 2019 17:06:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Nov 2021 14:36:08 GMT

GET
DATA 200
OK truncated
/ Frame 5FE2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b13d2e5a2da982f6e8a3ee18b41c8a8b134cba61e5503511f30cbe29c23b4b1

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5FE2 3 KB
3 KB 26ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 00:18:51 GMT
x-content-type-options: nosniff
server: cafe
age: 76645
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 28 Nov 2020 00:18:51 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5FE2 344 B
811 B 25ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 15:22:13 GMT
x-content-type-options: nosniff
server: cafe
age: 22443
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 28 Nov 2020 15:22:13 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 5FE2 0
0 15ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRK61TnmZB2fghKZQQ2LUjpvhOmE7hN0AP0ucXR3n7q0CF_Tod7Ox5ZUAhD0U109dAkMcpqSADpd7YufmJAOzERXkdsFA
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5FE2 0
0 51ms
51ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqI5xT3HBX5LpG4yJlgTS5aCIA6XF2q5T4tS8rJ8H29keEAEgn872fWC56L6A1AGgAcvi4oQDyAEB4AIAqAMBqgSfAk_Q_Nb_GN_ZP2WajtAGBDxyzATGwdZJe75URHsnsV7VCgIZA_VwWQEX_7TD1H43nx204pdJ-qx53semzq_gUyZy4HKghCv_3kR1a6v736JejRtW6pwZVyj8kQPudAUOiDjCRi36RCSXK43YEO5EFrnsURa31nkmCziaHDoexx-4Ke7ICN9tLpY09Bm28oJqM9sh5yvmwnoCzvHd593unopgNfu7BHymdNPq5UqvvIQx_NoP5Wk8nh0Zfjmf42hSSZ1xrG_R4ffvqF7RuwI8gtGpDrNe1udzlXQFVj3bLuK9R8wBjqWwzJRegIH8G__Am9YAcwLvX-pVDzPEyeaJ2PQ0TFKpK7-bjy2rij3vMg6PY_LoJ3me7l2gqNw2uNXjwAScuvLW7gHgBAGSBQQIBBgBkgUECAUYBIAHnZ2de6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDl9TDSCAkIgOGAEBABGB2ACgPICwHYEwKyFxoKGAgBEhRwdWItMTc1NzA2NDcyMzkxNzk5OQ&sigh=_gHOsmmxqLU&template_id=5001&tpd=AGWhJmvpU6EqfRdyOqhxMBpEgBswCs6_BaRPRAkMZXt3nbWz6Q
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
31ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94dbce71627f5728bfff2b72debdd54e408b70a2721f13052e6562b776da11f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 21:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5FE2 11 KB
11 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 123339
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 26 Nov 2021 11:20:37 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5FE2 11 KB
11 KB 30ms
20ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 11:20:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 296140
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 24 Nov 2021 11:20:36 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 66ms
53ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 21:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 27 Nov 2020 21:36:16 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5FE2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
15ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 27 Nov 2020 21:36:16 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame D9C5 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 27 Nov 2020 20:28:13 GMT
expires: Sat, 27 Nov 2021 20:28:13 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4083
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5FE2 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 00:18:51 GMT
x-content-type-options: nosniff
server: cafe
age: 76645
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 28 Nov 2020 00:18:51 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5FE2 344 B
439 B 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 15:22:13 GMT
x-content-type-options: nosniff
server: cafe
age: 22443
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 28 Nov 2020 15:22:13 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5FE2 0
54 B 781ms
272ms Other
image/gif 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1606512976185&c=2704853528771972&qqid=CNLM6pnXo-0CFYyEhQod0jIIMQ&rt=any.link.3.18.5.g.j.1.13tr.13py~any.script.3.12.1.f.0.0.3ts.3qq~any.script.3.12.5.a.0.0.lfv.lck~any.script.3.x.0.9.0.0.13q.11i~any.script.3.w.1.8.0.0.ati.a37~any.link.4.18.1.u.w.0.sr.gq~any.css.5.s.0.6.j.1.23f.1yu~any.img.7.r.0.7.0.0.2b3.286~any.img.7.q.0.6.0.0.mj.9k~any.img.7.f.m.0.0.0.0.0~any.img.7.1g.1n.0.0.0.0.0~any.css.1i.z.1.l.0.0.8m0.8j4~any.css.1l.v.1.k.t.0.8re.8i0~any.img.3i.f.3x.0.0.0.0.0~any.img.4e.7.1.6.0.0.2en.286~any.img.4f.7.0.6.0.0.c7.9k&met.a4a=dcl.1~ol.142~nvs.1606512975990~ini.1606512976187
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
48 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=411111174&t=event&ni=0&_s=1&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&ul=en-us&de=UTF-8&dt=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=BannerView&ea=BannerView&_u=aEDAAEABAAAAAC~&jid=1080630464&gjid=531848695&cid=316293808.1606512975&tid=UA-146231564-5&_gid=152270665.1606512975&_r=1&cd3=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&gtm=2wgb41T48CH8D&z=768544841

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6385
date: Fri, 27 Nov 2020 19:49:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 27 Nov 2020 21:49:51 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=411111174&t=event&ni=1&_s=1&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&ul=en-us&de=UTF-8&dt=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=BannerView&ea=BannerView&_u=aEDAAEABAAAAAC~&jid=478958731&gjid=1453908496&cid=316293808.1606512975&tid=UA-77843728-30&_gid=152270665.1606512975&_r=1&cd3=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&gtm=2wgb41T48CH8D&z=524400230

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
44 B 14ms
14ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-T48CH8D&cv=153&v=3&t=t&pid=1577670481&rv=b41&es=1&e=gtm.scrollDepth&eid=5&u=C&tc=36&tr=1html.5html&ti=1html.1html&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:16 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
21 B 15ms
14ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-T48CH8D&cv=153&v=3&t=t&pid=1577670481&rv=b41&es=1&e=gtm.elementVisibility&eid=13&u=C&tc=36&tr=1ua.1ua.1html.5html&ti=1ua.1ua.1html.1html&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:16 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=411111174&t=event&ni=0&_s=1&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&ul=en-us&de=UTF-8&dt=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=BannerView&ea=BannerView&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=316293808.1606512975&tid=UA-146231564-5&_gid=152270665.1606512975&cd3=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&gtm=2wgb41T48CH8D&z=1388239058

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 10:21:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40486
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=411111174&t=event&ni=1&_s=1&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26vgo_ee%3D2bhiIM%252FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%253D&ul=en-us&de=UTF-8&dt=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=BannerView&ea=BannerView&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=316293808.1606512975&tid=UA-77843728-30&_gid=152270665.1606512975&cd3=Conhe%C3%A7a%20o%20Picpay%20Card%20e%20aproveite%20seus%20benef%C3%ADcios!%20-%20Utua&gtm=2wgb41T48CH8D&z=1441708037

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 10:21:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40486
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 10:21:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40486
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
7ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 10:21:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40486
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 10:21:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40486
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 10:21:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40486
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
51 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-146231564-5&cid=316293808.1606512975&jid=1080630464&gjid=531848695&_gid=152270665.1606512975&_u=aEDAAEABAAAAAC~&z=455699082

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 27 Nov 2020 21:36:16 GMT
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame E4A5 180 KB
50 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214276
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:05:00 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E4A5 13 KB
5 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 189302
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:01:14 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E4A5 90 KB
28 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 213936
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:10:40 GMT

GET
H3-Q050 200 amp-bind-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E4A5 39 KB
14 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-bind-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4d5af2b829509c1cc5a65bfe7f9623652db6320767290ac324544054039f77d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28747
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13927
x-xss-protection: 0
server: sffe
date: Fri, 27 Nov 2020 13:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1c47a69781a4b022"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Nov 2021 13:37:09 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E4A5 3 KB
1 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 188201
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E4A5 41 KB
13 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 188201
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame E4A5 4 KB
650 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Nov 2020 21:11:09 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Fri, 27 Nov 2020 21:36:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 27 Nov 2020 21:36:16 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E4A5 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 00:18:51 GMT
x-content-type-options: nosniff
server: cafe
age: 76645
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 28 Nov 2020 00:18:51 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E4A5 344 B
369 B 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 15:22:13 GMT
x-content-type-options: nosniff
server: cafe
age: 22443
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 28 Nov 2020 15:22:13 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9372904917825618820/ Frame E4A5 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9372904917825618820/downsize_200k_v1?w=300&h=300

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c897ca9078b8981210996fb586965eb0c3bf47a31d3cafa259ef79f0dc7cac40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 08:47:52 GMT
x-content-type-options: nosniff
age: 305304
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2406
x-xss-protection: 0
last-modified: Mon, 19 Oct 2020 21:09:40 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Nov 2021 08:47:52 GMT

GET
DATA 200
OK truncated
/ Frame E4A5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c1725025da30c9dfc109a1ca6a174aa83cefa0305258c3f96e85a46dc4ea163

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame E4A5 0
0 16ms
15ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1Nm0VwC5890FWMFQpjRveXcVFlDrEWYTkbMuNN6mJ-dl_26102a4rczbpIHY624ZASrQAJl-ojgHag_81SixboBC3AQ
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E4A5 0
0 37ms
37ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGecxT3HBX9C4OIi0b92Sq9ABtpXKrmCC89XBgg2F_pejkg4QASCfzvZ9YLnovoDUAaAB7em5ogPIAQHgAgCoAwGqBKYCT9Dw26aHMl3JeWgZQphVgGbFA5lEy8LptQrXQc4G_ig1lc4E6K6NnuqJYmf-apfp9sEftgPZWYvOLTBRc2yNGrB_b1uWHJTu8tL6pt_jBnp0xSWMFVczVuUZZWKU1BLNaVOHYBDnoxsDzNfN410aaKq6tVRHrK6TrG_VQuNqHGQQztOfYzEcvQc2hpvHlir0IAbxJtBZNlIm6S2IeBh7nhbkx0Xe28IDO0vdLVBRE2pQ0pKFJpLqVLiV-dA5lDh09rXa7apcixgs6Az9Y2PmrPiXGwBKErA3PvAuc2ejWFzAi9PPxWolPVJKWG6DQadhIsVXShXcq9flFlT0axPknLyTvfMbNdm4uR4hZdjv1DKcpCeus3v-54cqlRavT_Z2eYbatPN0wASLud2lnwPgBAGSBQQIBBgBkgUECAUYBIAH1ajLL6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDOxCnSCAkIgOGAEBABGB2ACgPICwHYEwyIFAGYFgGyFxoKGAgBEhRwdWItMTc1NzA2NDcyMzkxNzk5OQ&sigh=tIlWPGLPRTY&template_id=5001&tpd=AGWhJmtI2ok3mM_3dM62HSxXuL9J2er1RB3lEWNPdGN-Dl9-ag
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
28 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-77843728-30&cid=316293808.1606512975&jid=478958731&gjid=1453908496&_gid=152270665.1606512975&_u=aEDAAEABAAAAAC~&z=393241530

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 27 Nov 2020 21:36:16 GMT
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
31 B 16ms
15ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111701&jk=2704853528771972&bg=!kpGlkbHNAAVGySeIRlj2vCUnKVHtLwIAAABLUgAAAAxoAQcKAIKz2nwsvTFGMvGVHYydbPpiGMxWQVl3V-S0UzgMo4wUePAPnWsHfSuWUaJnFE1vDMmHhLT5-DiZua9eMmaegAMX8cobF4bgSQTyf1j2OFJBHxxzDfCIPeTlOoaghF2X4gSvcZPfceAT-HZ1JlVFGtJqO6nXQlxBAr1RY_nq_MfZWWwpmQG0JnwJ_CsAaMDmfonWrK2eQ8wzouC_5qPFhjj2W5a9XpSY2zTLvxpEGv1fE_vqqLxncqSvy3S-bVsmZGX3VVQQ3CL6ahNJuhREUiaq-AUGwAbF6MUkOE0iBaHQ7RbZCV4MhmU4eJCQY64JkHHcVtrafuDG8kRroWOiLwNTnpsXpnyqDEmy11XSX5pdDJcuf4i8by6w7tyU7AdtWGhnq6NtHWrMSdbJlS3eLK0q8B9Utl4bDJTOVI1y_3oV6wGOvZ04c610NPb0a5uIQoDYxzzXwU5m3VLux3gsFEL_L-gxRpLl98xtqfvil_ht_bIWh62F381P4gt7EAIaRHoNiUC2qTfQICVtHRAAEtMG53fHsRFVQHXxkCQ-EeCDQuXrj9lxdprqwaCDCGe1PDnCyAuO3GygxGcKa2eQHz4L9To4g6aVDCsWyAHtD0bpInG930Jn7TYPpgbeVifb-nXTniJUYk__bhSO18hNUcQWDnN5jHqqUYl2tc-szqP20Rq_w5TyiXH35YGEePM9e34McPwyeT9hx9cZAd91iLpkYpWvcnhcMl-y9-7KEvM8NWo8yHVYm5CDpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
65 B 30ms
30ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-146231564-5&cid=316293808.1606512975&jid=1080630464&_u=aEDAAEABAAAAAC~&z=1114991501

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
88 B 31ms
30ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-146231564-5&cid=316293808.1606512975&jid=1080630464&_u=aEDAAEABAAAAAC~&z=1114991501

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
65 B 30ms
30ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-77843728-30&cid=316293808.1606512975&jid=478958731&_u=aEDAAEABAAAAAC~&z=251207582

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
65 B 31ms
31ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-77843728-30&cid=316293808.1606512975&jid=478958731&_u=aEDAAEABAAAAAC~&z=251207582

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E4A5 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 123339
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 26 Nov 2021 11:20:37 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E4A5 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 11:20:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 296140
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 24 Nov 2021 11:20:36 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E4A5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

16ms
16ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 27 Nov 2020 21:36:16 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 ww.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame E4A5 46 KB
14 KB 34ms
20ms Fetch
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/ww.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

112cd772574945abccd84c5cabcd4c348681958552ab221dc2e7533a75ee804d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28731
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13591
x-xss-protection: 0
server: sffe
date: Fri, 27 Nov 2020 13:37:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4413b5f2ccc5d59e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Nov 2021 13:37:25 GMT

GET
BLOB 200
OK a703ca23-2e24-4ee6-beb6-feb7fa8a5a70
https://utua.com.br/ Frame E4A5 46 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://utua.com.br/a703ca23-2e24-4ee6-beb6-feb7fa8a5a70
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f44418159536ffc004af4c6d1e177d2c1bb475e9fb934377a002841da01c1652

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 47019
Content-Type: text/javascript

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E4A5 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 00:18:51 GMT
x-content-type-options: nosniff
server: cafe
age: 76645
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 28 Nov 2020 00:18:51 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E4A5 344 B
369 B 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 15:22:13 GMT
x-content-type-options: nosniff
server: cafe
age: 22443
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 28 Nov 2020 15:22:13 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E4A5 0
54 B 547ms
272ms Other
image/gif 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1606512976421&c=2704853528771972&qqid=CJCch5rXo-0CFQjaGwodXckKGg&rt=any.link.2.15.4.m.0.0.13sq.13py~any.script.3.17.6.m.0.0.3ti.3qq~any.script.3.15.7.k.w.0.m2j.lck~any.script.3.18.1.t.0.0.atm.aqv~any.script.3.15.6.m.0.0.148.11i~any.script.3.16.7.m.0.0.a4j.a37~any.link.4.g.1.f.0.0.i2.gq~any.img.4.7.1.6.0.0.28v.286~any.img.5.7.1.6.0.0.a9.9k~any.css.6.7.0.6.0.0.1ye.1uu~any.img.7.g.n.0.0.0.0.0~any.img.7.12.19.0.0.0.0.0~any.css.1m.7.1.6.0.0.8js.8j4~any.css.1m.7.0.6.0.0.8io.8i0~any.fetch.2a.y.1.k.x.0.b7h.ahj~any.img.37.h.3o.0.0.0.0.0~any.img.3y.6.0.6.0.0.28v.286~any.img.3y.7.0.6.0.0.a9.9k&met.a4a=dcl.1~ol.76~nvs.1606512976265~ini.1606512976422
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 85BB 180 KB
50 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214276
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:05:00 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 85BB 13 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 189302
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:01:14 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 85BB 90 KB
27 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 213936
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:10:40 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 85BB 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 188201
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 85BB 41 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 188201
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 85BB 4 KB
650 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Nov 2020 21:14:38 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Fri, 27 Nov 2020 21:36:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 27 Nov 2020 21:36:16 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 85BB 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 00:18:51 GMT
x-content-type-options: nosniff
server: cafe
age: 76645
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 28 Nov 2020 00:18:51 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 85BB 344 B
369 B 8ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 15:22:13 GMT
x-content-type-options: nosniff
server: cafe
age: 22443
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 28 Nov 2020 15:22:13 GMT

GET
DATA 200
OK truncated
/ Frame 85BB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99bbf190453e4bde48b7b3e2489181627439bf14ce005b06c973cafc22c23cf9

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 85BB 0
0 39ms
39ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQwHnUHHBX9urC9iB9fgPvrK2sAyb253cX6WWy5z2Cp3M_d8FEAEgn872fWC56L6A1AGgAcjJ2sMDyAEBqQL71Jvt_gu0PuACAKgDAcgDCqoEqAJP0INAaZZkDgduRIPfTnvDGxf4i1H-V6rZOj93UvbuaSLuVDA9Mpfcl9crkT1KlQwySmwHwi35u27fGq_S5zXgbyNYsOAT_zmmPq5I-V2_UYugw1KzfdooWax7oYbZdo2OlYnjmbKOvScSugc8PeyM1rvjrMozaAA_05wi8-TOFlfqjeu5g2muu2EDPVwKBxKnWdqesJT6_niho2otBCMsrktHxCvWav5JO_3QXuNMnkl_KSH400qtCvwAeqd-LVnY6vNk8iBA2Jdm8qRg6uRNtj4BUXYdAZtBORdRVyGWIPPwhehc8asJpi3L0tEneLmnfoDZTMy28dJc_RDbQEMR7H9vgduTzcklO7hgBqieyOdidg_XYNKjjcrQYJkH0_ASKyZs7X64RsAEupS8_OIB4AQBkgUECAQYAZIFBAgFGASAB6iT74cBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcFEPHi0gHSCAkIgOGAEBABGB2ACgPICwHYEwyIFAKyFxoKGAgBEhRwdWItMTc1NzA2NDcyMzkxNzk5OQ&sigh=5xc6TKBGkNs&tpd=AGWhJmv-yFbyOXVQrlMyUP_yO6_lyTEfS2Ged9dFQw9ftj1NVQ
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 85BB 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 123339
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 26 Nov 2021 11:20:37 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 85BB 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 11:20:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 296140
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 24 Nov 2021 11:20:36 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 85BB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 27 Nov 2020 21:36:16 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 85BB 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 00:18:51 GMT
x-content-type-options: nosniff
server: cafe
age: 76645
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 28 Nov 2020 00:18:51 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 85BB 344 B
369 B 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Nov 2020 15:22:13 GMT
x-content-type-options: nosniff
server: cafe
age: 22443
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 28 Nov 2020 15:22:13 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 85BB 0
331 B 349ms
270ms Other
image/gif 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1606512976621&c=2704853528771972&qqid=CNuTl5rXo-0CFdhAHQkdPpkNxg&rt=any.link.3.d.6.6.0.0.13qq.13py~any.script.3.a.2.7.0.0.3ri.3qq~any.script.3.c.3.9.0.0.ldc.lck~any.script.3.c.1.9.0.0.12a.11i~any.script.3.c.1.a.0.0.a3z.a37~any.link.4.f.0.e.0.0.i2.gq~any.img.4.a.3.7.0.0.28v.286~any.img.4.a.3.7.0.0.a9.9k~any.img.6.14.1a.0.0.0.0.0~any.css.15.7.0.6.0.0.8js.8j4~any.css.16.7.0.6.0.0.8io.8i0~any.img.2c.f.2r.0.0.0.0.0~any.img.30.7.0.6.0.0.28v.286~any.img.30.7.0.6.0.0.a9.9k&met.a4a=dcl.0~ol.100~nvs.1606512976498~ini.1606512976623
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 271ms
271ms Other
image/gif 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ki0sch8a&c=2704853528771972&e=21068727%2C21068418%2C21066613%2C21066614&ctx=1&met.9=1.17l~2.1cg~3_1.1dk~3_2.1dl~3_4.1dm~7_1.0~7_2.0~7_4.0~4_2.1tj~5_2.1to~6_2.1xn~4_4.21a~5_4.21c~6_4.23g~4_1.27r~5_1.27s~6_1.2al&met.10=1_4.IPwNEAAIABiAmHUoAA~1_2.IPwNEAAIABiAmHUoAA~1_1.IPwNEAAIABiAmHUoAA~1_2.IMgSELjkEAi45BAYgJh1KAE~1_4.IIAVEIHUDQiAoQ4YgJh1KAE~1_1.IMEWEMCBDAjAgQwYgJh1KAE&met.3=112.1ds_1~113.1pv_2&met.1=1.ki0scfuh~6.jb~7.jc~8.kk~9.kk~10.lp~11.kx~12.lq~13.wg~14.wv~15.wi~16.15k~17.15k~18.15w~19.1pt~20.1pt~21.1pt~22.155~23.155&qqid.2=CNLM6pnXo-0CFYyEhQod0jIIMQ&qqid.4=CJCch5rXo-0CFQjaGwodXckKGg&qqid.1=CNuTl5rXo-0CFdhAHQkdPpkNxg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5FE2 42 B
94 B 19ms
19ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuP95z4-n4zOj5acO2VCujMwQS8Fjt7PkfWlnZIZvkNJyYRPM5ZmZ1j1h-OxVZygjDZjivIsW-lOu00SV4QumYBUd2JinN5agvCMRYNcV1AFSPVWeYQCFxK7u3Ye7tSfRU6R3bdLnhjbfyYpm-pdZeRdw&sai=AMfl-YSPOlJD3NkYPyxyxp_MVIx-ulcHtCrx5ZtVJQn-XDYO8AkdNhPiH21fbCkEoRiKn6BaiICZmyhO6FvOKOeT_w6uEgRnlOvpXFmh8xUr6miUk70pbiubZusl7PE&sig=Cg0ArKJSzLXdmWI0gREDEAE&cid=CAASF-RovefSheSozC5yE69gluGvNiJPKzXz&id=ampim&o=315,83&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=124&tls=1124&g=100&h=100&tt=1124&r=v&avms=ampa&adk=3076446341

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E4A5 42 B
66 B 21ms
21ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBxJMnRijR3kFGbDhVhrLJinWaOIbriEaVkHWDdo2ZKuOnEuOGWCqFdfbFoeMxeufrDRlTevPtwek6AYADSCHkpwhrcGk1Cl_HYwM3e_xciFVlOdwBooy-gkZDxA&sai=AMfl-YQ9-83hGDx29zsBN_5CeOdVH6TSSdQJThkAkrO7W91-FYk53rtcg8hslo-z7BuoSlzfu_JkNb9jSltmOOPPZk3WaRfWToXJ7TUysuPHxlTiXphfrrWX95ca04s&sig=Cg0ArKJSzIROOyvuOUgdEAE&cid=CAASF-RoQRo0DAXKDwyvOgmbx4oOlmYu0vIT&id=ampim&o=385,894&d=480,320&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=87&tls=1087&g=95.6250011920929&h=95.6250011920929&tt=1088&r=v&avms=ampa&adk=3494684567

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 85BB 42 B
66 B 22ms
22ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8Lgd4iK-6LWR6r4qKNcArpaKqSBH74Ytbwqq4NRVwwkt0xTKX0P4YB4a2pVVlreiWQmTkR1scn0ya6DccX-NEZBFtqbgbeNlpZZ6GAWkyljOxEC4IaNjlhmu_pg&sai=AMfl-YQtTT43yzxR11l4jdHaEmQmPBFoTWkYaGodQO7kwQnt1hIqAMBjD3yUxsVT9OYwdXsxMUU7ApmI3aQUczHUfAM7I1C7RUrfT6GtXvQ4c0rJYHzkvmLSstKbsJ0&sig=Cg0ArKJSzIox607XwLVbEAE&cid=CAASF-Ro47xOIhm9NBxK6rW0fcNUAatu_lIY&id=ampim&o=1044,546&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=100&tls=1100&g=100&h=100&tt=1100&r=v&avms=ampa&adk=228666452

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 21:36:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063&vgo_ee=2bhiIM%2FkoAXmhmf4oYtI8DpxdzkQNl9LgdxZ9pnzLRY%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.be
adservice.google.com
begrowth-gg-news-03.acemlnb.com
begrowth-gg-news-03.activehosted.com
bucket.utua.com.br
c4b579b841b9b3d1ae3e18d26cb2590f.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.navdmp.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
csi.gstatic.com
cx.atdmt.com
d2r1yp2w7bby2u.cloudfront.net
d3rxaij56vjege.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pixel.mathtag.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
tpc.googlesyndication.com
usr.navdmp.com
utua.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
wzrkt.com
13.224.89.204
143.204.215.43
172.217.16.130
172.217.18.162
172.67.21.27
2.18.233.201
212.82.100.182
2404:6800:4004:81e::2003
2606:4700::6810:125e
2606:4700::6810:cf3
2606:4700::6811:576d
2a00:1450:4001:802::2004
2a00:1450:4001:806::2008
2a00:1450:4001:809::2002
2a00:1450:4001:814::2003
2a00:1450:4001:817::2001
2a00:1450:4001:818::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:820::2001
2a00:1450:4001:820::200a
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.165.225.92
54.230.237.114
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0cfd4cfe13e8111907d03b1efd5dff9bf2a8102005d03ab0046ad2b858668794
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f06361cc0f4a1b50b1d8aac2369959d5d0904043ca85371c72641deca7a1e3
112cd772574945abccd84c5cabcd4c348681958552ab221dc2e7533a75ee804d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e238b64a7d929fbae156932c23a33fa6d961aee4aa1e9249598bb7b79177728
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
280be8ab011ce8edf330df7ddf55b326739281943a51d7786f416685a86c7014
2c1725025da30c9dfc109a1ca6a174aa83cefa0305258c3f96e85a46dc4ea163
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
3ca7d48017aea03b1f6b984584f5956140842cfdc329db1de675afb26c727cb9
3d95c3a87d599e84e498f259f85d36051a6233b037e8ccf99c657051f3f81b28
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
495d02e4259b643fed520ef17885510f0ead8649c3e516530aca33b76c442262
4ee3697943fd3f0d482d845e32b5eef928be9b277e27eacea47caeff65e30609
522cc4ddf3c2daf42d71bd1ce57b9bd0c118068c0b4e363ebcb438f48dab7c0a
52616fa6d9f0a07909c0cf493b1e0ba2e51a59dd369bd49880ab1e946c9caebf
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
569a58d4a6fbc017e42ae280b4e9c0172cfeb1d362e49009fadeb890151f9a42
597432a68cfa8b7b6d37e45bd0dbc0984001f62525d2eb4c3d9208b566ba92e3
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6fb38dfe05706f1245c777f0fb5b67f9258519bc23113b12a419e912e600e195
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
754fac4810074e8a762844e6929031a73054640d0a51e8428653762553e0a3a4
767ff27e4b254ebd7e5217776d4e314141eb3909cb28d8443fa2deb8b8822e09
788f6621ed221fb591239858a0d3b1cb728a78e249f6d140fdd7a0982c5be6c2
7e013cb6b36461b253a82a514bea7b30938bdf85a6b113e3c2bc672e41901321
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8548716c2e789a4b3a7f57a8580bce2b0151049e44e3ea9c3c897a55a1f62760
8acb04628394993656dad11f23029fc6ad13cf90cfaa1f5df89150b2727684a9
8c23533b2dcb73c3435e60d435042b1ef7076f4ddce6af81b596c26e66e814e1
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
94dbce71627f5728bfff2b72debdd54e408b70a2721f13052e6562b776da11f5
99bbf190453e4bde48b7b3e2489181627439bf14ce005b06c973cafc22c23cf9
9b13d2e5a2da982f6e8a3ee18b41c8a8b134cba61e5503511f30cbe29c23b4b1
9bcc9ded833b83a7180a8b2d02826f3da719e8d79586c970b9858ce01b1b6b49
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
aa5354ffd745a7473fe225230784b642c6a3df23ab79ee1345c1a5a2214f23c5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
bd5127d88d20bfc74fb94869e2026ddfbb9119934c6b441b12ed7762a948a702
c4d5af2b829509c1cc5a65bfe7f9623652db6320767290ac324544054039f77d
c6ba33197a7c01fc95a40a0d9aab1bcaa16db1fcf6419d33a26ac7bc6a2c4491
c812ddc9e475d3e65d68a6b3b589ce598a2a5babb7afc55477d59215c4a38a40
c897ca9078b8981210996fb586965eb0c3bf47a31d3cafa259ef79f0dc7cac40
cd5aa43dd663f0c19ce98c0e4975838ee36c04b4df81592f5189637742226d57
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d907e119beb5818bc2ca905f61e640cdddc2d0019fd4e131214cab21d4c73504
d9c612e6809cb99fd4ac4a9db4ad7237baf07d51cbac8003c87ce1648af19b12
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e50e5177a952c38c922793c25e931ef5075d3b4e72270a5416530f6deb33b3dd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e8f2cd2605b070d9e4ad0dd83281d81d22df899007e4c17e1da352f0adf7d243
eacbf8d1ccf3a574cc431100d30c3ccecae67f26bdb6ee6e6eed8417ef9d7f77
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c54508e244fad6d1019ab0484369bb6712eb1d7b09ee97f9f2a742b72b707e
f44418159536ffc004af4c6d1e177d2c1bb475e9fb934377a002841da01c1652
f7f6185b9879d35631edaf4d3d17cb55266a18f822cf0c7d289b800adcd3ae87
fd41bd4393b919e5b4870b333c9bf894a35351c9d4fc02dd29c1ef2a5ec06218

utua.com.br Open in urlscan Pro 172.67.21.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

152 Requests

97 %HTTPS

68 %IPv6

23 Domains

36 Subdomains

26 IPs

7 Countries

1080 kBTransfer

3203 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

utua.com.br Open in urlscan Pro
172.67.21.27 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

97 %
HTTPS

68 %
IPv6

23
Domains

36
Subdomains

26
IPs

7
Countries

1080 kB
Transfer

3203 kB
Size

0
Cookies

152 HTTP transactions
0 data transactions