www.2viaboleto.com.br Open in urlscan Pro
178.63.88.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.2viaboleto.com.br/
Submission: On April 09 via automatic, source certstream-suspicious (April 9th 2023, 11:15:12 am UTC) — Scanned from DE

Summary HTTP 276 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 9 countries across 35 domains to perform 276 HTTP transactions. The main IP is 178.63.88.48, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.2viaboleto.com.br.
TLS certificate: Issued by R3 on April 9th 2023. Valid for: 3 months.

This is the only time www.2viaboleto.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	178.63.88.48 178.63.88.48	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
3 9	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
41	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2 2	3.124.143.199 3.124.143.199	16509 (AMAZON-02) (AMAZON-02)
3 29	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:7781:4495:ac65:b0a4	16509 (AMAZON-02) (AMAZON-02)
4 6	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.220.168.134 54.220.168.134	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2	2600:9000:212... 2600:9000:2127:fe00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7782:504d:3412:cd3a:ac20	() ()
11	151.101.130.137 151.101.130.137	() ()
3	162.247.243.29 162.247.243.29	() ()
276	37

33 178.63.88.48 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: brworks.com.br

www.2viaboleto.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

web.webpushs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.143.199 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-199.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.246 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:7781:4495:ac65:b0a4 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.244 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.168.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-168-134.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:fe00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7782:504d:3412:cd3a:ac20 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.130.137 (None, )

ASN- ()

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.243.29 (None, )

ASN- ()

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	614 KB
54	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 335	303 KB
41	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com	721 KB
33	2viaboleto.com.br www.2viaboleto.com.br	778 KB
12	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 90	2 KB
11	newrelic.com js-agent.newrelic.com	35 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 299	117 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 803 static.adsafeprotected.com — Cisco Umbrella Rank: 591 dt.adsafeprotected.com	168 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	438 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	7 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	4 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	4 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 584	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5216 adservice.google.de — Cisco Umbrella Rank: 7832	1 KB
3	nr-data.net bam.nr-data.net	1 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 779	2 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 340	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6349	931 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 820 s.tribalfusion.com — Cisco Umbrella Rank: 2028	1 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1557	485 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 652	901 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 368	529 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 804	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 830	2 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 828	338 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 37864	608 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 507	874 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3163	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 712	464 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1914	297 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1912	173 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	608 B
1	webpushs.com web.webpushs.com — Cisco Umbrella Rank: 45821	37 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	44 KB
276	35

	Domain	Requested by
41	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com www.2viaboleto.com.br
33	www.2viaboleto.com.br	www.2viaboleto.com.br
30	pagead2.googlesyndication.com	www.2viaboleto.com.br googleads.g.doubleclick.net www.googletagservices.com pagead2.googlesyndication.com tpc.googlesyndication.com
27	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net www.2viaboleto.com.br
24	googleads.g.doubleclick.net	www.2viaboleto.com.br googleads.g.doubleclick.net pagead2.googlesyndication.com
14	www.gstatic.com	googleads.g.doubleclick.net
11	js-agent.newrelic.com	www.2viaboleto.com.br
9	s0.2mdn.net	www.2viaboleto.com.br s0.2mdn.net googleads.g.doubleclick.net
9	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
9	www.googletagservices.com	googleads.g.doubleclick.net
9	fonts.googleapis.com	googleads.g.doubleclick.net
9	www.google.com	3 redirects www.2viaboleto.com.br googleads.g.doubleclick.net
5	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	c1.adform.net	4 redirects
3	bam.nr-data.net	www.2viaboleto.com.br
3	image6.pubmatic.com	3 redirects
3	pixel.rubiconproject.com	3 redirects
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	www.2viaboleto.com.br
3	adservice.google.de	www.2viaboleto.com.br
3	www.google-analytics.com	www.2viaboleto.com.br
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.2viaboleto.com.br
2	ads.travelaudience.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	sync-tm.everesttech.net	2 redirects
2	fw.adsafeprotected.com	1 redirects www.2viaboleto.com.br
2	match.adsrvr.org	googleads.g.doubleclick.net
2	um.simpli.fi	2 redirects
2	pm.w55c.net	2 redirects
1	onetag-sys.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	s.tribalfusion.com	www.2viaboleto.com.br
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	www.2viaboleto.com.br
1	www.google.de	www.2viaboleto.com.br
1	stats.g.doubleclick.net	www.2viaboleto.com.br
1	web.webpushs.com	www.2viaboleto.com.br
1	www.googletagmanager.com	www.2viaboleto.com.br
276	50

This site contains links to these domains. Also see Links.

Domain
www.fabiolobo.com.br

Subject Issuer	Validity	Valid
2viaboleto.com.br R3	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
web.webpushs.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-06` - `2024-01-16`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-09` - `2023-12-03`	10 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://www.2viaboleto.com.br/
Frame ID: F997F7B34CDED90472CE9389B60E6585
Requests: 80 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html
Frame ID: B48C88AD9E0EB547EE306490DC417F3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&adk=1812271804&adf=3025194257&lmt=1680977490&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038906874&bpp=8&bdt=215&idt=203&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1772029837489&frm=20&pv=2&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=225
Frame ID: 93BE07F9CC90BA713F63940D6B7C5D3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1200x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038906882&bpp=2&bdt=223&idt=224&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JovgQ82tbt&p=https%3A//www.2viaboleto.com.br&dtd=230
Frame ID: F1EAC958758ABC8AD1C649C1F11705CB
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js
Frame ID: A584E563ABA4F22756C67A6A60EAA2D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=U9FQrLWIvi&p=https%3A//www.2viaboleto.com.br&dtd=33
Frame ID: 3A1806740FB9FBF28ADBB36E70F8A498
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1456288602&adf=2222756707&pi=t.aa~a.631950499~rp.3&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pFNCn8HcwW&p=https%3A//www.2viaboleto.com.br&dtd=38
Frame ID: 06B87261A22C45767F29FF285DA5F427
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tkpzcOCyAW&p=https%3A//www.2viaboleto.com.br&dtd=42
Frame ID: E34736D5AE50E35ED27FC65EF447B8D3
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45
Frame ID: F38A89FA446B97DF2617B757E23C4089
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: AEA977CE990E5889AF543A555B1B275A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: 588D214E39AAC95EFAE52E29E007C027
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: E9E082D25BF9B43514F54BAE0A8D88CE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: FBD4D7513B6119B0A88DBD35DBA5A39C
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 81358784503D414BBE3E44A0F8F31A45
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 689C68636BDC7DBAE4223E886203A1D5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 256182AE67E0F4E4E4A0E7E468825931
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E4B1A496A3AAD4E873F5747F3F93FBCE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js
Frame ID: 6FE8C3290AA63C5C7B0E0BB19226F6A5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js
Frame ID: CB2030A4AFDDD21EB08E9CB322878650
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BD00B8BADE00A95079C9F0162B03F816
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js
Frame ID: 53B38E456F44F523887AAEC28ACBF3D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWd9iRcRtJ2kRTt_xEv8y3SgiJhJ9qRTK5eynjAxBkmvEfhRJEWmU9y38zpKLl8LBE24Zvrf_5Bj_qNu1cXZ8JdFN36kBViMHpxD4rX8RkGnvuwIQcF03LdMmKIA9sP1Bc0k1pgFs_bT1lPwt4YGbof1EeWhdIY4FeXMicdkY9xTtDVI38
Frame ID: 92EF6E0BF31D726972E2B2D0D8669792
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 66AEA64ECC560E212E04899C5398EC77
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CD51D8368ED9644013EA805EFD3F855A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js
Frame ID: FBA7321D3205E31BFB6A07E4AE0F292A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 60596013E6ABFCDE2CF7F77386B9011E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FEFA163D3321E1B9936071AEB577C163
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2AA77075A55A438B8DFDD9A97F85EBE5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
Frame ID: 2B7A2E0BE4A68C6A1B1BFBFEB605EB2E
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1EBE2887F208FD69FB1E224CC29C75FD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js
Frame ID: 371126F536E387885A3CC27C8D73EA60
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8C2CEE3272ACE4EA9FDD63362E63710E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BAFA086FCBF07CC84243C43654393844
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2ª VIA BOLETO - Coelba - Sabesp - Vivo - Oi - CAIXA - CELPA - CPF - CELESC - BV - FIES - CONTA TELEFONICABuscaBuscaFechar buscaMenuFechar menu

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

276
Requests

91 %
HTTPS

57 %
IPv6

35
Domains

50
Subdomains

37
IPs

9
Countries

3291 kB
Transfer

7097 kB
Size

30
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fabiolobo.com.br/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 129

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 149

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGu4GCrGTIhNbGg2bKHXfZQ&google_cver=1&google_push=Aer7DvJrZb_uAG5pcvmB5zYxKvgzSUyncD0gDG8KeGgjP3wOWkT_PapeRAsgdEnDOzTaRY5ZZHcKFRnzqj6M9Tv5lgKWzQDCGSZuqBk HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGu4GCrGTIhNbGg2bKHXfZQ&google_cver=1&google_push=Aer7DvJrZb_uAG5pcvmB5zYxKvgzSUyncD0gDG8KeGgjP3wOWkT_PapeRAsgdEnDOzTaRY5ZZHcKFRnzqj6M9Tv5lgKWzQDCGSZuqBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHZZRnhnRjYxUEx0ME41&google_gid=CAESEGu4GCrGTIhNbGg2bKHXfZQ&google_cver=1&google_push=Aer7DvJrZb_uAG5pcvmB5zYxKvgzSUyncD0gDG8KeGgjP3wOWkT_PapeRAsgdEnDOzTaRY5ZZHcKFRnzqj6M9Tv5lgKWzQDCGSZuqBk

Request Chain 150

https://um.simpli.fi/gp_match?google_gid=CAESEC91QXBmp9ngTJiYCENjhps&google_cver=1&google_push=Aer7DvIcP5pLcCItpwMAeFtSJNxS_kdo_onziEG88SmEedxRrxCf8fpA5YllsDimnQUVuSBOcPaT9VyxzA7vgSMW7HQZR7pdeLrSO18 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24D3F2EEA841454F94BDF58705153B79&google_push=Aer7DvIcP5pLcCItpwMAeFtSJNxS_kdo_onziEG88SmEedxRrxCf8fpA5YllsDimnQUVuSBOcPaT9VyxzA7vgSMW7HQZR7pdeLrSO18

Request Chain 153

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFxIVcGcSODgncy94n66GFU&google_cver=1&google_push=Aer7DvKAaFFVF-9GuZw8N9cOuvEi_Ro11RD1y-vlFfqGWru_7xlWxe7hkRXH3nkGpI3rQzBb2ftmNuWyJ6Adx_qfI0OxRI58gjxwJzE HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFxIVcGcSODgncy94n66GFU&google_cver=1&google_push=Aer7DvKAaFFVF-9GuZw8N9cOuvEi_Ro11RD1y-vlFfqGWru_7xlWxe7hkRXH3nkGpI3rQzBb2ftmNuWyJ6Adx_qfI0OxRI58gjxwJzE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxODg3ODE4MDUzMTcwNzE5Ng&google_push=Aer7DvKAaFFVF-9GuZw8N9cOuvEi_Ro11RD1y-vlFfqGWru_7xlWxe7hkRXH3nkGpI3rQzBb2ftmNuWyJ6Adx_qfI0OxRI58gjxwJzE

Request Chain 154

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAqyY-ZKlYbqBvDkafRZmsE&google_cver=1&google_push=Aer7DvKXtEKAD0lTtpaDoxQ5aFIZHbsuTAAHl4A4Ptj_uGMqe7W0WN9aLrcoYIXOdw14eUDWbrneHyvEDn94CC5SpjMtQ-naQgf34w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc5QjVWWkMtMUstQzdWRA==&google_push=Aer7DvKXtEKAD0lTtpaDoxQ5aFIZHbsuTAAHl4A4Ptj_uGMqe7W0WN9aLrcoYIXOdw14eUDWbrneHyvEDn94CC5SpjMtQ-naQgf34w

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa9tcy5M9waI78wjBl3d_0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa9tcy5M9waI78wjBl3d_0&google_cver=1&C=1

Request Chain 169

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZDKePasjxGtnr.ukb1CpCQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa9tcy5M9waI78wjBl3d_0&google_cver=1&google_hm=2

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHfg_1rQH3SJiZ2QrwZlJcw&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHfg_1rQH3SJiZ2QrwZlJcw%26google_cver%3D1

Request Chain 171

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0OTk1NjgzMzEwNTYzMTI3MA%3D%3D

Request Chain 214

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEE80fQXIWsPEsSjjBx8G5yI&google_cver=1&google_push=Aer7DvKiA5R8Q0_vSWIBw82qGcFn6ZpXXANqSPz_07bXe8VX-MYcf-KPIS9FsdcSRZdTNSXFpU59Q4_1dbJDzNqnSmYh6ka0a5bQAF4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE80fQXIWsPEsSjjBx8G5yI&google_push=Aer7DvKiA5R8Q0_vSWIBw82qGcFn6ZpXXANqSPz_07bXe8VX-MYcf-KPIS9FsdcSRZdTNSXFpU59Q4_1dbJDzNqnSmYh6ka0a5bQAF4

Request Chain 215

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFxIVcGcSODgncy94n66GFU&google_cver=1&google_push=Aer7DvKOnAEehaayVZzOUzuceTRS-xFx10a7CbKb9aOUWM_VZrGIrVbdxylo7a_cPXqnxAWbqjj8bYJm8Q770L7UxjsIZ1ssGgQGotA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxODg3ODE4MDUzMTcwNzE5Ng&google_push=Aer7DvKOnAEehaayVZzOUzuceTRS-xFx10a7CbKb9aOUWM_VZrGIrVbdxylo7a_cPXqnxAWbqjj8bYJm8Q770L7UxjsIZ1ssGgQGotA

Request Chain 216

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFxIVcGcSODgncy94n66GFU&google_cver=1&google_push=Aer7DvJEOf-bJ8Z6Tix9wmY_vYe2pHDM0E5BEis5iud1ruOc2CeCpev0TsFAVhmU1uTmsqy5xAif-vejq6AyZqpLE4uDYfbFSg2wlw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxODg3ODE4MDUzMTcwNzE5Ng&google_push=Aer7DvJEOf-bJ8Z6Tix9wmY_vYe2pHDM0E5BEis5iud1ruOc2CeCpev0TsFAVhmU1uTmsqy5xAif-vejq6AyZqpLE4uDYfbFSg2wlw

Request Chain 218

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDg2snEQoR1ZHnjDegMD0hg&google_cver=1&google_push=Aer7DvK-h4tr81XgEBDThnPcD3IWapdYNiAqxL3axQF0dk_pSig9gQ3DsfrFr-yV0eGXAnL9nrzB3aTTAD88LjxIrq7vauQSem9Fqw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDg2snEQoR1ZHnjDegMD0hg&google_cver=1&google_push=Aer7DvK-h4tr81XgEBDThnPcD3IWapdYNiAqxL3axQF0dk_pSig9gQ3DsfrFr-yV0eGXAnL9nrzB3aTTAD88LjxIrq7vauQSem9Fqw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9J4B2Ya0S9Cbh4cuk4HoXQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvK-h4tr81XgEBDThnPcD3IWapdYNiAqxL3axQF0dk_pSig9gQ3DsfrFr-yV0eGXAnL9nrzB3aTTAD88LjxIrq7vauQSem9Fqw

Request Chain 219

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAqyY-ZKlYbqBvDkafRZmsE&google_cver=1&google_push=Aer7DvL3Xh34kq4SS5whYT6BANnIh-XliQaeG81_sagd22eRPNsQ5FuFW9E8aGdjZbFrcpk7l50RTfN06QiNp8SGH3c5S2g2FynWpxM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc5QjVXQjUtMjMtMzRQWQ==&google_push=Aer7DvL3Xh34kq4SS5whYT6BANnIh-XliQaeG81_sagd22eRPNsQ5FuFW9E8aGdjZbFrcpk7l50RTfN06QiNp8SGH3c5S2g2FynWpxM

Request Chain 228

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEE5uBjOeUGzTr7lRB_-JB-s&google_cver=1&google_push=Aer7DvLNFEDHf487cZdUrsBZUWszPaM94X-7sV1i9UFFkZ9PxPaHhKwjdltISxBAY0O64U2ROS44VVaCWOf2zZPhJ-CVbkPAXw_KBA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvLNFEDHf487cZdUrsBZUWszPaM94X-7sV1i9UFFkZ9PxPaHhKwjdltISxBAY0O64U2ROS44VVaCWOf2zZPhJ-CVbkPAXw_KBA

Request Chain 229

https://a.tribalfusion.com/i.match?p=b6&u=CAESECRoBzmWi15ZHPPq7hIdHoI&google_cver=1&google_push=Aer7DvJPg2m47V6OTZI1GphaEunMaHUFzkjwbPmCp5VbiVlsxq8snTCQea3Oh4srjHGatC3kMJunggdlMS3x21rD6hDuMf9YpyaQMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJPg2m47V6OTZI1GphaEunMaHUFzkjwbPmCp5VbiVlsxq8snTCQea3Oh4srjHGatC3kMJunggdlMS3x21rD6hDuMf9YpyaQMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECRoBzmWi15ZHPPq7hIdHoI&google_cver=1&google_push=Aer7DvJPg2m47V6OTZI1GphaEunMaHUFzkjwbPmCp5VbiVlsxq8snTCQea3Oh4srjHGatC3kMJunggdlMS3x21rD6hDuMf9YpyaQMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJPg2m47V6OTZI1GphaEunMaHUFzkjwbPmCp5VbiVlsxq8snTCQea3Oh4srjHGatC3kMJunggdlMS3x21rD6hDuMf9YpyaQMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 230

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEE80fQXIWsPEsSjjBx8G5yI&google_cver=1&google_push=Aer7DvJi1YShfSh56PxKI8QwGglCITgq_TzZrdvrHbb4jIVG2HbqpOQ5InQ-IvGtpxnHIFoAoyBHfzbvg8Xys7wMGTYJPi1YNJDH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE80fQXIWsPEsSjjBx8G5yI&google_push=Aer7DvJi1YShfSh56PxKI8QwGglCITgq_TzZrdvrHbb4jIVG2HbqpOQ5InQ-IvGtpxnHIFoAoyBHfzbvg8Xys7wMGTYJPi1YNJDH

Request Chain 231

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBkIedWxp5f83aU8oCiC1o8&google_cver=1&google_push=Aer7DvJCFXN9lrgODKhm6udo0LogEcRZd2PIDxSffKNVcyljfJsDy_UMPbIxeuFWa62IDtb0TAW3OrQgmNassKWXkBAmmIfh1O5aOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvJCFXN9lrgODKhm6udo0LogEcRZd2PIDxSffKNVcyljfJsDy_UMPbIxeuFWa62IDtb0TAW3OrQgmNassKWXkBAmmIfh1O5aOA&google_hm=A-GRRYPxS_a0sjBbNl3X14g

Request Chain 232

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJKP9u7BiYpU5rTL48NFNek&google_cver=1&google_push=Aer7DvKbK81eAleCMJZIh4eFBU6e4aMaclZOnvyU3ch52TrBGQ4iET7uM4vmhL947YyAMgL-CNWj3d_G37sPTkgzdJjgpqbbfTox HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eCQ4sY6eRFmULk4ZpXHCRQ2&google_push=Aer7DvKbK81eAleCMJZIh4eFBU6e4aMaclZOnvyU3ch52TrBGQ4iET7uM4vmhL947YyAMgL-CNWj3d_G37sPTkgzdJjgpqbbfTox

Request Chain 233

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBhWmKPOoCO7asZ0zzKcrpg&google_cver=1&google_push=Aer7DvKrSh0rucYJxwAz15vaRWlLG1YspqUEXJQJhelnSUDYYXOrIWpD-jjUaqFxpZPkEbsK0TN_6pArKSa60I3Hdob4SBHD9vF1pQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBhWmKPOoCO7asZ0zzKcrpg&google_hm=ZDKePasjxGtnr-ukb1CpCQAABG4AAAIB&google_nid=index&google_push=Aer7DvKrSh0rucYJxwAz15vaRWlLG1YspqUEXJQJhelnSUDYYXOrIWpD-jjUaqFxpZPkEbsK0TN_6pArKSa60I3Hdob4SBHD9vF1pQ

Request Chain 235

https://um.simpli.fi/gp_match?google_gid=CAESEC91QXBmp9ngTJiYCENjhps&google_cver=1&google_push=Aer7DvJF1U6Cx7xo6L6Bp-ca_b5-1fUe2EejgAu8UvffvnsKu-qxq_w1fSU2HKWmVGpR2ORRyszhKpqxl8mEo5sMtvRKPpJwX5YNzA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24D3F2EEA841454F94BDF58705153B79&google_push=Aer7DvJF1U6Cx7xo6L6Bp-ca_b5-1fUe2EejgAu8UvffvnsKu-qxq_w1fSU2HKWmVGpR2ORRyszhKpqxl8mEo5sMtvRKPpJwX5YNzA

Request Chain 237

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJKP9u7BiYpU5rTL48NFNek&google_cver=1&google_push=Aer7DvJV1d9AKR_h26x5K9hVmaMiJen56GENjqR8THFa4XsImbWLQIAWtBe5IOZ2q-XXXqF0aI9w-DyiFrZlT0_ORjEe9STCQD-GAw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YJ5dTvS3SK-aRD1VTGIS1g2&google_push=Aer7DvJV1d9AKR_h26x5K9hVmaMiJen56GENjqR8THFa4XsImbWLQIAWtBe5IOZ2q-XXXqF0aI9w-DyiFrZlT0_ORjEe9STCQD-GAw

Request Chain 239

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDg2snEQoR1ZHnjDegMD0hg&google_cver=1&google_push=Aer7DvJ9tVzFzn4loPFFByuJrtgRoTKppaARak0J5frciIUSWRpnTlh21qhv5hErflel8m_n1hxedDsrkrspoWKI27QPMFprWh888A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7vTiwAxxSZOqaeldu7TAsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJ9tVzFzn4loPFFByuJrtgRoTKppaARak0J5frciIUSWRpnTlh21qhv5hErflel8m_n1hxedDsrkrspoWKI27QPMFprWh888A

Request Chain 240

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAqyY-ZKlYbqBvDkafRZmsE&google_cver=1&google_push=Aer7DvK0pWAxt3w_T_n9H1BAh3KfHHv7cQVcxvoSkkYiyCTUEI4gsh3mrjHwYA_INbZxjs88azUFVkiDDrHlaNchTQdANx9duOJ-BQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc5QjVXRjYtRi0xSFVa&google_push=Aer7DvK0pWAxt3w_T_n9H1BAh3KfHHv7cQVcxvoSkkYiyCTUEI4gsh3mrjHwYA_INbZxjs88azUFVkiDDrHlaNchTQdANx9duOJ-BQ

Request Chain 241

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN_nW8TkYBWtXGHKkbaQsHo&google_cver=1&google_push=Aer7DvL0Y0PUBZ8A3XEqHQ5CaRS_4MVSYiTOms3Nxse3Tqbb8ghQPT9gFEgmSaUQPIe98VYu_pYjoQn4inR-ODlCXRZhnkDqEedopQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvL0Y0PUBZ8A3XEqHQ5CaRS_4MVSYiTOms3Nxse3Tqbb8ghQPT9gFEgmSaUQPIe98VYu_pYjoQn4inR-ODlCXRZhnkDqEedopQ

Request Chain 249

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-1114895170912147&ias_chanId=1&ias_placementId=19422215943&bidurl=https://www.2viaboleto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0haDMoBZQTUcTvJAic3Q4mD&adContainerId=brand_safety_PZ4yZJS9MK2l9u8Pst-FyAo&cbFunctionName=goog_wrapCb_PZ4yZJS9MK2l9u8Pst-FyAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.2viaboleto.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1114895170912147%26output%3Dhtml%26h%3D280%26adk%3D3172338258%26adf%3D1031923888%26pi%3Dt.aa~a.3912855863~rp.1%26w%3D350%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1680977490%26rafmt%3D1%26to%3Dqs%26pwprc%3D4327041981%26format%3D350x280%26url%3Dhttps%253A%252F%252Fwww.2viaboleto.com.br%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1681038908549%26bpp%3D2%26bdt%3D1890%26idt%3D2%26shv%3Dr20230405%26mjsv%3Dm202304040101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253De2d47fe427818d8f-22d0cead8add00b3%253AT%253D1681038907%253ART%253D1681038907%253AS%253DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw%26gpic%3DUID%253D00000bd37c6b06d3%253AT%253D1681038907%253ART%253D1681038907%253AS%253DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg%26prev_fmts%3D0x0%252C1200x280%252C1110x280%252C1110x280%252C1110x280%26nras%3D6%26correlator%3D1772029837489%26frm%3D20%26pv%3D1%26ga_vid%3D1913409177.1681038907%26ga_sid%3D1681038907%26ga_hid%3D205470193%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1005%26ady%3D4760%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759842%252C44759875%252C44759926%26oid%3D2%26psts%3DAHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi%26pvsid%3D1926835649570687%26tmod%3D2031825417%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D6%26uci%3Da!6%26btvi%3D4%26fsb%3D1%26xpc%3Dppwnz0ZDxe%26p%3Dhttps%253A%2F%2Fwww.2viaboleto.com.br%26dtd%3D45&adsafe_type=bed&adsafe_jsinfo=,id:e131d250-4725-d141-b475-adf074e05805,c:9hLu2R,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-j4dvn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,dvs:visible,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tAVBX1X+11%7C12%7C131%7C141%7C142%7C151%7C161%7C162%7C171*.990511-61634100%7C1711%7C1712%7C1713%7C1714%7C1811%7C191%7C1a1%7C1b1%7C1b2,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:21,oid:ca599e3a-d6c7-11ed-814d-5a2fa9b6fed4,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

276 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.2viaboleto.com.br/ 134 KB
29 KB 130ms
24ms Document
text/html 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

bc614820bb8a7621f48a2bbe3058977302c670692a1c5783788893218bfb7e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 09 Apr 2023 11:15:06 GMT
last-modified: Sat, 08 Apr 2023 18:11:30 GMT
server: nginx-rc
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 ibmplexsans-bold-webfont.woff2
www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ 26 KB
26 KB 18ms
13ms Font
font/woff2 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ibmplexsans-bold-webfont.woff2

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

2197d977fd86c0ce36c2db29da04a3e9bb4dbc64ddac67519f379dbd37fd0fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.2viaboleto.com.br/
Origin: https://www.2viaboleto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-6724"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 ibmplexsans-bold-webfont.woff
www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ 33 KB
34 KB 18ms
13ms Font
font/woff 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ibmplexsans-bold-webfont.woff

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

9eef1086914a261727440b5426f1a4422e0ede94cde641136286bd25d8d49e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.2viaboleto.com.br/
Origin: https://www.2viaboleto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-84f0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 ibmplexsans-regular-webfont.woff2
www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ 26 KB
26 KB 18ms
14ms Font
font/woff2 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ibmplexsans-regular-webfont.woff2

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

c8dfbbfebd0fa034a8bc6731e0ca1a4e96ad040cc4954fcedf0e78cc33568833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.2viaboleto.com.br/
Origin: https://www.2viaboleto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-67a0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 ibmplexsans-regular-webfont.woff
www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ 33 KB
33 KB 19ms
14ms Font
font/woff 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ibmplexsans-regular-webfont.woff

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

4bcde2058847d8c4fe4fb2ba5b0bb8c48eadf51c371e4e3bbce3c1bb09808063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.2viaboleto.com.br/
Origin: https://www.2viaboleto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-8474"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 73ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-53198037-1

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01c45aaa52000cd6953f4bad3cdc47e4a667ed0afc50e4e3fa7afe91d7a50082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44941
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Apr 2023 11:15:06 GMT

GET
H2 200 classic-themes.min.css
www.2viaboleto.com.br/wp-includes/css/ 217 B
400 B 32ms
28ms Stylesheet
text/css 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-includes/css/classic-themes.min.css

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 19 Dec 2022 18:59:13 GMT
server: nginx-rc
etag: W/"63a0b481-d9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 theme-structure.min.css
www.2viaboleto.com.br/wp-content/cache/min/1/wp-content/themes/brw/assets/styles/ 28 KB
6 KB 32ms
29ms Stylesheet
text/css 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/cache/min/1/wp-content/themes/brw/assets/styles/theme-structure.min.css?ver=1653932839

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

6e51b1506ae8b2c4acec4dfc6aa5e5ff817462d3a67e2bfdf0a5f633b6b7d379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 May 2022 17:47:19 GMT
server: nginx-rc
etag: "62950327-1578"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
content-length: 5496
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 theme-home.min.css
www.2viaboleto.com.br/wp-content/themes/brw/assets/styles/ 1 KB
626 B 32ms
29ms Stylesheet
text/css 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/styles/theme-home.min.css

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

2b7857735f209a7446ddba4f53920335b47b2862486f4cb53346fb89f608b1db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-590"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
47 KB 132ms
63ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1114895170912147

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04e2bf8b45eb7c57a0e534e4782c67b2ccfc7788b5cb8221aef4f68a3aaef104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Origin: https://www.2viaboleto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48172
x-xss-protection: 0
server: cafe
etag: 12231290065367631182
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:06 GMT

GET
H2 200 caa4874afbd217c7e7faff3d407ec9cc_1.js Show response
web.webpushs.com/js/push/ 116 KB
37 KB 103ms
52ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/js/push/caa4874afbd217c7e7faff3d407ec9cc_1.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

5c7fe66186bd39c8189568917d9a4e849f4dc404e39def5278606f35ed35e6a2

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 wss://ws.binotel.com:9002 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng sendpul.se .sendpul.se trckln.com .loginsrc.com .routee.net .routee.net:444 .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com revisionme.pages.dev .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com s3.eu-central-1.amazonaws.com .googleoptimize.com .privatbank.ua .cardinalcommerce.com viacep.com.br 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 09 Apr 2023 11:15:06 GMT
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options: nosniff
content-encoding: gzip
x-cache: MISS
x-77-cache: MISS
x-xss-protection: 1; mode=block
x-77-nzt: AZySIRD1oceh
x-sp-ma: sp-ma-0
last-modified: Tue, 23 Nov 2021 20:42:06 GMT
server: CDN77-Turbo
etag: W/"1d021-5d17ac64285e8"
x-77-nzt-ray: f6587a1d51dc49303a9e3264fd16792c
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
x-sp-pr: lpr-02
cache-control: max-age=604800
expires: Sun, 16 Apr 2023 11:15:06 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c40ed179b696f5690385254e6d461ae5e8396729af33955e70dfb2482ce00d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03037ab6da2abbc92f5a9d15b9a26aa4c99c428fd944c350b3a09b71d8754845

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f35f122e6ce4a1a7716ec5195343a95677ce8b6499637d3dac5388c178883d7e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8af62449a9d4c9bfcbed67d04bf990832c687d81a939109b6080341d1bbe2545

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72957e5c2b234ae7cde201e06138eb4d692d5508d4e21a7d27cc7074813c4832

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34e0bb5c5ed1184e6452cf7562faf332af1a26e95e50e035ff0a9f7065e6df9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bbc1ede5c163301e776b1bd1307275e343af6a94e38e470a3530dbc78bf0959

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2de5dbb6c7491affb6ca7b92ba29bb712bfd7e73ad36786c3fb0ba57c86e73d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bbcf1b601485bcd74630815ea6180a77c56c6bfe481b36b00240a76211cfb18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c8aee8e0b70fff05f1923310674a6b79d401e65f642d291e15ba779dd1035df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 346e1b927246849bc11cc69c9df8cab8ebdd6c8db92b5f57730cb58f07ce57d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 997c2317aa5c7a37d5fad9bfbf40c4a78227ebf8036edf76c0083eb77bff479f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 frontend-gtag.min.js Show response
www.2viaboleto.com.br/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 12 KB
3 KB 22ms
22ms Script
application/javascript 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

23eb134e746f1e5c265c5d33d045af48c444617adaa281fb993d6070bdc04c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 01 Apr 2023 07:29:50 GMT
server: nginx-rc
etag: W/"6427dd6e-2e3b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 lazysizes.min.js Show response
www.2viaboleto.com.br/wp-content/themes/brw/assets/scripts/ 7 KB
3 KB 22ms
21ms Script
application/javascript 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/scripts/lazysizes.min.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

aa51c452743520d3d7be8569341b9c4b6e2174975e6f4e30cb74d93d27f38349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-1bee"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 scripts.min.js Show response
www.2viaboleto.com.br/wp-content/themes/brw/assets/scripts/ 2 KB
794 B 22ms
22ms Script
application/javascript 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/scripts/scripts.min.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

3d8aff3488c1f0cf82473f1d958bd176e445282c3caaeb32a4f1c09c427e9be1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-79a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 lazyload.min.js Show response
www.2viaboleto.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 23ms
22ms Script
application/javascript 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 Apr 2023 08:17:31 GMT
server: nginx-rc
etag: W/"642a8b9b-22bc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 Copel-Segunda-via-Como-tirar-a-sua.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/02/ 87 KB
87 KB 14ms
12ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/02/Copel-Segunda-via-Como-tirar-a-sua.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

3e5607ea43d18a908a4c66eabf6648472467b084de61d70229daaf2ceb403237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2022 17:53:25 GMT
server: nginx-rc
etag: W/"620e8b95-15abc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 2-via-celesc.jpg
www.2viaboleto.com.br/wp-content/uploads/2014/08/ 18 KB
18 KB 14ms
12ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2014/08/2-via-celesc.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

28bce427c6d0dc435e757269ff824004937e5ad65f032fdc4524119b746eeeeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Nov 2018 08:36:34 GMT
server: nginx-rc
etag: W/"5bf66a92-4660"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 celglogo.jpg
www.2viaboleto.com.br/wp-content/uploads/2014/10/ 2 KB
2 KB 14ms
12ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2014/10/celglogo.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

e3c8d6cda903250d395120bb2b795693ad41cd75ef06e02bcae47967dc73cf86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Nov 2018 08:35:36 GMT
server: nginx-rc
etag: W/"5bf66a58-96e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 Veja-como-emitir-sua-segunda-via-Celpe-300x300.jpg
www.2viaboleto.com.br/wp-content/uploads/2023/03/ 16 KB
16 KB 14ms
13ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2023/03/Veja-como-emitir-sua-segunda-via-Celpe-300x300.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

50ebc61ff97ce47c96a59ac77aeeea0207caca52a385123bd199ade1c25659bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 13:31:16 GMT
server: nginx-rc
etag: W/"64186024-408f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 Compesa-Segunda-via-Veja-como-solicitar.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/02/ 87 KB
88 KB 14ms
13ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/02/Compesa-Segunda-via-Veja-como-solicitar.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

20e4f92000fdd6db3859e5a887e00f3eda04a89c231ec8270dec5200fa46d2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 16:31:34 GMT
server: nginx-rc
etag: W/"62150fe6-15dd8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 Caern-Segunda-via-Gere-a-sua-fatura.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/02/ 84 KB
85 KB 14ms
13ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/02/Caern-Segunda-via-Gere-a-sua-fatura.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

2b4d71e68760154cf89d865d2816de9b79e3d7407061d39ac8b61015388ba789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 19:00:04 GMT
server: nginx-rc
etag: W/"621532b4-1517f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 DESO-Segunda-via-Saiba-mais.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/02/ 87 KB
87 KB 14ms
14ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/02/DESO-Segunda-via-Saiba-mais.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

5942aa38a57c18eabdf62bc76252331129b993797b54400a7041cbade76b78d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 23 Feb 2022 12:39:50 GMT
server: nginx-rc
etag: W/"62162b16-15a40"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 embasalogo.jpg
www.2viaboleto.com.br/wp-content/uploads/2014/10/ 44 KB
43 KB 15ms
14ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2014/10/embasalogo.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

6fc0db464c7c0a52b9fbb64825882ff81273f56319fb6376a4e4738f04fc2758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Nov 2018 08:36:10 GMT
server: nginx-rc
etag: W/"5bf66a7a-b1c4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 2viaboleto-novo.png
www.2viaboleto.com.br/wp-content/uploads/2022/05/ 3 KB
3 KB 26ms
23ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/05/2viaboleto-novo.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

3fcc65363965765df778ba971639d84376f09dc17e9769b5a26895d7344e2bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 18:17:44 GMT
server: nginx-rc
etag: W/"628bcfc8-c15"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 menu-01.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 975 B
1 KB 30ms
28ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-01.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

2ff0ff037fc73d5bbea051dc0575e0c2d4a8d93dedb2715b00a126b0a7006d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:18 GMT
server: nginx-rc
etag: W/"5bf59f12-3cf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 menu-02.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 1 KB
1 KB 30ms
28ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-02.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

4759a5cbbaf2b48c7ab2ed5eb46b93e12fda0964ac3278ef367d8e7660ca5b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:16 GMT
server: nginx-rc
etag: W/"5bf59f10-46f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 menu-03.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 984 B
1 KB 33ms
31ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-03.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

93326eb41a20db97ca003b220ef4ddb2c3bd07bbed23ef5031cbd78972b502ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:16 GMT
server: nginx-rc
etag: W/"5bf59f10-3d8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 menu-04.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 721 B
923 B 33ms
31ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-04.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

a650c814d488eae07920ba06e2725bb96d96292b417ae35024f8445ce2fd7afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:14 GMT
server: nginx-rc
etag: W/"5bf59f0e-2d1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 menu-05.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 771 B
966 B 33ms
32ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-05.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

0a81c51fdca70a0e0cb72e27e1ab7e32decf2c10c7cd5469cd5f4afc55e0d47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:20 GMT
server: nginx-rc
etag: W/"5bf59f14-303"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 menu-06.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 869 B
1 KB 33ms
32ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-06.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

5cb8afa23d794598d2e509f33f56bad58616cc0fb9c9aa75380e1b4a16390554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:18 GMT
server: nginx-rc
etag: W/"5bf59f12-365"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 menu-07.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 864 B
1 KB 34ms
32ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-07.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

7e2d9dc11c42c4c70b2edab9599a14a1401ac0effc16729a5cee66d57fa1d56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:18 GMT
server: nginx-rc
etag: W/"5bf59f12-360"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 menu-08.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 968 B
1 KB 34ms
33ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-08.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

7117fc3005bd535577a248feda72de2f33d09b8a5d4ee5f344e08f7a9c90cbb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:18 GMT
server: nginx-rc
etag: W/"5bf59f12-3c8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 menu-09.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 935 B
1 KB 34ms
33ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-09.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

e0b7c636c8756825c0652b5d3decf36bbcb6ea03eb8fce82e2dc10e8dc0bb622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:18 GMT
server: nginx-rc
etag: W/"5bf59f12-3a7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 57ms
13ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 09 Apr 2023 10:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4194
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 09 Apr 2023 12:05:12 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/ 348 KB
116 KB 103ms
75ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1114895170912147&plah=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b913e87f320c679e3f441d3ec19509e91179087cc59bd3ad3b57ffd96a243d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119045
x-xss-protection: 0
server: cafe
etag: 9152976303106603852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/ Frame B48C 10 KB
5 KB 87ms
23ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 09:11:18 GMT
etag: 2378337311435320485
expires: Sun, 23 Apr 2023 09:11:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 20ms
20ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=205470193&t=pageview&_s=1&dl=https%3A%2F%2Fwww.2viaboleto.com.br%2F&ul=en-us&de=UTF-8&dt=2%C2%AA%20VIA%20BOLETO%20-%20Coelba%20-%20Sabesp%20-%20Vivo%20-%20Oi%20-%20CAIXA%20-%20CELPA%20-%20CPF%20-%20CELESC%20-%20BV%20-%20FIES%20-%20CONTA%20TELEFONICA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1645192129&gjid=934928307&cid=1913409177.1681038907&tid=UA-53198037-1&_gid=110347969.1681038907&_r=1&gtm=457e3430&did=dNDMyYj&gdid=dNDMyYj&jsscut=1&z=1168321491

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.2viaboleto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.2viaboleto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-53198037-1&cid=1913409177.1681038907&jid=1645192129&gjid=934928307&_gid=110347969.1681038907&_u=YEBAAUAAAAAAACAAI~&z=987985886

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.2viaboleto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 09 Apr 2023 11:15:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.2viaboleto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 74ms
36ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-53198037-1&cid=1913409177.1681038907&jid=1645192129&_u=YEBAAUAAAAAAACAAI~&z=562405465

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 89ms
51ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-53198037-1&cid=1913409177.1681038907&jid=1645192129&_u=YEBAAUAAAAAAACAAI~&z=562405465

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Segunda-via-Santander-Saiba-como-emitir.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/04/ 87 KB
87 KB 12ms
11ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/04/Segunda-via-Santander-Saiba-como-emitir.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

732eecb68ef3d0de07b24ccd9267a189090c57630e02f415906e6722a54be2b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 18 Apr 2022 16:33:49 GMT
server: nginx-rc
etag: W/"625d92ed-15ac9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:07 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
608 B 55ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.2viaboleto.com.br&callback=_gfp_s_&client=ca-pub-1114895170912147

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cec8f40b1b61512d27ac4cc6dd741dad05e524d9c38ed5d2fb5e4ec42f33bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 76ms
22ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 62ms
21ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 93BE 505 KB
82 KB 1314ms
1314ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&adk=1812271804&adf=3025194257&lmt=1680977490&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038906874&bpp=8&bdt=215&idt=203&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1772029837489&frm=20&pv=2&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=225

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4bd7408de95c847558282cc24ea3589f76f817963fb99e088beaed2cddf4440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 83270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:08 GMT
expires: Sun, 09 Apr 2023 11:15:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F1EA 87 KB
31 KB 1012ms
1011ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1200x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038906882&bpp=2&bdt=223&idt=224&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JovgQ82tbt&p=https%3A//www.2viaboleto.com.br&dtd=230

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af00905084228f83bf706b8325d6d5db6d96f1771d52e5a8ccc89787c201b1f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32000
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:08 GMT
expires: Sun, 09 Apr 2023 11:15:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Atualizar-boleto-Sicoob-Aprenda-de-forma-pratica.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/05/ 87 KB
87 KB 12ms
11ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/05/Atualizar-boleto-Sicoob-Aprenda-de-forma-pratica.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

b3a977d7cddb22c664832e1ae5057809849c4c635c9a4c15fa019761159e8262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 16 May 2022 17:22:32 GMT
server: nginx-rc
etag: W/"62828858-15cda"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F1EA 6 KB
1 KB 71ms
25ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1200x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038906882&bpp=2&bdt=223&idt=224&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JovgQ82tbt&p=https%3A//www.2viaboleto.com.br&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 09:15:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame F1EA 2 KB
818 B 85ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F1EA 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CplZHO54yZJ-4CJiH9fgPuceRUMTa88Vv7-Cvre0RsLKA7JACEAEgwtuPImCVgoCArAegAaedxrYpyAEJqQJXAg04t0uyPqgDAcgDywSqBPQBT9CoxboKP_1N-4Wlh8vQyrJBG0G5S03GsKM9qK2VKC4PhVJ7GrIlwxzFPNe0FHSYw3e8TB_1sOF1xa6KgRwB1SfIKvrMV-fZlGusZO4ptzQrENZ7qESQxNT_BNYD9-n03aAG6wOlY9MGIUDsvQ9n2eFuBIcxGgsN9npWgcVVT7X7Rsb_SiCjmXjAWIxxTOMVuWgzxfvmbGZslQPirgCZVTguFSL_VQN97iMz03FUyS1taZTH4AYdlIt8Sf3ymvb7J39wK5mhq-aqcsphVnz4BbQhWFPqHp2wCMkQnw-LO2EfwixvdTIaNrUr-SyhlEeHQpmJSMAEhvDmk58EkgUECAQYAZIFBAgFGASgBi6AB6fVlpYEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnaBC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTExMTQ4OTUxNzA5MTIxNDcYAA&sigh=uppaqDdQU4A&uach_m=[UACH]&cid=CAQSGwDUE5ym1kntX1qKHx4D2kU68ot7iWZI3iaMiRgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1200x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038906882&bpp=2&bdt=223&idt=224&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JovgQ82tbt&p=https%3A//www.2viaboleto.com.br&dtd=230
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 09 Apr 2023 11:15:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame F1EA 22 KB
9 KB 76ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame F1EA 3 KB
1 KB 80ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame F1EA 20 KB
8 KB 77ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1EA 159 KB
49 KB 110ms
50ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame F1EA 34 KB
15 KB 97ms
25ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 09:27:22 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12009712761237945971/ Frame F1EA 30 KB
30 KB 81ms
23ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12009712761237945971/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8fba4095c22ea77f83395b3803fbf7eaebb91ebd992c461db4ac5874be63fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 16:30:43 GMT
x-content-type-options: nosniff
age: 153865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30737
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 11:50:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 16:30:43 GMT

GET
DATA 200
OK truncated
/ Frame F1EA 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5ad960b15b5e9aa621e0a2527a4ea2c857d4d10d2b4bf82835e019f9760b44e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F1EA 15 KB
16 KB 72ms
14ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 434638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F1EA 15 KB
15 KB 77ms
20ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 434640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F1EA 15 KB
15 KB 83ms
28ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 434637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:11 GMT

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame A584 36 KB
14 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 420154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 14:32:34 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/ 149 KB
51 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/reactive_library_fy2021.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8659fffff542481ed52bf651702cf42265eebbadc992eb5fef58a57f2aac4ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51874
x-xss-protection: 0
server: cafe
etag: 12925803361509700767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 23ms
21ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 23ms
22ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A18 133 KB
38 KB 800ms
799ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=U9FQrLWIvi&p=https%3A//www.2viaboleto.com.br&dtd=33

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e100bdf373cf6f3120c1ad917d1773be14fd69da96cb7e930be7218bf41f942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 39021
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 06B8 134 KB
38 KB 1248ms
1248ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1456288602&adf=2222756707&pi=t.aa~a.631950499~rp.3&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pFNCn8HcwW&p=https%3A//www.2viaboleto.com.br&dtd=38

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

430dbbdaf8b1aee2d9bcc678728025a780d9a2212ddfb55af48f4ec08252befd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 39246
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E347 134 KB
38 KB 1174ms
1173ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tkpzcOCyAW&p=https%3A//www.2viaboleto.com.br&dtd=42

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2930e494569c86f6d92380843e7e2f636d2393f03550c8c4a3105555babe913c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 39311
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F38A 21 KB
9 KB 1079ms
1079ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0770b353a9e537b5ca96aaa338c89046d8b3c03859fc27ab7cbda454003712e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 9001
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame AEA9 10 KB
4 KB 15ms
14ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 02:22:48 GMT
etag: 2378337311435320485
expires: Sun, 23 Apr 2023 02:22:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame 588D 10 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 02:22:48 GMT
etag: 2378337311435320485
expires: Sun, 23 Apr 2023 02:22:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame E9E0 10 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 02:22:48 GMT
etag: 2378337311435320485
expires: Sun, 23 Apr 2023 02:22:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame FBD4 10 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 02:22:48 GMT
etag: 2378337311435320485
expires: Sun, 23 Apr 2023 02:22:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame AEA9 4 KB
705 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 10:29:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AEA9 205 B
518 B 22ms
21ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 09:36:11 GMT
x-content-type-options: nosniff
age: 5937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 08 Apr 2024 09:36:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AEA9 604 B
694 B 22ms
22ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 10:46:17 GMT
x-content-type-options: nosniff
age: 1731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 08 Apr 2024 10:46:17 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame AEA9 19 KB
8 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 22:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 22:11:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 588D 8 KB
966 B 36ms
36ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 10:34:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 588D 2 KB
799 B 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 588D 22 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 588D 3 KB
1 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 588D 20 KB
8 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 588D 159 KB
49 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame 588D 34 KB
14 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 09:27:22 GMT

GET
H2 200 6ad0e37510f8e3483bebad31dbd0e18a.js Show response
www.gstatic.com/mysidia/ Frame E9E0 9 KB
4 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 23:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4014
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 23:59:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 23:36:40 GMT

GET
H2 200 391edcfc9250fc73687380a2b5a5bc72.js Show response
www.gstatic.com/mysidia/ Frame E9E0 10 KB
4 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/391edcfc9250fc73687380a2b5a5bc72.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d5e2c8f259d9f8be3197487826c56d6781c9547b264e16e3999cc7534268935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 09:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4409
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 09:11:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E9E0 8 KB
966 B 48ms
42ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 10:41:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame E9E0 2 KB
799 B 43ms
34ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame E9E0 22 KB
9 KB 36ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame E9E0 3 KB
1 KB 40ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame E9E0 20 KB
8 KB 38ms
33ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9E0 159 KB
49 KB 73ms
67ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame E9E0 34 KB
14 KB 48ms
43ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 09:27:22 GMT

GET
H2 200 6ad0e37510f8e3483bebad31dbd0e18a.js Show response
www.gstatic.com/mysidia/ Frame FBD4 9 KB
4 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 23:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4014
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 23:59:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 23:36:40 GMT

GET
H2 200 391edcfc9250fc73687380a2b5a5bc72.js Show response
www.gstatic.com/mysidia/ Frame FBD4 10 KB
4 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/391edcfc9250fc73687380a2b5a5bc72.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d5e2c8f259d9f8be3197487826c56d6781c9547b264e16e3999cc7534268935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 09:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4409
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 09:11:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FBD4 8 KB
966 B 51ms
47ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 11:02:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame FBD4 2 KB
799 B 40ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame FBD4 22 KB
9 KB 39ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame FBD4 3 KB
1 KB 41ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame FBD4 20 KB
8 KB 39ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FBD4 159 KB
49 KB 105ms
101ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame FBD4 34 KB
14 KB 52ms
49ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 09:27:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8135 8 KB
893 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 10:09:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 8135 2 KB
799 B 34ms
34ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 8135 22 KB
9 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 8135 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 8135 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8135 159 KB
49 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:08 GMT

GET
H3 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame 8135 34 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 09:27:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 689C 143 B
166 B 35ms
34ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 10:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FBD4 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUsioO54yZN7xB-GQ9fgPm9mIoAXNx7jOb_On4Ma6CcSEhZ4LEAEgwtuPImCVgoCArAegAbfNrN8DyAEBqQJXAg04t0uyPqgDAcgDywSqBPABT9DEsaUqPcDxnJXHYl2qGqjpnTOmR_W8z2PaXrw9uT7e3xe54P22pfEUWQyho8SBIsd5b9cv9GfZZ3qYHhR7pO8ZBhu8av-g0xfxhowk6nYztPRgiqtidz_lyf2gOhFDr_qo96OMpHBdUkMXlONTQhxngRlrWMbm-QEYTbk3h7ClcHVX7SaWSWdEwtSaDNcl-AV8vkRoEojZ0wWf2lWSX6f23MRbVcBlCLBydqv4qdNd7GIV0Lcp5x82VdyfyD2mSrIdvKwJnaWHeCnER4HQfjSPIA0FtrZQITtYdkrHyBMZgPMOQDJ32vhElajqdHo1wATJquydYJIFBAgEGAGSBQQIBRgEgAexstMgqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ354M0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAbQFQGAFwGyFxwKGggAEhRwdWItMTExNDg5NTE3MDkxMjE0NxgA&sigh=HmzfQtfli1w&uach_m=[UACH]&cid=CAQSGwDUE5ym9Dy8RC0lZUGx8u3Xne6fCcKDlRn6RRgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 09 Apr 2023 11:15:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2561 143 B
166 B 30ms
30ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 10:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E4B1 143 B
166 B 39ms
38ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 10:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FBD4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ebe38f1e00ba9ba783f7828e1ebdb7fa455ce59451b330198a9e98e4fb19f32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FE8 36 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 420154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 14:32:34 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 689C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
34ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:08 GMT
expires: Sun, 09 Apr 2023 11:15:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2561
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

25ms
25ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:08 GMT
expires: Sun, 09 Apr 2023 11:15:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E4B1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

26ms
26ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:08 GMT
expires: Sun, 09 Apr 2023 11:15:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame CB20 36 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 420155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 14:32:34 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F1EA 42 B
174 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssC4LP0ICF4y2YIk1kwNx7xWjmc5mWV5GZjxdzL8b4-evNNhaacHTiKFaIy2r-Gl9p42h5eoClORyzYzkJ7MxXl70pmkx2ZfquwDVmXepefGDmpPqiHhz64VIQnDgKQyz2dNQfwMw&sai=AMfl-YSi1Ofk9yNgNSpycykIgJ2-5uUc_pwv3UiPYru1cN67a69ldJL9fWhRj3L7ffgwG5mQ84v8uuMLjroE&sig=Cg0ArKJSzHKA08v6X10_EAE&cid=CAQSGwDUE5ym1kntX1qKHx4D2kU68ot7iWZI3iaMiRgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230405&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3809598800&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681038907113&rpt=1229&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3A18 3 KB
597 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=U9FQrLWIvi&p=https%3A//www.2viaboleto.com.br&dtd=33

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d247591f9522801d7a053e929a77212df61c2f153a309141648ad9a7894b1a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Apr 2023 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 10:41:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Apr 2023 11:15:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 3A18 2 KB
765 B 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 3A18 22 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 3A18 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A18 0
0 59ms
58ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ129PJ4yZNqmJY2P9fgPqOqy2AelrMH6b9qhoOrSEK7G6I-oMBABIMLbjyJglYKAgKwHoAHV_omnAsgBCagDAcgDywSqBPkBT9ATA5ZAm4_P9xSSiQfiR5TNMwCnBPAdsG4qXqmMMx2w7kztyRTtlVEzxSmDMM79Oq6JUMsSljloH16cLTCjzqH02u8tHy-X6Mo7IsJXtPnlrMBpR2upvnRjM7ql9mRJZY7Wm4mSlxLN3sUpM78zfdMJ6FtCMtWwO_nbNEtIznPUXQ8KCygumWjTcHXewuUHbhk9OeJqaYYRtKnByd_4hWPD_pu4v2VgcnIqHJuAv01ZXzrLxPUAiiLyFs6mxXMAkOlpasKiTWow51wUQCtC2iWnNLE0WZUS0hck_KGse2lQYvvTsKNU7jRxRHoC1ElNPTPYKQcxJsTFwASC3Kj8hASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzrD02AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ-JwD0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMTExNDg5NTE3MDkxMjE0NxgA&sigh=AKLl38kKfzo&uach_m=[UACH]&cid=CAQSPADUE5ymrzAIkmkPwwbinFePThX4u0xnoAcimgb87KdaApknbKy8RVbUWuJglQCEMfhHOdq0SrBch2WzSBgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=U9FQrLWIvi&p=https%3A//www.2viaboleto.com.br&dtd=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 09 Apr 2023 11:15:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 3A18 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3A18 0
0 25ms
22ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfRuVPulryjcUCxhD1UU0ybxS3EyUNCXQneZdNSMPRWNuuxjcInEE9DsDgSxLNwpPIN-Q4CWj9Dw1Z3mXVScB3MCkSlQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=U9FQrLWIvi&p=https%3A//www.2viaboleto.com.br&dtd=33
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A18 159 KB
49 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:09 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 3A18 33 KB
14 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 3A18 7 KB
8 KB 76ms
13ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQruhzewoi34-OiYBvtMK3_PgiwkJkKOeW1WbQTj8YzGUETAJqYjulCrbjVqQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fded76bc20710d1e8bed8013883fec71c7951f9d52c622b787395b946905b511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 09:32:34 GMT
x-content-type-options: nosniff
age: 6155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7209
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 11:12:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 08 Apr 2024 09:32:34 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 3A18 25 KB
26 KB 57ms
14ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTso__SGprr-CzNefRC2mz4jwA4gXAuv65mD1LOvXrqiDhvSFZrb-1mZvH2JBs&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23598d34c690a9648cd9751d4293bf64c9eeaf90ea9762ff5f783bbb50663acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 08:57:56 GMT
x-content-type-options: nosniff
age: 94633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25654
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 09:53:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 08:57:56 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 3A18 27 KB
28 KB 59ms
15ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ53oleWIBlLvHdlzyv2e-I1aZt8TcRW6tGKxXYv0G_mpO5CJTU78P4IUqMdqY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

631914f76acb9cbb821fd70e116d546902bdb27df5e2176769b1206ef58ddcc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:13:42 GMT
x-content-type-options: nosniff
age: 93687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27901
x-xss-protection: 0
last-modified: Sat, 25 Mar 2023 17:06:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 09:13:42 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 3A18 32 KB
32 KB 64ms
13ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSzbAF-XzvafJtam1NM8r_lP94HwQNsIfBOH6Hz1XW5sacurFY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6c3a6797b2bac5fe6ffb1dcee41d518f2a7c5785e83d5c49e47afb1fde4df9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 07:37:10 GMT
x-content-type-options: nosniff
age: 99479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32273
x-xss-protection: 0
last-modified: Sun, 14 Aug 2022 19:14:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 07:37:10 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 3A18 28 KB
28 KB 75ms
32ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ7kzLsSs84EYUGlp9mpaTqaC18MbX2_4MkzuJ-JqDywZO1hbB7QD9zUbl8Gw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c359be8d42735792ec0f6ebf1a37c96ab09d936b369543a347547c93cc7c901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:14:03 GMT
x-content-type-options: nosniff
age: 93666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28948
x-xss-protection: 0
last-modified: Sat, 03 Sep 2022 11:08:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 09:14:03 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 3A18 20 KB
20 KB 69ms
26ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSDTPdeEVP4Ab8D_rAoM7FqByUO4Y1nm1I93VpJy4aB3T5LTJVC02iLJurT5ZE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28f5fa40f39fa4b08302c82a0882701e50cf1c8a61ce6ac76501d822ac66f823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:22:18 GMT
x-content-type-options: nosniff
age: 190371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20382
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 12:40:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 06:22:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BD00 1 KB
643 B 13ms
12ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 09:08:23 GMT
etag: 48472445140208031
expires: Mon, 10 Apr 2023 09:08:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3A18 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 315d7701e6050d8935fe781df48be35fbcfb0f1e5897c78e305e747b89e9c070

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BD00
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGu4GCrGTIhNbGg2bKHXfZQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGu4GCrGTIhNbGg2bKHXfZQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHZZRnhnRjYxUEx0ME41&google_gid=CAESEGu4GCrGTIhNbGg2bKHXfZQ&google_cver=1&google_push=Aer7DvJrZb_uAG5pcvmB5zYxKvgzSUyncD0gDG8KeGgjP3w...

170 B
232 B

40ms
24ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHZZRnhnRjYxUEx0ME41&google_gid=CAESEGu4GCrGTIhNbGg2bKHXfZQ&google_cver=1&google_push=Aer7DvJrZb_uAG5pcvmB5zYxKvgzSUyncD0gDG8KeGgjP3wOWkT_PapeRAsgdEnDOzTaRY5ZZHcKFRnzqj6M9Tv5lgKWzQDCGSZuqBk

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 09 Apr 2023 11:15:09 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-09a32cc2c473a3db5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHZZRnhnRjYxUEx0ME41&google_gid=CAESEGu4GCrGTIhNbGg2bKHXfZQ&google_cver=1&google_push=Aer7DvJrZb_uAG5pcvmB5zYxKvgzSUyncD0gDG8KeGgjP3wOWkT_PapeRAsgdEnDOzTaRY5ZZHcKFRnzqj6M9Tv5lgKWzQDCGSZuqBk
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BD00
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEC91QXBmp9ngTJiYCENjhps&google_cver=1&google_push=Aer7DvIcP5pLcCItpwMAeFtSJNxS_kdo_onziEG88SmEedxRrxCf8fpA5YllsDimnQUVuSBOcPaT9VyxzA7vgSMW7HQZR7pdeLrSO18
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24D3F2EEA841454F94BDF58705153B79&google_push=Aer7DvIcP5pLcCItpwMAeFtSJNxS_kdo_onziEG88SmEedxRrxCf8fpA5YllsDimnQUVuSBOcPaT9VyxzA7vgSM...

170 B
232 B

24ms
23ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24D3F2EEA841454F94BDF58705153B79&google_push=Aer7DvIcP5pLcCItpwMAeFtSJNxS_kdo_onziEG88SmEedxRrxCf8fpA5YllsDimnQUVuSBOcPaT9VyxzA7vgSMW7HQZR7pdeLrSO18

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Apr 2023 11:15:09 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24D3F2EEA841454F94BDF58705153B79&google_push=Aer7DvIcP5pLcCItpwMAeFtSJNxS_kdo_onziEG88SmEedxRrxCf8fpA5YllsDimnQUVuSBOcPaT9VyxzA7vgSMW7HQZR7pdeLrSO18
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 08 Apr 2023 11:15:09 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame BD00 70 B
265 B 118ms
44ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBKkaZP24P0scMlxLa4MNdY&google_cver=1&google_push=Aer7DvJifz6T3oN4WEJywvh7Im8Q8pumEBTjYkrfSgoX4f4LkMTm4x9_NbD3r0vUYq2TcX8YcBYHwUJasXJ0GMOqC8WW7CjK3592M2s
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=U9FQrLWIvi&p=https%3A//www.2viaboleto.com.br&dtd=33
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame BD00 0
173 B 68ms
19ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOBm0_fHIisYKwq56OwWiZY&google_cver=1&google_push=Aer7DvLxMZIsUnzJ0GcQFQoM9S1Wl_-SOZQpUnUtAkqjgKq-LoAF0UyULUDjbhLc_e2V_PZ6sBGp2XWnkvmWstHdLgAtiCxtg0Xo4Fg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=U9FQrLWIvi&p=https%3A//www.2viaboleto.com.br&dtd=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BD00
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFxIVcGcSODgncy94n66GFU&google_cver=1&google_push=Aer7DvKAaFFVF-9GuZw8N9cOuvEi_Ro11RD1y-vlFfqGWru_7xlWxe7hkRXH3nkGpI3rQzBb2ftmNuWy...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFxIVcGcSODgncy94n66GFU&google_cver=1&google_push=Aer7DvKAaFFVF-9GuZw8N9cOuvEi_Ro11RD1y-vlFfqGWru_7xlWxe7hkRXH3nkGpI3rQzBb2ft...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxODg3ODE4MDUzMTcwNzE5Ng&google_push=Aer7DvKAaFFVF-9GuZw8N9cOuvEi_Ro11RD1y-vlFfqGWru_7xlWxe7hkRXH3nkGpI3rQzBb2ftmNu...

170 B
232 B

25ms
24ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxODg3ODE4MDUzMTcwNzE5Ng&google_push=Aer7DvKAaFFVF-9GuZw8N9cOuvEi_Ro11RD1y-vlFfqGWru_7xlWxe7hkRXH3nkGpI3rQzBb2ftmNuWyJ6Adx_qfI0OxRI58gjxwJzE

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxODg3ODE4MDUzMTcwNzE5Ng&google_push=Aer7DvKAaFFVF-9GuZw8N9cOuvEi_Ro11RD1y-vlFfqGWru_7xlWxe7hkRXH3nkGpI3rQzBb2ftmNuWyJ6Adx_qfI0OxRI58gjxwJzE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BD00
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAqyY-ZKlYbqBvDkafRZmsE&google_cver=1&google_push=Aer7DvKXtEKAD0lTtpaDoxQ5aFIZHbsuTAAHl4A4Ptj_uGMqe7W0WN9aLrcoYIXOdw14eUDWbrn...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc5QjVWWkMtMUstQzdWRA==&google_push=Aer7DvKXtEKAD0lTtpaDoxQ5aFIZHbsuTAAHl4A4Ptj_uGMqe7W0WN9aLrcoYIXOdw14eUDWbrneHyvEDn94CC5SpjMtQ-naQgf34w

170 B
329 B

41ms
23ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc5QjVWWkMtMUstQzdWRA==&google_push=Aer7DvKXtEKAD0lTtpaDoxQ5aFIZHbsuTAAHl4A4Ptj_uGMqe7W0WN9aLrcoYIXOdw14eUDWbrneHyvEDn94CC5SpjMtQ-naQgf34w

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc5QjVWWkMtMUstQzdWRA==&google_push=Aer7DvKXtEKAD0lTtpaDoxQ5aFIZHbsuTAAHl4A4Ptj_uGMqe7W0WN9aLrcoYIXOdw14eUDWbrneHyvEDn94CC5SpjMtQ-naQgf34w
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame BD00 43 B
297 B 138ms
22ms Image
image/gif 2a05:d01c:1d8:8100:7781:4495:ac65:b0a4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAHDi1JHDdn4NVXbMMzfMGc&google_cver=1&google_push=Aer7DvK1WFNR8PrRV9iHBqEEN2a71KYP_8e3TEzHFLS7fmRfgLHKHVDOWSkmDoYnSZBcnHlks2PaON3acCQcZyiX1mR2wwRBsEeVys8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=U9FQrLWIvi&p=https%3A//www.2viaboleto.com.br&dtd=33
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:7781:4495:ac65:b0a4 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BD00 0
130 B 88ms
23ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lm7DPyQmvVnF0svhapmpXtrc2GHRbr7wIHn9TRMN0weQmkUOOen8whCqtgn_LHK3Ukb9Ej

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 3A18 21 KB
21 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:30 GMT
x-content-type-options: nosniff
age: 434619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:30 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 3A18 20 KB
20 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 434645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:04 GMT

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 53B3 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 420155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 14:32:34 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 92EF 624 B
245 B 57ms
54ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWd9iRcRtJ2kRTt_xEv8y3SgiJhJ9qRTK5eynjAxBkmvEfhRJEWmU9y38zpKLl8LBE24Zvrf_5Bj_qNu1cXZ8JdFN36kBViMHpxD4rX8RkGnvuwIQcF03LdMmKIA9sP1Bc0k1pgFs_bT1lPwt4YGbof1EeWhdIY4FeXMicdkY9xTtDVI38

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:09 GMT
expires: Sun, 09 Apr 2023 11:15:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 66AE 78 KB
27 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 66AE 3 KB
1 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 66AE 20 KB
8 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 66AE 0
0 23ms
21ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgXks1lX-KcfNL0VyNXbkr85fnTh_QnHfssWxUNxvp1zAu2WCg59O_ykSUTMPU_clYAm45APS21pM7YNn-YI6-IbXm2Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 66AE 159 KB
49 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66AE 42 B
63 B 48ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AP7FL86vFIZLyaK-cXBw7uFv62T2XmuICMzdIXD1CofHyj5o6pHVvbEXBdwsxsifMh2O3hEyNiOlXsyZsfcdlBQpXndvf3gicbA6x3t3L_RqGCHKE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66AE 0
20 B 48ms
46ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9081338181489494830&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 92EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa9tcy5M9waI78wjBl3d_0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa9tcy5M9waI78wjBl3d_0&google_cver=1&C=1

43 B
632 B

20ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa9tcy5M9waI78wjBl3d_0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWd9iRcRtJ2kRTt_xEv8y3SgiJhJ9qRTK5eynjAxBkmvEfhRJEWmU9y38zpKLl8LBE24Zvrf_5Bj_qNu1cXZ8JdFN36kBViMHpxD4rX8RkGnvuwIQcF03LdMmKIA9sP1Bc0k1pgFs_bT1lPwt4YGbof1EeWhdIY4FeXMicdkY9xTtDVI38
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Apr 2023 11:15:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 09 Apr 2023 11:15:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEKa9tcy5M9waI78wjBl3d_0&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 92EF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZDKePasjxGtnr.ukb1CpCQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa9tcy5M9waI78wjBl3d_0&google_cver=1&google_hm=2

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa9tcy5M9waI78wjBl3d_0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWd9iRcRtJ2kRTt_xEv8y3SgiJhJ9qRTK5eynjAxBkmvEfhRJEWmU9y38zpKLl8LBE24Zvrf_5Bj_qNu1cXZ8JdFN36kBViMHpxD4rX8RkGnvuwIQcF03LdMmKIA9sP1Bc0k1pgFs_bT1lPwt4YGbof1EeWhdIY4FeXMicdkY9xTtDVI38
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Apr 2023 11:15:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa9tcy5M9waI78wjBl3d_0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 92EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHfg_1rQH3SJiZ2QrwZlJcw&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHfg_1rQH3SJiZ2QrwZlJcw%26google_cver%3D1

43 B
1 KB

33ms
33ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHfg_1rQH3SJiZ2QrwZlJcw%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWd9iRcRtJ2kRTt_xEv8y3SgiJhJ9qRTK5eynjAxBkmvEfhRJEWmU9y38zpKLl8LBE24Zvrf_5Bj_qNu1cXZ8JdFN36kBViMHpxD4rX8RkGnvuwIQcF03LdMmKIA9sP1Bc0k1pgFs_bT1lPwt4YGbof1EeWhdIY4FeXMicdkY9xTtDVI38

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Apr 2023 11:15:09 GMT
AN-X-Request-Uuid: 0388f59d-8612-4b8c-aac5-cdddcda4a333
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.136; 178.162.209.136; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 09 Apr 2023 11:15:09 GMT
AN-X-Request-Uuid: 36d8d634-2aa8-452d-9b9d-daa52bf7ab07
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHfg_1rQH3SJiZ2QrwZlJcw%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.136; 178.162.209.136; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92EF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0OTk1NjgzMzEwNTYzMTI3MA%3D%3D

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0OTk1NjgzMzEwNTYzMTI3MA%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 09 Apr 2023 11:15:09 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.136; 178.162.209.136; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 27bbf2ce-80ba-4ecb-acec-0a774fd11bf0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0OTk1NjgzMzEwNTYzMTI3MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66AE 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8880331394398&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66AE 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8880331394398&version=m202301230201&ct=76&x=1&cor=9081338181489495000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 66AE 96 KB
38 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlkoQc_8yl8K6hlDG08b2BpVYiut8Uju7Yad7sYbFAcPlfSswaaPW_Vw194-kJAHPtS2Pk93xJYmJInhfyxhYLeOTFURTXONsH0ThZ-lAeLe1u-Jdx3pvjPeMb3uGSCnMf32Fd_mfWxVembM7fismKFgPLu5HcWvy54S5UeMqjgD6L6MQ&dbm_d=AKAmf-Czjzudc7yROosDsDUXkQPOcz6aTEvJVw3VGFBdo0r0pjOzg_rfrOz7A_slnMN0lDgLTp-5FFuUey5iJ2I1OGElWvV2GacZhGmCBO1cwbdbAVqKTHkF6qOIUBzVronzdafR_mR1sucprmPJnWjgmTdwUkd1iKJuMkGCFWMMWbJF1rtug4DwfNp3CSIS1uVgeVI9ugVUTkumwGLc766viT_v0l3AARwC4ACr7mtNlnI8CFnfPxxC2Q043KDvHK-59mz6GHQREIwulxqxZ3vhyYW1-dXTj-gRT5zHjmq3qdIxS9pgrD46mX61OTFZx09InmNvO5-LUlsjsSxukRCpNHBEuWkrT63rTf48Ctv8UEuAgz7bzgqE4s_NRKtLgHFKezD23jSweBpLWc4QgBIMvwHF4FUiOzIQuHfINvFegAriT_EnUKwJC_dqM88a4xKvjYabBRXPwNV3QkU1tPtq987RGrxD31h1KItztwf-ubGiPDYo3ZP8GziuEj3Hy8uf7J5BpoEDwroQz4hSfi-dW2_0pEChsuR3Y1Npp99-vRWdRyQxq238oCp3qvybOtWfOGmFiKR5y7WO0KeaVc3UudYUIH_AZuTbKjC6w0vj26YACIGV3OIQZnfXd3Rm-LV0AFNQeqz2fLK74Cywn2w2fUwWn5AB9iC2eD64ZsCppbE2zMlMO-8_CvYul4HFKue1ntfVQdEeb-doTmbkw0UK3R7ONd5_lSaGzNgwOzwxIJ9lCLqThF2ykoliMhpiyI_LZinDZuTzCLeaJfXNwkqdPI7V9eKGuuSiGIijDtDPAEflgxmwkspKMAK4N3p2v2VHXpCr_D3ErEdI-Yadq-W8wxd1WuO6kp2rakLjhoV220YTItwhwhjwqcL7fVywE2_Mg8l-RF2c7dHABzLuZfNL32T6XQRs5ac_e1yrAs-TlFDapwq0URMIWH4hjM6UKS0NyydPMn1_4mw_ktMpBqma2mwB6fodGBMQEolcXwKavxO9_3lMgFFMjigtNS73UWmKxgiaDnBakWzsv9VAMHEyp1pWoajlcIxbSf7w8OkfUJwTfHYQXagaTfkn7j9dsZSPVIFEgxDNG8DPWP8rqcZR3YAa_viB3KBHB1xad1QC3c6eCvSNF4baB_oHhs8BDeTY7nThrPoLZnfx1h-lyq_aePi765SRgteOWAa9GVePE_ZIq1l69PydSrw7-vQ1LIjCms8GKivxb1fRKdUTPyF4d9nTzueWOKa49HQMN2BEPCYZrjU6UoAfbIMw1gHza6vdVFhyG5oIj5Tds5GKJlaWuaqf92Oi8OlFy6pZaA4CooIkY8jsWa0S9OayBdrK2ouQLNFQC-0rPP5Ki0KO0uGIPJyxbuSrdXUIZbApd4YB5tNesdeo90dhixELND6M2Jp1ZEa9T2wg-88g7qukifkZTMdSkhQbjNitA2a9OPnX5ldCJHj304jU-EfAiJSkYHhpvjMg4MVPR6G5rN6UtCMllMstp8vcoG9OKkER1MAEq4bwqsTzCsrl0idWP-A-t6pBur65XJaBu2yhX0vgruPU4xtjq7ZVSYlnfzhggrMpN18VcXqttQhKKgq3xvYUpSpeXRH7GO_xwT0EgiQqzhhCYHu0xF6FuxgLxNpRCzTUBPXlAJ1SmccxQFNdPkEusqgAQmlNPK-6upf5si5PNji7vitDwGIxH_YjiKYz2oMcJwDTEd3XaRd4Q2yCCfzuAMQdZUVBFs55vqGMETQYbFJazo4o9RilR-L4fuOe_b2qNA5JIXwHqTDMN7TtEOFxgXD-PKHmJrmTYJJ3xcqw8we0fX9a4OL8lqkvkkeVLSvKDESrLLV0EDnQqS9WHGTfDyTiDKrzXZqD5ToWZXRlRHv9f6Jk3eqVdF0rYUkpv0UxNxVi0H7wEYTWoIH43um-zznP-JjBdG_o6qhsqaqOiA5vMa74X2qAkzqkmB2qAo8tLWKKd_7OcWkxrrAyAMCOv52pXcITf0Sjm4RQZlQ5AxHi13f3sg_rAeuyFyZ584WApXYf07KvZFf5hDDz04RQ360_PriBCTh1oStcjREHb0gq_dVtiTB0NHOwvt_zMkHYrX0svJz0y8qUdiJCU1gb3PAx3r8O7d57EHwDBHxW7nPDWMTVTXLjdv7g2QHT-t-ntvdGKMeKF5sIgnSDvBjFmNWqiUckt2_brFJU5CzjyCqdiqGt3m5UbQM_4ZtdDjpq_D_h-4iZ-pbwWvKZV2ZdVOjGcVwaVGLjRMQabUxyYkdiWfs2O2V1ET3MqHCuC1RmOwggWRX5qi1xMnmfhg9F0ZCz7mKsn2f3es948pKxNSbbywJ5c6iJQyiO2kZm4KsK9Xx_DGgdb-ju5BISFwcBcnhwWnxj1jU8XhszYwUSe1x1viYj4rIdT_zD2TyY7VxucgRDb9d_dlfDrYYV5i9D20JpVQP05rsc9OS52KrBj9h8YWd59rvRIlyZvRDUEUjIG4rfoDy9nkIEiqesVRq4kmco3xYwZaGt0hmFz9z4GTGC8J-clYelXFttoJIKa6vSNyxI7yIYDGL_mmzhtpAL9WJpzjZvKHUnJ3C3Y7Ggb64eQLk-dUGRuje4G_ple43ZJiY7LsNC1HS5tsIvUYr-GNDCLbaiuWu2bOKQW_KF7q9cOcJqL_671oH-9W9afruUD-SFwT5jPVSNVUFKm4GOVc5_v4NWtcHp8fSJdZqBsLDQ1tiwKyE1wld-z7I0hyMKSiLaOgvA8lOWmVbViWpVFTA2QVEZ9y3hoy2be9ymJdFfsOqqtKsIRT4hoc0ygtSJ11BInKYsR-TwP9OM7suHRGy1v9mrCqhbuCRfrhFG2MuvtUpc7wijw0mafSr123dL69i37oG5hMWtffq3K9kv_KuH7CW9bjczV2PTcSCyXUgime3ROyhbRoJxPGdFlQ6m6Km_Au99oe1vVGWUxZ1nEnI0w9JBWi-fm2DWTO0hwZVgtAyHnf-O86ojZZpg8SUgvnJ4P_xhEQqHXT0ZNv92mL_VRiCH16Qp--8udR15j2oI51wsVs6rySg7GufPCHzgttBKILIL5Gp0a9KkjKSZRgw5pTk2dprVEc02KB37hyl8vLpW0GuDxhBHv6fk9ewO5FbJGaY455GN5ee-aKRkTRr7bzUNhRvRspkEWrxiu0dNXYiJclVvO6mkqzFxWjANUNZK2yn8GyDe1luhGAa4I7wwavzkBYIoW9sp0tJYvkPqRMJgdvlVcmNqvKO7BOxV2fnoGYvHoC1X_v7zBDt_wJrRnGtuGaaVTt14aK3DSrxNi7YpU6-QPwlSUaJB9vJOKHXPXHUFvBJ40fjMvxid_47g7mOjjMIRK1cjaTcRmpOvCUGeX-cwC13AU1-5VFYpvP0pjgfqVA5Z2aIii4jHd2L9nxhxqJBf8jLP9_nMUwOtkvelcZFhF9IrtclK3xbKj7O63jmJKz22QI1-KSwfs41jeHM33uOf&cid=CAQSPADUE5ymYT6shSVPIdoegbJ-dJJtv2uhyMZi0DGhq6C0L0b_MfSwboSMf3Y17khqO9_b9rGn2vgONHF2yBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.2viaboleto.com.br%2F&ds=l&xdt=1&iif=1&cor=9081338181489495000&adk=521587874&idt=71&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0ebdbbb4f7f44c1cf7609fec1036388fc176a0e582201445d50d07633489d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38726
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E347 3 KB
597 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tkpzcOCyAW&p=https%3A//www.2viaboleto.com.br&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d247591f9522801d7a053e929a77212df61c2f153a309141648ad9a7894b1a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Apr 2023 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 09:51:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Apr 2023 11:15:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame E347 2 KB
765 B 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame E347 22 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame E347 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame E347 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E347 0
0 35ms
34ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_Lr26gOeM9f5CnqoJtG3Gwk5a7LRuBF_u7O3719ihxYFuKurRt-FAa-Xf0VOFu3DAREK3gu8cd65nH1PdHiyJ6wYjEg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tkpzcOCyAW&p=https%3A//www.2viaboleto.com.br&dtd=42
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E347 159 KB
49 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:09 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame E347 33 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E347 0
0 126ms
125ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKtW0PJ4yZOPXJYaGlgSXr5ToAqWswfpv2qGg6tIQrsboj6gwEAEgwtuPImCVgoCArAegAdX-iacCyAEJqAMByAPLBKoE-QFP0HQ7NeOrT2k8vB17FMNEU7YQGq4sD-hABLW0J-LmEq7JMH9B1lOFs_Jq3oPhyXyEiJn8-MxfIYYkyNdhCbx7J6VzjnrTd-VmaUVPdwUMKKghF8-aWZchBOFtehpqxOyVbSn_QaUoSQqsP7YPLu9p9G75wQ1hVdCu42Uditfw6VMVsX6iUTgZiYVzUzaZtr3Kagk3oylcqpXQ5DTsOXtRT-HGgayMphApiPAcGFTyKMEFqmmwx6kdPU16FF5JeU5iKdsLwr1wfivsEmjZdEPZdSvnBHf8fdNa4CUdA0f0Ldj0zfka-QIAGL4p_98CNQLH0ntPEqu0PhLABILcqPyEBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfOsPTYAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC_hQPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi0xMTE0ODk1MTcwOTEyMTQ3GAA&sigh=HpwwUmaHyIY&uach_m=[UACH]&cid=CAQSPADUE5ymf5viIipWHhxOgVyoUo67kwFmJ7Sx94_CFCvIzqJ7NROSP-c9Vvg1dCaFjJFKfnD74dm4IEmXuRgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tkpzcOCyAW&p=https%3A//www.2viaboleto.com.br&dtd=42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 09 Apr 2023 11:15:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E347 7 KB
7 KB 24ms
22ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQruhzewoi34-OiYBvtMK3_PgiwkJkKOeW1WbQTj8YzGUETAJqYjulCrbjVqQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fded76bc20710d1e8bed8013883fec71c7951f9d52c622b787395b946905b511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 09:32:34 GMT
x-content-type-options: nosniff
age: 6155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7209
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 11:12:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 08 Apr 2024 09:32:34 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E347 25 KB
25 KB 25ms
23ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTso__SGprr-CzNefRC2mz4jwA4gXAuv65mD1LOvXrqiDhvSFZrb-1mZvH2JBs&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23598d34c690a9648cd9751d4293bf64c9eeaf90ea9762ff5f783bbb50663acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 08:57:56 GMT
x-content-type-options: nosniff
age: 94633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25654
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 09:53:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 08:57:56 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E347 27 KB
27 KB 25ms
23ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ53oleWIBlLvHdlzyv2e-I1aZt8TcRW6tGKxXYv0G_mpO5CJTU78P4IUqMdqY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

631914f76acb9cbb821fd70e116d546902bdb27df5e2176769b1206ef58ddcc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:13:42 GMT
x-content-type-options: nosniff
age: 93687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27901
x-xss-protection: 0
last-modified: Sat, 25 Mar 2023 17:06:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 09:13:42 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E347 32 KB
32 KB 24ms
22ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSzbAF-XzvafJtam1NM8r_lP94HwQNsIfBOH6Hz1XW5sacurFY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6c3a6797b2bac5fe6ffb1dcee41d518f2a7c5785e83d5c49e47afb1fde4df9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 07:37:10 GMT
x-content-type-options: nosniff
age: 99479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32273
x-xss-protection: 0
last-modified: Sun, 14 Aug 2022 19:14:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 07:37:10 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E347 28 KB
28 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ7kzLsSs84EYUGlp9mpaTqaC18MbX2_4MkzuJ-JqDywZO1hbB7QD9zUbl8Gw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c359be8d42735792ec0f6ebf1a37c96ab09d936b369543a347547c93cc7c901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:14:03 GMT
x-content-type-options: nosniff
age: 93666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28948
x-xss-protection: 0
last-modified: Sat, 03 Sep 2022 11:08:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 09:14:03 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E347 20 KB
20 KB 45ms
44ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSDTPdeEVP4Ab8D_rAoM7FqByUO4Y1nm1I93VpJy4aB3T5LTJVC02iLJurT5ZE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28f5fa40f39fa4b08302c82a0882701e50cf1c8a61ce6ac76501d822ac66f823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:22:18 GMT
x-content-type-options: nosniff
age: 190371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20382
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 12:40:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 06:22:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CD51 1 KB
643 B 16ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 09:08:23 GMT
etag: 48472445140208031
expires: Mon, 10 Apr 2023 09:08:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E347 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63e67bf1851816832c5a08b4090fa45fbfa97d0298cf4e3fd03140ac49ec2413

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame E347 21 KB
21 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:30 GMT
x-content-type-options: nosniff
age: 434619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:30 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame E347 20 KB
20 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 434645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 06B8 3 KB
597 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1456288602&adf=2222756707&pi=t.aa~a.631950499~rp.3&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pFNCn8HcwW&p=https%3A//www.2viaboleto.com.br&dtd=38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d247591f9522801d7a053e929a77212df61c2f153a309141648ad9a7894b1a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Apr 2023 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 10:59:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Apr 2023 11:15:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 06B8 2 KB
765 B 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 06B8 22 KB
9 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 06B8 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 06B8 20 KB
8 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 20:01:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 06B8 0
0 46ms
45ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSX37ShLmOumFHzIxK6VZiTAFx_TsU-fMqR7cG4hFrhk0cquWfFLAwWooS8Se-1vQTVHXIWqhZ9crgvq_sF8QkK27HnOw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1456288602&adf=2222756707&pi=t.aa~a.631950499~rp.3&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pFNCn8HcwW&p=https%3A//www.2viaboleto.com.br&dtd=38
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06B8 159 KB
49 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:09 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 06B8 33 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 06B8 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq1i4PJ4yZOy3JduQ9fgPoq-GwAKlrMH6b9qhoOrSEK7G6I-oMBABIMLbjyJglYKAgJgHoAHV_omnAsgBCagDAcgDywSqBPkBT9CrwEaiVWjKGhfIuMW8Po_ycxWKKyb49bRuyPYfJQwzOXUNakmO0INvBSshBByo0kKq-WbOyDusuvQrcYBgzFGTtGuCY-_TRxTiQwvwq0MQbd7Mgrb6BoRTPaR77bdEB3mvsQ7Wl-bfiLnRTlKe8o6N9DvE0Le93dQRTzScAe1FLEiRtQT19URgcrieevoDTMbdWO6TdEOmtlEX4MEDYQcvEjSDNntd6KdlmYZISZguo1ZhpvvOKuPa0fiFOfDOI7ev-yFEJ1M1izPmZrybbB4e2sBYd00WLjvRs4bzeWyy2e9j3IJoiolcMa-9VdvLwgEUMYM5fsEDwASC3Kj8hASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzrD02AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ0IcE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMTExNDg5NTE3MDkxMjE0NxgA&sigh=SAKlWYPya6c&uach_m=[UACH]&cid=CAQSPADUE5ymcAHVu2gTHrdkcZb2qNI2E5dDRhOYmzioG3QdHdqENl2SzvCptpVQ7MrsmEns-V2E_kfe-VTRuBgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1456288602&adf=2222756707&pi=t.aa~a.631950499~rp.3&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pFNCn8HcwW&p=https%3A//www.2viaboleto.com.br&dtd=38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 09 Apr 2023 11:15:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 66AE 243 KB
73 KB 138ms
30ms Script
application/javascript 54.220.168.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-1114895170912147&ias_chanId=1&ias_placementId=19422215943&bidurl=https://www.2viaboleto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0haDMoBZQTUcTvJAic3Q4mD
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.168.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-168-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dfa12b21a8af3c77a55cd7481712205532fa2959e83b80eaa331c6b9e8712fae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 66AE 106 KB
37 KB 108ms
24ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Apr 2023 11:11:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame 66AE 11 KB
4 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlkoQc_8yl8K6hlDG08b2BpVYiut8Uju7Yad7sYbFAcPlfSswaaPW_Vw194-kJAHPtS2Pk93xJYmJInhfyxhYLeOTFURTXONsH0ThZ-lAeLe1u-Jdx3pvjPeMb3uGSCnMf32Fd_mfWxVembM7fismKFgPLu5HcWvy54S5UeMqjgD6L6MQ&dbm_d=AKAmf-Czjzudc7yROosDsDUXkQPOcz6aTEvJVw3VGFBdo0r0pjOzg_rfrOz7A_slnMN0lDgLTp-5FFuUey5iJ2I1OGElWvV2GacZhGmCBO1cwbdbAVqKTHkF6qOIUBzVronzdafR_mR1sucprmPJnWjgmTdwUkd1iKJuMkGCFWMMWbJF1rtug4DwfNp3CSIS1uVgeVI9ugVUTkumwGLc766viT_v0l3AARwC4ACr7mtNlnI8CFnfPxxC2Q043KDvHK-59mz6GHQREIwulxqxZ3vhyYW1-dXTj-gRT5zHjmq3qdIxS9pgrD46mX61OTFZx09InmNvO5-LUlsjsSxukRCpNHBEuWkrT63rTf48Ctv8UEuAgz7bzgqE4s_NRKtLgHFKezD23jSweBpLWc4QgBIMvwHF4FUiOzIQuHfINvFegAriT_EnUKwJC_dqM88a4xKvjYabBRXPwNV3QkU1tPtq987RGrxD31h1KItztwf-ubGiPDYo3ZP8GziuEj3Hy8uf7J5BpoEDwroQz4hSfi-dW2_0pEChsuR3Y1Npp99-vRWdRyQxq238oCp3qvybOtWfOGmFiKR5y7WO0KeaVc3UudYUIH_AZuTbKjC6w0vj26YACIGV3OIQZnfXd3Rm-LV0AFNQeqz2fLK74Cywn2w2fUwWn5AB9iC2eD64ZsCppbE2zMlMO-8_CvYul4HFKue1ntfVQdEeb-doTmbkw0UK3R7ONd5_lSaGzNgwOzwxIJ9lCLqThF2ykoliMhpiyI_LZinDZuTzCLeaJfXNwkqdPI7V9eKGuuSiGIijDtDPAEflgxmwkspKMAK4N3p2v2VHXpCr_D3ErEdI-Yadq-W8wxd1WuO6kp2rakLjhoV220YTItwhwhjwqcL7fVywE2_Mg8l-RF2c7dHABzLuZfNL32T6XQRs5ac_e1yrAs-TlFDapwq0URMIWH4hjM6UKS0NyydPMn1_4mw_ktMpBqma2mwB6fodGBMQEolcXwKavxO9_3lMgFFMjigtNS73UWmKxgiaDnBakWzsv9VAMHEyp1pWoajlcIxbSf7w8OkfUJwTfHYQXagaTfkn7j9dsZSPVIFEgxDNG8DPWP8rqcZR3YAa_viB3KBHB1xad1QC3c6eCvSNF4baB_oHhs8BDeTY7nThrPoLZnfx1h-lyq_aePi765SRgteOWAa9GVePE_ZIq1l69PydSrw7-vQ1LIjCms8GKivxb1fRKdUTPyF4d9nTzueWOKa49HQMN2BEPCYZrjU6UoAfbIMw1gHza6vdVFhyG5oIj5Tds5GKJlaWuaqf92Oi8OlFy6pZaA4CooIkY8jsWa0S9OayBdrK2ouQLNFQC-0rPP5Ki0KO0uGIPJyxbuSrdXUIZbApd4YB5tNesdeo90dhixELND6M2Jp1ZEa9T2wg-88g7qukifkZTMdSkhQbjNitA2a9OPnX5ldCJHj304jU-EfAiJSkYHhpvjMg4MVPR6G5rN6UtCMllMstp8vcoG9OKkER1MAEq4bwqsTzCsrl0idWP-A-t6pBur65XJaBu2yhX0vgruPU4xtjq7ZVSYlnfzhggrMpN18VcXqttQhKKgq3xvYUpSpeXRH7GO_xwT0EgiQqzhhCYHu0xF6FuxgLxNpRCzTUBPXlAJ1SmccxQFNdPkEusqgAQmlNPK-6upf5si5PNji7vitDwGIxH_YjiKYz2oMcJwDTEd3XaRd4Q2yCCfzuAMQdZUVBFs55vqGMETQYbFJazo4o9RilR-L4fuOe_b2qNA5JIXwHqTDMN7TtEOFxgXD-PKHmJrmTYJJ3xcqw8we0fX9a4OL8lqkvkkeVLSvKDESrLLV0EDnQqS9WHGTfDyTiDKrzXZqD5ToWZXRlRHv9f6Jk3eqVdF0rYUkpv0UxNxVi0H7wEYTWoIH43um-zznP-JjBdG_o6qhsqaqOiA5vMa74X2qAkzqkmB2qAo8tLWKKd_7OcWkxrrAyAMCOv52pXcITf0Sjm4RQZlQ5AxHi13f3sg_rAeuyFyZ584WApXYf07KvZFf5hDDz04RQ360_PriBCTh1oStcjREHb0gq_dVtiTB0NHOwvt_zMkHYrX0svJz0y8qUdiJCU1gb3PAx3r8O7d57EHwDBHxW7nPDWMTVTXLjdv7g2QHT-t-ntvdGKMeKF5sIgnSDvBjFmNWqiUckt2_brFJU5CzjyCqdiqGt3m5UbQM_4ZtdDjpq_D_h-4iZ-pbwWvKZV2ZdVOjGcVwaVGLjRMQabUxyYkdiWfs2O2V1ET3MqHCuC1RmOwggWRX5qi1xMnmfhg9F0ZCz7mKsn2f3es948pKxNSbbywJ5c6iJQyiO2kZm4KsK9Xx_DGgdb-ju5BISFwcBcnhwWnxj1jU8XhszYwUSe1x1viYj4rIdT_zD2TyY7VxucgRDb9d_dlfDrYYV5i9D20JpVQP05rsc9OS52KrBj9h8YWd59rvRIlyZvRDUEUjIG4rfoDy9nkIEiqesVRq4kmco3xYwZaGt0hmFz9z4GTGC8J-clYelXFttoJIKa6vSNyxI7yIYDGL_mmzhtpAL9WJpzjZvKHUnJ3C3Y7Ggb64eQLk-dUGRuje4G_ple43ZJiY7LsNC1HS5tsIvUYr-GNDCLbaiuWu2bOKQW_KF7q9cOcJqL_671oH-9W9afruUD-SFwT5jPVSNVUFKm4GOVc5_v4NWtcHp8fSJdZqBsLDQ1tiwKyE1wld-z7I0hyMKSiLaOgvA8lOWmVbViWpVFTA2QVEZ9y3hoy2be9ymJdFfsOqqtKsIRT4hoc0ygtSJ11BInKYsR-TwP9OM7suHRGy1v9mrCqhbuCRfrhFG2MuvtUpc7wijw0mafSr123dL69i37oG5hMWtffq3K9kv_KuH7CW9bjczV2PTcSCyXUgime3ROyhbRoJxPGdFlQ6m6Km_Au99oe1vVGWUxZ1nEnI0w9JBWi-fm2DWTO0hwZVgtAyHnf-O86ojZZpg8SUgvnJ4P_xhEQqHXT0ZNv92mL_VRiCH16Qp--8udR15j2oI51wsVs6rySg7GufPCHzgttBKILIL5Gp0a9KkjKSZRgw5pTk2dprVEc02KB37hyl8vLpW0GuDxhBHv6fk9ewO5FbJGaY455GN5ee-aKRkTRr7bzUNhRvRspkEWrxiu0dNXYiJclVvO6mkqzFxWjANUNZK2yn8GyDe1luhGAa4I7wwavzkBYIoW9sp0tJYvkPqRMJgdvlVcmNqvKO7BOxV2fnoGYvHoC1X_v7zBDt_wJrRnGtuGaaVTt14aK3DSrxNi7YpU6-QPwlSUaJB9vJOKHXPXHUFvBJ40fjMvxid_47g7mOjjMIRK1cjaTcRmpOvCUGeX-cwC13AU1-5VFYpvP0pjgfqVA5Z2aIii4jHd2L9nxhxqJBf8jLP9_nMUwOtkvelcZFhF9IrtclK3xbKj7O63jmJKz22QI1-KSwfs41jeHM33uOf&cid=CAQSPADUE5ymYT6shSVPIdoegbJ-dJJtv2uhyMZi0DGhq6C0L0b_MfSwboSMf3Y17khqO9_b9rGn2vgONHF2yBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.2viaboleto.com.br%2F&ds=l&xdt=1&iif=1&cor=9081338181489495000&adk=521587874&idt=71&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 21:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 21:30:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 66AE 28 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 21:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11009
x-xss-protection: 0
server: cafe
etag: 12368014760096651300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 21:31:32 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame 06B8 7 KB
7 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQruhzewoi34-OiYBvtMK3_PgiwkJkKOeW1WbQTj8YzGUETAJqYjulCrbjVqQ&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fded76bc20710d1e8bed8013883fec71c7951f9d52c622b787395b946905b511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 09:32:34 GMT
x-content-type-options: nosniff
age: 6155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7209
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 11:12:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 08 Apr 2024 09:32:34 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 06B8 25 KB
25 KB 37ms
36ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTso__SGprr-CzNefRC2mz4jwA4gXAuv65mD1LOvXrqiDhvSFZrb-1mZvH2JBs&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23598d34c690a9648cd9751d4293bf64c9eeaf90ea9762ff5f783bbb50663acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 08:57:56 GMT
x-content-type-options: nosniff
age: 94633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25654
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 09:53:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 08:57:56 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 06B8 27 KB
27 KB 46ms
45ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ53oleWIBlLvHdlzyv2e-I1aZt8TcRW6tGKxXYv0G_mpO5CJTU78P4IUqMdqY&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

631914f76acb9cbb821fd70e116d546902bdb27df5e2176769b1206ef58ddcc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:13:42 GMT
x-content-type-options: nosniff
age: 93687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27901
x-xss-protection: 0
last-modified: Sat, 25 Mar 2023 17:06:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 09:13:42 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 06B8 32 KB
32 KB 45ms
44ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSzbAF-XzvafJtam1NM8r_lP94HwQNsIfBOH6Hz1XW5sacurFY&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6c3a6797b2bac5fe6ffb1dcee41d518f2a7c5785e83d5c49e47afb1fde4df9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 07:37:10 GMT
x-content-type-options: nosniff
age: 99479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32273
x-xss-protection: 0
last-modified: Sun, 14 Aug 2022 19:14:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 07:37:10 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 06B8 28 KB
28 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ7kzLsSs84EYUGlp9mpaTqaC18MbX2_4MkzuJ-JqDywZO1hbB7QD9zUbl8Gw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c359be8d42735792ec0f6ebf1a37c96ab09d936b369543a347547c93cc7c901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:14:03 GMT
x-content-type-options: nosniff
age: 93666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28948
x-xss-protection: 0
last-modified: Sat, 03 Sep 2022 11:08:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 09:14:03 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 06B8 20 KB
20 KB 47ms
46ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSDTPdeEVP4Ab8D_rAoM7FqByUO4Y1nm1I93VpJy4aB3T5LTJVC02iLJurT5ZE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28f5fa40f39fa4b08302c82a0882701e50cf1c8a61ce6ac76501d822ac66f823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:22:18 GMT
x-content-type-options: nosniff
age: 190371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20382
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 12:40:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 06:22:18 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame CD51 35 B
464 B 64ms
12ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK2_TUyTgI7oclBAQZ6auMY&google_cver=1&google_push=Aer7DvIPeVeq3Uzf03uG1pS0t-4Z9iE2ZsYZe_WyrZzAsDTTv74LL7HPDzDEegcxuUO6OceF2-IiebgkGBDygXIpKG94uSC91y-BUgg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD51
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE80fQXIWsPEsSjjBx8G5yI&google_push=Aer7DvKiA5R8Q0_vSWIBw82qGcFn6ZpXXANqSPz_07bXe8VX-MYcf-KPIS...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE80fQXIWsPEsSjjBx8G5yI&google_push=Aer7DvKiA5R8Q0_vSWIBw82qGcFn6ZpXXANqSPz_07bXe8VX-MYcf-KPIS9FsdcSRZdTNSXFpU59Q4_1dbJDzNqnSmYh6ka0a5bQAF4

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230065-FRA
pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1681038910.954159,VS0,VE88
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE80fQXIWsPEsSjjBx8G5yI&google_push=Aer7DvKiA5R8Q0_vSWIBw82qGcFn6ZpXXANqSPz_07bXe8VX-MYcf-KPIS9FsdcSRZdTNSXFpU59Q4_1dbJDzNqnSmYh6ka0a5bQAF4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD51
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFxIVcGcSODgncy94n66GFU&google_cver=1&google_push=Aer7DvKOnAEehaayVZzOUzuceTRS-xFx10a7CbKb9aOUWM_VZrGIrVbdxylo7a_cPXqnxAWbqjj8bYJm...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxODg3ODE4MDUzMTcwNzE5Ng&google_push=Aer7DvKOnAEehaayVZzOUzuceTRS-xFx10a7CbKb9aOUWM_VZrGIrVbdxylo7a_cPXqnxAWbqjj8bY...

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxODg3ODE4MDUzMTcwNzE5Ng&google_push=Aer7DvKOnAEehaayVZzOUzuceTRS-xFx10a7CbKb9aOUWM_VZrGIrVbdxylo7a_cPXqnxAWbqjj8bYJm8Q770L7UxjsIZ1ssGgQGotA

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxODg3ODE4MDUzMTcwNzE5Ng&google_push=Aer7DvKOnAEehaayVZzOUzuceTRS-xFx10a7CbKb9aOUWM_VZrGIrVbdxylo7a_cPXqnxAWbqjj8bYJm8Q770L7UxjsIZ1ssGgQGotA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD51
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFxIVcGcSODgncy94n66GFU&google_cver=1&google_push=Aer7DvJEOf-bJ8Z6Tix9wmY_vYe2pHDM0E5BEis5iud1ruOc2CeCpev0TsFAVhmU1uTmsqy5xAif-vej...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxODg3ODE4MDUzMTcwNzE5Ng&google_push=Aer7DvJEOf-bJ8Z6Tix9wmY_vYe2pHDM0E5BEis5iud1ruOc2CeCpev0TsFAVhmU1uTmsqy5xAif-v...

170 B
188 B

29ms
28ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxODg3ODE4MDUzMTcwNzE5Ng&google_push=Aer7DvJEOf-bJ8Z6Tix9wmY_vYe2pHDM0E5BEis5iud1ruOc2CeCpev0TsFAVhmU1uTmsqy5xAif-vejq6AyZqpLE4uDYfbFSg2wlw

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxODg3ODE4MDUzMTcwNzE5Ng&google_push=Aer7DvJEOf-bJ8Z6Tix9wmY_vYe2pHDM0E5BEis5iud1ruOc2CeCpev0TsFAVhmU1uTmsqy5xAif-vejq6AyZqpLE4uDYfbFSg2wlw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame CD51 43 B
350 B 87ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELBDXnpR34-gl-Gt2BFyICA&google_cver=1&google_push=Aer7DvKW6ih5tHea7VWgjYfM833zJu26k0XDh3aLmTwyelbVkdVsZBluw9KppcIVJgfkO2sherzTrJvHUTLu_lEPxsTAweahYC_qGw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tkpzcOCyAW&p=https%3A//www.2viaboleto.com.br&dtd=42
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: jvr4795klogen92vajdig92cescd1eoa

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD51
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9J4B2Ya0S9Cbh4cuk4HoXQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9J4B2Ya0S9Cbh4cuk4HoXQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvK-h4tr81XgEBDThnPcD3IWapdYNiAqxL3axQF0dk_pSig9gQ3DsfrFr-yV0eGXAnL9nrzB3aTTAD88LjxIrq7vauQSem9Fqw

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9J4B2Ya0S9Cbh4cuk4HoXQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvK-h4tr81XgEBDThnPcD3IWapdYNiAqxL3axQF0dk_pSig9gQ3DsfrFr-yV0eGXAnL9nrzB3aTTAD88LjxIrq7vauQSem9Fqw
date: Sun, 09 Apr 2023 11:15:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD51
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAqyY-ZKlYbqBvDkafRZmsE&google_cver=1&google_push=Aer7DvL3Xh34kq4SS5whYT6BANnIh-XliQaeG81_sagd22eRPNsQ5FuFW9E8aGdjZbFrcpk7l50...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc5QjVXQjUtMjMtMzRQWQ==&google_push=Aer7DvL3Xh34kq4SS5whYT6BANnIh-XliQaeG81_sagd22eRPNsQ5FuFW9E8aGdjZbFrcpk7l50RTfN06QiNp8SGH3c5S2g2FynWpxM

170 B
188 B

26ms
26ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc5QjVXQjUtMjMtMzRQWQ==&google_push=Aer7DvL3Xh34kq4SS5whYT6BANnIh-XliQaeG81_sagd22eRPNsQ5FuFW9E8aGdjZbFrcpk7l50RTfN06QiNp8SGH3c5S2g2FynWpxM

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc5QjVXQjUtMjMtMzRQWQ==&google_push=Aer7DvL3Xh34kq4SS5whYT6BANnIh-XliQaeG81_sagd22eRPNsQ5FuFW9E8aGdjZbFrcpk7l50RTfN06QiNp8SGH3c5S2g2FynWpxM
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CD51 0
12 B 42ms
40ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqWc_0MO4aFz2uQu8n2n1N2g1KjwhuIFKT5gBFpyFxqqwdsZGW4BxgleMROPTg3cKIbiTc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame FBA7 36 KB
14 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 420155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 14:32:34 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6059 1 KB
643 B 20ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 09:08:23 GMT
etag: 48472445140208031
expires: Mon, 10 Apr 2023 09:08:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 66AE 41 KB
15 KB 30ms
18ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Apr 2024 18:11:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FEFA 1 KB
643 B 24ms
14ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 09:08:23 GMT
etag: 48472445140208031
expires: Mon, 10 Apr 2023 09:08:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 66AE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab0ab067228b5003c6151ce723d078e5ad5c0d8c07fb6718ee1a82442b51b49d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 06B8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83187f67b69648e0dfa3751b056278342742dfcfe5af158312679a0c7c2be218

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 6059 0
104 B 200ms
41ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELz9uDT3R1MO7nM7SghJMEg&google_cver=1&google_push=Aer7DvLD_PKid2HPZe3SMsOkM6nJrKcfQTB1aW8u8KaLdaxjCl5NbRC6E6686JBkxtH-OEYZCf5v0OmZehFiwEb4M3WnnJj8u9ihxA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1456288602&adf=2222756707&pi=t.aa~a.631950499~rp.3&w=1110&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=1&bdt=1890&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pFNCn8HcwW&p=https%3A//www.2viaboleto.com.br&dtd=38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6059
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEE5uBjOeUGzTr7lRB_-JB-s&google_cver=1&google_push=Aer7DvLNFEDHf487cZdUrsBZUWszPaM94X-7sV1i9UFFkZ9PxPaHhKwjdltISxBAY0O64U2ROS44VVaCWOf2zZPh...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvLNFEDHf487cZdUrsBZUWszPaM94X-7sV1i9UFFkZ9PxPaHhKwjdltISxBAY0O64U2ROS44VVaCWOf2zZPhJ-CVbkPAXw_KBA

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvLNFEDHf487cZdUrsBZUWszPaM94X-7sV1i9UFFkZ9PxPaHhKwjdltISxBAY0O64U2ROS44VVaCWOf2zZPhJ-CVbkPAXw_KBA

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 09 Apr 2023 11:15:10 GMT
Server: MT3 776 936c8db master zrh-pixel-x5 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvLNFEDHf487cZdUrsBZUWszPaM94X-7sV1i9UFFkZ9PxPaHhKwjdltISxBAY0O64U2ROS44VVaCWOf2zZPhJ-CVbkPAXw_KBA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 09 Apr 2023 11:15:09 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6059
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECRoBzmWi15ZHPPq7hIdHoI&google_cver=1&google_push=Aer7DvJPg2m47V6OTZI1GphaEunMaHUFzkjwbPmCp5VbiVlsxq8snTCQea3Oh4srjHGatC3kMJunggdlMS3x21rD6hDuMf9YpyaQM...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECRoBzmWi15ZHPPq7hIdHoI&google_cver=1&google_push=Aer7DvJPg2m47V6OTZI1GphaEunMaHUFzkjwbPmCp5VbiVlsxq8snTCQea3Oh4srjHGatC3kMJunggdlMS3x21rD6hDuMf9Ypya...

43 B
416 B

177ms
167ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECRoBzmWi15ZHPPq7hIdHoI&google_cver=1&google_push=Aer7DvJPg2m47V6OTZI1GphaEunMaHUFzkjwbPmCp5VbiVlsxq8snTCQea3Oh4srjHGatC3kMJunggdlMS3x21rD6hDuMf9YpyaQMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJPg2m47V6OTZI1GphaEunMaHUFzkjwbPmCp5VbiVlsxq8snTCQea3Oh4srjHGatC3kMJunggdlMS3x21rD6hDuMf9YpyaQMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b5254a55d4e1c8e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 131
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECRoBzmWi15ZHPPq7hIdHoI&google_cver=1&google_push=Aer7DvJPg2m47V6OTZI1GphaEunMaHUFzkjwbPmCp5VbiVlsxq8snTCQea3Oh4srjHGatC3kMJunggdlMS3x21rD6hDuMf9YpyaQMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJPg2m47V6OTZI1GphaEunMaHUFzkjwbPmCp5VbiVlsxq8snTCQea3Oh4srjHGatC3kMJunggdlMS3x21rD6hDuMf9YpyaQMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b5254a40b871c8e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6059
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE80fQXIWsPEsSjjBx8G5yI&google_push=Aer7DvJi1YShfSh56PxKI8QwGglCITgq_TzZrdvrHbb4jIVG2HbqpOQ5In...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE80fQXIWsPEsSjjBx8G5yI&google_push=Aer7DvJi1YShfSh56PxKI8QwGglCITgq_TzZrdvrHbb4jIVG2HbqpOQ5InQ-IvGtpxnHIFoAoyBHfzbvg8Xys7wMGTYJPi1YNJDH

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230065-FRA
pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1681038910.040402,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE80fQXIWsPEsSjjBx8G5yI&google_push=Aer7DvJi1YShfSh56PxKI8QwGglCITgq_TzZrdvrHbb4jIVG2HbqpOQ5InQ-IvGtpxnHIFoAoyBHfzbvg8Xys7wMGTYJPi1YNJDH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6059
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBkIedWxp5f83aU8oCiC1o8&google_cver=1&google_push=Aer7DvJCFXN9lrgODKhm6udo0LogEcRZd2PIDxSffKNVcyljfJsDy_UMPbIxeuFWa62IDtb0TAW3OrQgmNa...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvJCFXN9lrgODKhm6udo0LogEcRZd2PIDxSffKNVcyljfJsDy_UMPbIxeuFWa62IDtb0TAW3OrQgmNassKWXkBAmmIfh1O5aOA&google_hm=A-GRRYPxS_a0sjBbNl...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvJCFXN9lrgODKhm6udo0LogEcRZd2PIDxSffKNVcyljfJsDy_UMPbIxeuFWa62IDtb0TAW3OrQgmNassKWXkBAmmIfh1O5aOA&google_hm=A-GRRYPxS_a0sjBbNl3X14g

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvJCFXN9lrgODKhm6udo0LogEcRZd2PIDxSffKNVcyljfJsDy_UMPbIxeuFWa62IDtb0TAW3OrQgmNassKWXkBAmmIfh1O5aOA&google_hm=A-GRRYPxS_a0sjBbNl3X14g
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6059
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJKP9u7BiYpU5rTL48NFNek&google_cver=1&google_push=Aer7DvKbK81eAleCMJZIh4eFBU6e4aMaclZOnvyU3ch52TrBGQ4iET7uM4vmhL947YyAMgL-CNWj3d_G37sPTkgz...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eCQ4sY6eRFmULk4ZpXHCRQ2&google_push=Aer7DvKbK81eAleCMJZIh4eFBU6e4aMaclZOnvyU3ch52TrBGQ4iET7uM4vmhL947YyAMgL-CNWj3d_G37sPTkgzdJjgpqbbfTox

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eCQ4sY6eRFmULk4ZpXHCRQ2&google_push=Aer7DvKbK81eAleCMJZIh4eFBU6e4aMaclZOnvyU3ch52TrBGQ4iET7uM4vmhL947YyAMgL-CNWj3d_G37sPTkgzdJjgpqbbfTox

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Apr 2023 11:15:10 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eCQ4sY6eRFmULk4ZpXHCRQ2&google_push=Aer7DvKbK81eAleCMJZIh4eFBU6e4aMaclZOnvyU3ch52TrBGQ4iET7uM4vmhL947YyAMgL-CNWj3d_G37sPTkgzdJjgpqbbfTox
x-host: tde-deliveryengine-production-86c874c4d8-8db69
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6059
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBhWmKPOoCO7asZ0zzKcrpg&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBhWmKPOoCO7asZ0zzKcrpg&google_hm=ZDKePasjxGtnr-ukb1CpCQAABG4AAAIB&google_nid=index&google_push=Aer7DvKrSh0rucYJxwAz15vaRWlLG1YspqUEX...

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBhWmKPOoCO7asZ0zzKcrpg&google_hm=ZDKePasjxGtnr-ukb1CpCQAABG4AAAIB&google_nid=index&google_push=Aer7DvKrSh0rucYJxwAz15vaRWlLG1YspqUEXJQJhelnSUDYYXOrIWpD-jjUaqFxpZPkEbsK0TN_6pArKSa60I3Hdob4SBHD9vF1pQ

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 09 Apr 2023 11:15:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBhWmKPOoCO7asZ0zzKcrpg&google_hm=ZDKePasjxGtnr-ukb1CpCQAABG4AAAIB&google_nid=index&google_push=Aer7DvKrSh0rucYJxwAz15vaRWlLG1YspqUEXJQJhelnSUDYYXOrIWpD-jjUaqFxpZPkEbsK0TN_6pArKSa60I3Hdob4SBHD9vF1pQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6059 0
12 B 24ms
24ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JU0spRktSqohMGUHswKHpoAoM8nvCu4kBryZ-y8vj6uPd-uHZ4nTejDKGEmerVCm7BIrga

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEFA
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEC91QXBmp9ngTJiYCENjhps&google_cver=1&google_push=Aer7DvJF1U6Cx7xo6L6Bp-ca_b5-1fUe2EejgAu8UvffvnsKu-qxq_w1fSU2HKWmVGpR2ORRyszhKpqxl8mEo5sMtvRKPpJwX5YNzA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24D3F2EEA841454F94BDF58705153B79&google_push=Aer7DvJF1U6Cx7xo6L6Bp-ca_b5-1fUe2EejgAu8UvffvnsKu-qxq_w1fSU2HKWmVGpR2ORRyszhKpqxl8mEo5s...

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24D3F2EEA841454F94BDF58705153B79&google_push=Aer7DvJF1U6Cx7xo6L6Bp-ca_b5-1fUe2EejgAu8UvffvnsKu-qxq_w1fSU2HKWmVGpR2ORRyszhKpqxl8mEo5sMtvRKPpJwX5YNzA

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Apr 2023 11:15:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24D3F2EEA841454F94BDF58705153B79&google_push=Aer7DvJF1U6Cx7xo6L6Bp-ca_b5-1fUe2EejgAu8UvffvnsKu-qxq_w1fSU2HKWmVGpR2ORRyszhKpqxl8mEo5sMtvRKPpJwX5YNzA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 08 Apr 2023 11:15:10 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame FEFA 70 B
264 B 39ms
37ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBKkaZP24P0scMlxLa4MNdY&google_cver=1&google_push=Aer7DvLwMh9-_ZGOgEfRkLdyxlBkWjly_LDONIgS3xA8P5QS6Ok26MvaNwMPHvI-FDU46WWPwASs1apnWSjS5NZaj5Ox-3o_wtftHg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEFA
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJKP9u7BiYpU5rTL48NFNek&google_cver=1&google_push=Aer7DvJV1d9AKR_h26x5K9hVmaMiJen56GENjqR8THFa4XsImbWLQIAWtBe5IOZ2q-XXXqF0aI9w-DyiFrZlT0_O...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YJ5dTvS3SK-aRD1VTGIS1g2&google_push=Aer7DvJV1d9AKR_h26x5K9hVmaMiJen56GENjqR8THFa4XsImbWLQIAWtBe5IOZ2q-XXXqF0aI9w-DyiFrZlT0_ORjEe9STCQD-GAw

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YJ5dTvS3SK-aRD1VTGIS1g2&google_push=Aer7DvJV1d9AKR_h26x5K9hVmaMiJen56GENjqR8THFa4XsImbWLQIAWtBe5IOZ2q-XXXqF0aI9w-DyiFrZlT0_ORjEe9STCQD-GAw

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Apr 2023 11:15:10 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YJ5dTvS3SK-aRD1VTGIS1g2&google_push=Aer7DvJV1d9AKR_h26x5K9hVmaMiJen56GENjqR8THFa4XsImbWLQIAWtBe5IOZ2q-XXXqF0aI9w-DyiFrZlT0_ORjEe9STCQD-GAw
x-host: tde-deliveryengine-production-86c874c4d8-26wxj
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame FEFA 43 B
135 B 22ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELBDXnpR34-gl-Gt2BFyICA&google_cver=1&google_push=Aer7DvJx6aVCUOmBZeAQ9SsxqvPpm7r3JVaQhFbLlVsbyY4xtEfG4L54GeG3Bwx6SQ0qwF2s8P-53IMXTgh5YkPww-Fvajn3N7RnFA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:09 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: oa8iqvh4qeud73dec1e1l9o1jmjrmu7e

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEFA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7vTiwAxxSZOqaeldu7TAsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7vTiwAxxSZOqaeldu7TAsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJ9tVzFzn4loPFFByuJrtgRoTKppaARak0J5frciIUSWRpnTlh21qhv5hErflel8m_n1hxedDsrkrspoWKI27QPMFprWh888A

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7vTiwAxxSZOqaeldu7TAsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJ9tVzFzn4loPFFByuJrtgRoTKppaARak0J5frciIUSWRpnTlh21qhv5hErflel8m_n1hxedDsrkrspoWKI27QPMFprWh888A
date: Sun, 09 Apr 2023 11:15:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEFA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAqyY-ZKlYbqBvDkafRZmsE&google_cver=1&google_push=Aer7DvK0pWAxt3w_T_n9H1BAh3KfHHv7cQVcxvoSkkYiyCTUEI4gsh3mrjHwYA_INbZxjs88azU...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc5QjVXRjYtRi0xSFVa&google_push=Aer7DvK0pWAxt3w_T_n9H1BAh3KfHHv7cQVcxvoSkkYiyCTUEI4gsh3mrjHwYA_INbZxjs88azUFVkiDDrHlaNchTQdANx9duOJ-BQ

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc5QjVXRjYtRi0xSFVa&google_push=Aer7DvK0pWAxt3w_T_n9H1BAh3KfHHv7cQVcxvoSkkYiyCTUEI4gsh3mrjHwYA_INbZxjs88azUFVkiDDrHlaNchTQdANx9duOJ-BQ

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc5QjVXRjYtRi0xSFVa&google_push=Aer7DvK0pWAxt3w_T_n9H1BAh3KfHHv7cQVcxvoSkkYiyCTUEI4gsh3mrjHwYA_INbZxjs88azUFVkiDDrHlaNchTQdANx9duOJ-BQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEFA
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN_nW8TkYBWtXGHKkbaQsHo&google_cver=1&google_push=Aer7DvL0Y0PUBZ8A3XEqHQ5CaRS_4MVSYiTOms3Nxse3Tqbb8ghQPT9gFEgmSaUQPIe98VYu_pYjoQn4inR-...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvL0Y0PUBZ8A3XEqHQ5CaRS_4MVSYiTOms3Nxse3Tqbb8ghQPT9gFEgmSaUQPIe98VYu_pYjoQn4inR-ODlCXRZhnkDqEedopQ

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvL0Y0PUBZ8A3XEqHQ5CaRS_4MVSYiTOms3Nxse3Tqbb8ghQPT9gFEgmSaUQPIe98VYu_pYjoQn4inR-ODlCXRZhnkDqEedopQ

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvL0Y0PUBZ8A3XEqHQ5CaRS_4MVSYiTOms3Nxse3Tqbb8ghQPT9gFEgmSaUQPIe98VYu_pYjoQn4inR-ODlCXRZhnkDqEedopQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FEFA 0
12 B 26ms
25ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-9COCNqWLA3ltzlTtnExT0e_S4IDXdkf64a3Oj63PSTdwbszOQhCuvGCchu5sf_3JGyuU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2AA7 22 KB
8 KB 17ms
16ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 265063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 09:37:27 GMT
expires: Fri, 05 Apr 2024 09:37:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 06B8 21 KB
21 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:30 GMT
x-content-type-options: nosniff
age: 434620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:30 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 06B8 20 KB
20 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 434646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:04 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8545329873006492075/ Frame 2B7A 142 KB
22 KB 62ms
23ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 176949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22810
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Apr 2023 10:06:01 GMT
expires: Sat, 06 Apr 2024 10:06:01 GMT
last-modified: Wed, 09 Feb 2022 10:36:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 66AE 0
0 134ms
70ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKAl2em0Tg5KPPYxHYRov_I5F-2WUMqo_y4XG-OTEy0is8pwMSuYoksn18DuR3UB8NuV913Sv7Asth4hmQDs5H6YBo4HN7m7nDgCy4Edful5IpPdu1XxGyQow85PJp0ljVnhb4ZVqV7-iXKUU2CUhcvwXFp-Bzd-IWmIbd8O8h6W4BZBRQvyP0hDB3Gpw_w331lpj2BkHidLXDMTG7V6eb1BgRccDUJ2A19wyITjivS8NLEWHcWFU4jfpg0khIZyMFBtSxhLxPqfk3jYvsSZPlDrvVjk354XUCDhDMFrqCMFMnRL3ZTk7OIfvCZ-GWrpsvqzxjKDKmh1qBalMfTQLUZcnYEFSuSNUzb-NKNQZpQfdlkBUjIX8e00RYOy-0xRB-JE_rLl8uj2fH3zUlHXMbiybLkoeEIwOh1u5KNMGmoGHDkzj62V0db159N_zsUSMoKixKJNQN5pMPeehqUU13CRcCRCmyoujKw9U-Wo5Tn2lPZU9YxbWDm4MU2tNWSXKuYGrdk3ke7HZLBNNFFyZLV610NHKY869ZzuiuE2VbnVHQcl-Vqaj8X8tlTEq8IdjKLpK7TDPKBpaTOcZMyFRlfQ8FfYROfC63Au3GJTnm7HVsIH1GZDIljZ7PArE6K2PqxMeeNcKaXLZNlCbav5fBKviiTl-MoXcDWG6YLA6Y11yzXFplKFJsh54lfy-AzhY801QiQNA_ZWDfPP0CZX8pqaoUn85U3xvXhJBj5pD9v2zOFK2tYipOcC7z6LRi0s-y5dCceWw8UkVQ5ZVoiuurJvSkLqq7dH_t2_NpSOc2XKQWcqW16JdA6gixWIk-8IfGkTuOHjE7B7xZVYYEIZeYMghaHAeL4hHifcorM2mI3ptg5Ul_EoeI3NSuAMlz65jloZtuLkibxfEtnOnaBWqTNKW42OqBs77RdQ2_imu94pM1Sny4gdlop8RIPLYVcd7hCunLqgigHcluWgS4DUQ5PlXhUAr8haAIRWDUvuFieDwpI6nSq4KOTNPWnpWF7HrCiMdU5zuhNwKpfI-LWdBArGbCFFJV84t4C1yOu7O1ZzrwC3uaDWWBi_caQeja9MdY_VdxQErLWE1Y1OUUxwuuH4drNg8Gfefpm__FkXo1h3Vhbc5f24aYgf6nc_156bT8gxWfE6fNW2OsdqYWwXKFK8bP5rIscAT1BiPq6GmDSh1Bmas0zLOyhsNtIAbYPwDJ7LnVAxzgx4BpF4rjAXOclLX52OeOPASQvR2THq33qBPmG3hnXThrmihGg_tN9-Nar9UJVmQqVRqEhsfCVp9045yMoGDA4Lem6VCH3GafthDJ8PHeioxQzsUYYKOQjC5xLwAt8a03h5T1ARPN_XGV2J0BVQ&sai=AMfl-YT7dRw2DX5f8Bzgrfuq6SW9fyVyO3hDIkxhrE94ALnIsMKSEeMvpYmbme7yx-KqKs2cFPn0cXhfyzCQQdXC5YiTYgfloiYMKy8NRciUARTTyY7A2qAUxS04myTfM-vXkQEjFTgGxUZyNqSr58fifZ2htydvYWbr4lZpT2WrTAeNy_b2h0X33RQC47wYZhUPqVbAIyocAJds1SR9W5Vvt5E8OjQoosEdg_DrZ8gwgwUDuzrgKvaxX9YAAcLAKtxOPjv0tBo&sig=Cg0ArKJSzPfiVZwBhL4ZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=185&cbvp=1&cstd=183&cisv=r20230405.67514&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 09 Apr 2023 11:15:10 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 09 Apr 2023 11:15:10 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FBD4 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_6TPx-c-xvV9WdWteyvjcmtvB80z0krUYGly1lp4lBhptfeeD7Cs2nvaiHZVzJ0YjEH7XXvognW98tCfuCmm0Pb1G5Fj_cF-54J5bmRwiVeIP8z2sC12N-GJyVIClj5yisasvMA&sai=AMfl-YSHV0gds3h2_F0Tde_2iZhqup46SAneplULPa1ppsO3cGcCkqLhSyqaTP71UL8BCK4lN0fn7qunWSoK&sig=Cg0ArKJSzMaZkh2U0lSSEAE&cid=CAQSGwDUE5ym9Dy8RC0lZUGx8u3Xne6fCcKDlRn6RRgB&id=lidar2&mcvt=1013&p=0,0,124,1005&mtos=106,806,1013,1070,1070&tos=106,700,207,57,0&v=20230405&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681038908660&rpt=334&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 66AE
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-1114895170912147&ias_chanId=1&ias_placementId=19422215943&bidurl=https://www.2viaboleto.co...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

106ms
74ms

Script
application/javascript

2600:9000:2127:fe00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45
Protocol: H2
Server: 2600:9000:2127:fe00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: ml8sLXd95uD59cm.BnrTx99uclgxfFZ2
content-encoding: gzip
via: 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
date: Thu, 06 Apr 2023 04:40:57 GMT
x-amz-cf-pop: PRG50-C1
age: 282854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 21 Mar 2023 18:43:33 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: mFRpvmJFQvEykKOXxp0wpFP4IQuifXaaN4pzggo-qLayW3bXB_kaQA==

Redirect headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 1EBE 91 KB
92 KB 111ms
29ms Script
application/javascript 2600:9000:2127:fe00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:fe00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:38:18 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2713012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: ym15AHeiZfr_aA8y-RXqT4kMHf7MBVwZngAY_F7MI81LnpsSW4N-Vw==

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AA7 36 KB
14 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 420156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 14:32:34 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 66AE 43 B
216 B 596ms
183ms Image
image/gif 2600:1f13:800:7782:504d:3412:cd3a:ac20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e131d250-4725-d141-b475-adf074e05805&tv=%7Bc:9hLu3X,pingTime:-3,time:88,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B82~0%5D,as:%5B82~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tAVBX1X+11%7C12%7C131%7C141%7C142%7C151%7C161%7C162%7C171*.990511-61634100%7C1711%7C1712%7C1713%7C1714%7C1811%7C191%7C1a1%7C1b1%7C1b2,idMap:171*,rmeas:1,rend:0,renddet:DIV,siq:22%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:504d:3412:cd3a:ac20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 66AE 43 B
215 B 595ms
184ms Image
image/gif 2600:1f13:800:7782:504d:3412:cd3a:ac20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e131d250-4725-d141-b475-adf074e05805&tv=%7Bc:9hLu3Y,pingTime:-6,time:89,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:90,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tAVBX1X+11%7C12%7C131%7C141%7C142%7C151%7C161%7C162%7C171*.990511-61634100%7C1711%7C1712%7C1713%7C1714%7C1811%7C191%7C1a1%7C1b1%7C1b2,idMap:171*,rmeas:1,rend:0,renddet:DIV,siq:22%7D&tpiLookup=ao:www.2viaboleto.com.br*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:504d:3412:cd3a:ac20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2B7A 29 KB
10 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 16:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67930
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Apr 2023 16:23:00 GMT

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 3711 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 420156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 14:32:34 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 66AE 43 B
215 B 579ms
183ms Image
image/gif 2600:1f13:800:7782:504d:3412:cd3a:ac20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e131d250-4725-d141-b475-adf074e05805&tv=%7Bc:9hLu4f,pingTime:-2,time:106,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:411,beZ:412,mfA:414,cmA:415,inA:415,inZ:418,prA:418,prZ:425,si:432,poA:434,poZ:461,cmZ:461,mfZ:461,loA:500,loZ:502,ltA:517,ltZ:517%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:106,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B100~0%5D,as:%5B100~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tAVBX1X+11%7C12%7C131%7C141%7C142%7C151%7C161%7C162%7C171*.990511-61634100%7C1711%7C1712%7C1713%7C1714%7C1811%7C191%7C1a1%7C1b1%7C1b2,idMap:171*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:22,sinceFw:83,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:504d:3412:cd3a:ac20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 66AE 0
0 55ms
54ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKAl2em0Tg5KPPYxHYRov_I5F-2WUMqo_y4XG-OTEy0is8pwMSuYoksn18DuR3UB8NuV913Sv7Asth4hmQDs5H6YBo4HN7m7nDgCy4Edful5IpPdu1XxGyQow85PJp0ljVnhb4ZVqV7-iXKUU2CUhcvwXFp-Bzd-IWmIbd8O8h6W4BZBRQvyP0hDB3Gpw_w331lpj2BkHidLXDMTG7V6eb1BgRccDUJ2A19wyITjivS8NLEWHcWFU4jfpg0khIZyMFBtSxhLxPqfk3jYvsSZPlDrvVjk354XUCDhDMFrqCMFMnRL3ZTk7OIfvCZ-GWrpsvqzxjKDKmh1qBalMfTQLUZcnYEFSuSNUzb-NKNQZpQfdlkBUjIX8e00RYOy-0xRB-JE_rLl8uj2fH3zUlHXMbiybLkoeEIwOh1u5KNMGmoGHDkzj62V0db159N_zsUSMoKixKJNQN5pMPeehqUU13CRcCRCmyoujKw9U-Wo5Tn2lPZU9YxbWDm4MU2tNWSXKuYGrdk3ke7HZLBNNFFyZLV610NHKY869ZzuiuE2VbnVHQcl-Vqaj8X8tlTEq8IdjKLpK7TDPKBpaTOcZMyFRlfQ8FfYROfC63Au3GJTnm7HVsIH1GZDIljZ7PArE6K2PqxMeeNcKaXLZNlCbav5fBKviiTl-MoXcDWG6YLA6Y11yzXFplKFJsh54lfy-AzhY801QiQNA_ZWDfPP0CZX8pqaoUn85U3xvXhJBj5pD9v2zOFK2tYipOcC7z6LRi0s-y5dCceWw8UkVQ5ZVoiuurJvSkLqq7dH_t2_NpSOc2XKQWcqW16JdA6gixWIk-8IfGkTuOHjE7B7xZVYYEIZeYMghaHAeL4hHifcorM2mI3ptg5Ul_EoeI3NSuAMlz65jloZtuLkibxfEtnOnaBWqTNKW42OqBs77RdQ2_imu94pM1Sny4gdlop8RIPLYVcd7hCunLqgigHcluWgS4DUQ5PlXhUAr8haAIRWDUvuFieDwpI6nSq4KOTNPWnpWF7HrCiMdU5zuhNwKpfI-LWdBArGbCFFJV84t4C1yOu7O1ZzrwC3uaDWWBi_caQeja9MdY_VdxQErLWE1Y1OUUxwuuH4drNg8Gfefpm__FkXo1h3Vhbc5f24aYgf6nc_156bT8gxWfE6fNW2OsdqYWwXKFK8bP5rIscAT1BiPq6GmDSh1Bmas0zLOyhsNtIAbYPwDJ7LnVAxzgx4BpF4rjAXOclLX52OeOPASQvR2THq33qBPmG3hnXThrmihGg_tN9-Nar9UJVmQqVRqEhsfCVp9045yMoGDA4Lem6VCH3GafthDJ8PHeioxQzsUYYKOQjC5xLwAt8a03h5T1ARPN_XGV2J0BVQ&sai=AMfl-YT7dRw2DX5f8Bzgrfuq6SW9fyVyO3hDIkxhrE94ALnIsMKSEeMvpYmbme7yx-KqKs2cFPn0cXhfyzCQQdXC5YiTYgfloiYMKy8NRciUARTTyY7A2qAUxS04myTfM-vXkQEjFTgGxUZyNqSr58fifZ2htydvYWbr4lZpT2WrTAeNy_b2h0X33RQC47wYZhUPqVbAIyocAJds1SR9W5Vvt5E8OjQoosEdg_DrZ8gwgwUDuzrgKvaxX9YAAcLAKtxOPjv0tBo&sig=Cg0ArKJSzPfiVZwBhL4ZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=389&vt=11&dtpt=204&dett=3&cstd=183&cisv=r20230405.67514&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 09 Apr 2023 11:15:10 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 2B7A 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Apr 2023 11:29:26 GMT

GET
H3 200 flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2B7A 4 KB
2 KB 21ms
19ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Apr 2023 11:28:01 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2B7A 11 KB
3 KB 20ms
18ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Apr 2023 11:27:54 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2B7A 4 KB
2 KB 26ms
24ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Apr 2023 11:26:47 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 2B7A 6 KB
2 KB 26ms
25ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Apr 2023 11:29:35 GMT

GET
H3 200 300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 2B7A 38 KB
38 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:08:09 GMT
x-content-type-options: nosniff
age: 421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38528
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Apr 2023 11:23:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AA7 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B__IQPZ4yZJS9MK2l9u8Pst-FyAoAAAAAOAHgBAI&bg=!AQKlAlbNAAYIJb0jKCU7ADkAdvg8Wn9B-UB2134KC2B9sIBKXrBEzVKVfx_vKpQEOmAgZuOB-dkxoeWkbXOgZDtPtVS_1YnnlPQCAAAAf1IAAAACaAEHmQL042xOtr7merodoZdsQLQ_1QC3QAAIVGo2rbVjyTmNVbXaSGg6b7p8hNohqckn1mE0UfXcLJD2sRfRwIYE515Usuw9xiW2ZplYSN95bO8HRGzCiEz1-GrE7oTOidsN-URzyTpUu75gjvUJmJA5TxP-EmwzIsyh4pF-xs7xw9hJ-A8Ymhx8JXjC6HuNj8DSGA_lPKQyVN4piyvnuyMADYs7SFLcrp2u_iO5lygjCS0-Huuyz0xL7nQDVJ9Y3fsj_d-531HMz9rGyNCNTEZNUGB-X56hcj6EVpnS6aOS-cMCQ94v4c8w9oh8yLFQ_WADqwEk11kVa27VBz1ZZN-GbXW9u1vcC5JV0FUUL9_er2J4Ry6SzkLAvL_z413P_xJs5p26akvC8V17YfeQF6ihWasRnP1-ZObgn6XCSXgyf-9-7vFmMvIqsQtUHTyliWJUIZnPiFiGh7KUqTCJcw2VZp-3Irg0vh_z9LgNpdZdPy0kHU5GhDQMUbwqo6LjH_TcVKJoe4LPc-k7MYRLZfbET83AKFxHgzadCPh9PNM3epuKKJckQFVkRhwOcPjxbD8EhfWuhJThy1x5erNfd6pbdI9KaUFdf6DGxppxvCpl4-9qS-e5lK5eeMAHfn6QQy5vOdOjswXIS9PvxQtkMtAE6-nOsXUZSYyRwOyOqObefRZeT9brDWA0BJojhupl2c_A3-6CrKGm8pNJGJuot9X2IWgFVgqLQg4GG37s_7D95y31o3LaBpcfNKYBC8W5b5gE8kAnDUk6zXYTMvHNwloIpx30C5YOvFCkwOENxvpg_fw07_dSZK_CqtJqhqeyDOTzSquCIEQgbiyqR9vb9DWWurYdSARfdN4kPL3yQ09H_vTiNgyUdhOJ2GSDNAxnDqVs1JGseDk_UbaoirfJeky7i6sSCnyQBNEmQxiibdvujRfTLoJ8BJfYwP29RFZE4CDrGi-kvizDRZkKdovk2WCKicy2oH0JjIxP1eLCFuEYhX2MDemmrIgV

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 66AE 43 B
215 B 188ms
184ms Image
image/gif 2600:1f13:800:7782:504d:3412:cd3a:ac20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e131d250-4725-d141-b475-adf074e05805&tv=%7Bc:9hLuax,pingTime:-10,time:496,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTExLjAuNTU2My4xNDYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1681038910589%7C%7Cff7556eca75460d6f423d75755881419%7C%7C54018389c7a32a8d685baa10091bc39c%7C%7C804a940c53f9b73b3e8f98480f8c56ea%7C%7Cc46d832543ed1d6c9bcb5bdb5cb7de8e%7C%7C7d47385b0e1fbc969093b11dfdd6a761%7C%7C178b70a97aa8170111a7302bec2a60ed%7C%7Cd27833d246cdbc9d0ed1177593efeb3c%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1680977490&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681038908549&bpp=2&bdt=1890&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2d47fe427818d8f-22d0cead8add00b3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw&gpic=UID%3D00000bd37c6b06d3%3AT%3D1681038907%3ART%3D1681038907%3AS%3DALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=1772029837489&frm=20&pv=1&ga_vid=1913409177.1681038907&ga_sid=1681038907&ga_hid=205470193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926&oid=2&psts=AHQMDFd1m58eU9FZckDFpR2vZcNdBZ7Xbw4glKPkdLAMkAbSnqIlFuwSGOxxEqbqslbR2VopnN_WVavhONlBPJrNS6qwebZi&pvsid=1926835649570687&tmod=2031825417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=ppwnz0ZDxe&p=https%3A//www.2viaboleto.com.br&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:504d:3412:cd3a:ac20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:10 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 66AE 0
0 72ms
69ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 async-api.71768fc8-1.229.0.min.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 83ms
26ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.71768fc8-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 743f55303d7eab3ed0aa287fa248124f833da6f085a1d9a56eeeae00e109b441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: e8rpyKr3cY5QVrf3oxuX1AUTh5lETeQ7
content-encoding: gzip
via: 1.1 varnish
date: Sun, 09 Apr 2023 11:15:10 GMT
x-amz-request-id: MP5J9HVAQGBTGWZE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1185
x-amz-id-2: cHx/mlyL35eR9xbq2125shd/Fyti/l1i2KdQK7m8a0qCwbnN7xdTzvmk03Wg8yaQocqYVRJ4ucY=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681038911.843952,VS0,VE0
etag: "ff2c4ad370325d458bbf2815873747cb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3610

GET
H2 200 lazy-loader.ff971c03-1.229.0.min.js Show response
js-agent.newrelic.com/ 928 B
621 B 83ms
27ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.ff971c03-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: C26LEymLTjV1dauBWZq7rhioGnm96EaK
content-encoding: gzip
via: 1.1 varnish
date: Sun, 09 Apr 2023 11:15:10 GMT
x-amz-request-id: FC12BJNJF3W7GKCP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 414
x-amz-id-2: jbGdejari8vf+p939B9JW/YiFTEZzHlFMEEj+EQUS5onS+A84Svr1lsu1vypvGaX96v0WZMtLCg=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681038911.843933,VS0,VE0
etag: "5c71e603fdc4b5e7eb31a10d4bf90768"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2974

GET
H2 200 sp-push-worker-fb.js Show response
www.2viaboleto.com.br/ 65 B
320 B 23ms
22ms XHR
application/javascript 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/sp-push-worker-fb.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

2a810283ef3a450039039318677538039c2adadfe2703a12f98b07735ba15290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VwMHUV9UDBABVFdVAgYEUVUH
Referer: https://www.2viaboleto.com.br/
tracestate: 3500974@nr=0-1-3500974-1120076439-166c60ccbf3a21ed----1681038910784
traceparent: 00-6995291f72cad39f6177c1d34c5376c0-166c60ccbf3a21ed-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM1MDA5NzQiLCJhcCI6IjExMjAwNzY0MzkiLCJpZCI6IjE2NmM2MGNjYmYzYTIxZWQiLCJ0ciI6IjY5OTUyOTFmNzJjYWQzOWY2MTc3YzFkMzRjNTM3NmMwIiwidGkiOjE2ODEwMzg5MTA3ODR9fQ==

Response headers

date: Sun, 09 Apr 2023 11:15:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 19:24:41 GMT
server: nginx-rc
etag: "5eea6df9-41"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 65
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 11:15:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 79ms
79ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230405&st=env

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc8a77e5ac1f53da25a33471319015fc8eee8c4548b892215de0faac8a6e6599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11242
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
35ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=205470193&t=timing&_s=2&dl=https%3A%2F%2Fwww.2viaboleto.com.br%2F&ul=en-us&de=UTF-8&dt=2%C2%AA%20VIA%20BOLETO%20-%20Coelba%20-%20Sabesp%20-%20Vivo%20-%20Oi%20-%20CAIXA%20-%20CELPA%20-%20CPF%20-%20CELESC%20-%20BV%20-%20FIES%20-%20CONTA%20TELEFONICA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4257&pdt=8&dns=67&rrt=0&srt=25&tcp=38&dit=244&clt=244&_gst=271&_gbt=377&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1913409177.1681038907&tid=UA-53198037-1&_gid=110347969.1681038907&gtm=457e3430&z=595965512

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61798
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 09 Apr 2023 11:15:10 GMT

GET
H2 200 862.5040a0e9-1.229.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 9ms
9ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/862.5040a0e9-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46f4baefb952425144ddecbc344eefd3e8474120d0a905197ceca703773a0af6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: MmrDfYLvfemW_C2Le7BEaPC6eRPP2SUA
content-encoding: gzip
via: 1.1 varnish
date: Sun, 09 Apr 2023 11:15:10 GMT
x-amz-request-id: JCYQFPRVDEXE8331
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3555
x-amz-id-2: m6eDOdUghBrk+5+bmwDX6eY1lWK7QHjzoiQuhVhTZQahMW6TB0sXYwSyTMJq+waoaGuL2ouR6Cs=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681038911.874310,VS0,VE0
etag: "82638c97ed5b8ac50e187350d21318e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1138

GET
H2 200 page_view_event-aggregate.a968183b-1.229.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 9ms
9ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.a968183b-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f7c2c31ea859cfc1d95cb315d2f2a36e7c34dc815ad25fc3d851b771ca580e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: SFzPPcdnTVHQTcD9hCRgHiiAXXxPSYYj
content-encoding: gzip
via: 1.1 varnish
date: Sun, 09 Apr 2023 11:15:10 GMT
x-amz-request-id: JCYXK4XEQYW747A6
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4139
x-amz-id-2: XdIBoDMIW5STW13JxSFF5LrMEJRgbgNl80yqXL9rQ1FSM3ny4DUqsKEwK/ItfyyIZQCengeSssI=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681038911.874468,VS0,VE0
etag: "365ec56e709c5cda59caead206bd8a90"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2465

GET
H2 200 page_view_timing-aggregate.92e7c907-1.229.0.min.js Show response
js-agent.newrelic.com/ 13 KB
5 KB 10ms
7ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.92e7c907-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7df1f1e0416d3774b6c4db6c9bd0c3d57ff62ffda8ac4fb42187a2120edec163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: .6v4LQjyJ30j79.vmD38H.SGYD4l823I
content-encoding: gzip
via: 1.1 varnish
date: Sun, 09 Apr 2023 11:15:10 GMT
x-amz-request-id: JCYPDX9A13Z4HM3Y
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4828
x-amz-id-2: CcDrV7e+x06DJNX2jp56U8v+h6O4O9r0iV5V7nwOLGLwSs81qRnXDSJ1SMcZMpnG37SQih2K5zc=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681038911.877347,VS0,VE0
etag: "9a1883d2c0f4c6e4d887e9b04d87aa23"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2470

GET
H2 200 metrics-aggregate.fde0a6c6-1.229.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 19ms
16ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.fde0a6c6-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1d8656eab6c03d6ac0205611e249a38fd3a719cd51aed01130dbab1e6b7ecee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: RgWkOhsMW9AOu0Hy3o60cL2Urkt6D6V0
content-encoding: gzip
via: 1.1 varnish
date: Sun, 09 Apr 2023 11:15:10 GMT
x-amz-request-id: JCYMXJF7J8W8H22T
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1720
x-amz-id-2: FttM5djkXvv5/D+8FDeUh6kXhCUAj+LiB92SDSvkTrrKJqAyEWYklmywwXm6Q3WFRTdzUQgDd64=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681038911.878293,VS0,VE0
etag: "e203af23d49efdd7eb02d1237809add6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1479

GET
H2 200 jserrors-aggregate.265ba41e-1.229.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 13ms
11ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/jserrors-aggregate.265ba41e-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 110b95da6e397f48c09a27114251fd4157f473f66013e6ba78e0a78b310ada58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: yUWRJUnruZ6di8bLW6bbReM.qJ8Dtffi
content-encoding: gzip
via: 1.1 varnish
date: Sun, 09 Apr 2023 11:15:10 GMT
x-amz-request-id: MP5PC7ZBHSPPTM1Q
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2932
x-amz-id-2: 2RhtOcySzBzHiOgVFCFNhI7Udc3FNHBf1gRLzz8qlK/0Kj+fWOxwDjmHtEeuLWMesJK5LGKelAY=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681038911.877928,VS0,VE0
etag: "cfda02bbbc20eafb5a6352a132f4b6f7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2272

GET
H2 200 ajax-aggregate.ebcbd305-1.229.0.min.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 13ms
11ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/ajax-aggregate.ebcbd305-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: _SW2GtnjspGrmWeYaU.3TPXeANAUVC2X
content-encoding: gzip
via: 1.1 varnish
date: Sun, 09 Apr 2023 11:15:10 GMT
x-amz-request-id: JCYY0X5Z1G9DJJWP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2365
x-amz-id-2: uo8ExcdKXD4FF3eDHU5cDOnKWsjOtICrUuusF4k82zXcU2d8s5ekbK5hDkGxrgAdK3uQDRJnUMk=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681038911.877903,VS0,VE0
etag: "61554094cde63c6eec39f630c32a828f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 578

GET
H2 200 session_trace-aggregate.afe7d95b-1.229.0.min.js Show response
js-agent.newrelic.com/ 10 KB
4 KB 10ms
9ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/session_trace-aggregate.afe7d95b-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: Om93DsRmumibDAdPESd8Hx4qXtDeSTbH
content-encoding: gzip
via: 1.1 varnish
date: Sun, 09 Apr 2023 11:15:10 GMT
x-amz-request-id: JCYW4R01AASCD7MW
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3732
x-amz-id-2: 5pCBwF8pkjRXy8q4qIoOPj3lKSjJBnNIQDt7kvO4Hfr/oVVHqDp7z6/yQ0bDSYyqkIgDFT48cmc=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681038911.877906,VS0,VE0
etag: "69d309900c2caeef33af662ddf91affc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1535

GET
H2 200 page_action-aggregate.8658345c-1.229.0.min.js Show response
js-agent.newrelic.com/ 3 KB
1 KB 18ms
17ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_action-aggregate.8658345c-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: cQcJBGyVGuOv7irc289FG0t2KdiVdpIY
content-encoding: gzip
via: 1.1 varnish
date: Sun, 09 Apr 2023 11:15:10 GMT
x-amz-request-id: JCYSKS3QMBFBCBDB
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1202
x-amz-id-2: RqskkBLjTzb3NmHH1JSFWmU1k4fJnlA5VDK6/dVrdsqYWqUhljgG6yfsVOA1mf0QTIaRmDCWUNI=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681038911.878334,VS0,VE0
etag: "9c1563b1437a04e5cd75285b2f4bffb0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1544

GET
H2 200 spa-aggregate.6a952689-1.229.0.min.js Show response
js-agent.newrelic.com/ 18 KB
7 KB 18ms
17ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/spa-aggregate.6a952689-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09ff63be86efff337442534f9a041582520c6c97be4eabeaffd443d857ac24d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: NAwV87sFR62h0vPV.AvGqaC58CMysnl6
content-encoding: gzip
via: 1.1 varnish
date: Sun, 09 Apr 2023 11:15:10 GMT
x-amz-request-id: JCYWR0YY5GPNNYCA
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6657
x-amz-id-2: Xsmhp4owoCWHeqJlgBHcc2l+Km9RnmNJ3Rana2Fs3TFiovAGIa34Ffa6jdGVx3cxqRqFN99WK+o=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681038911.878337,VS0,VE0
etag: "1af4661ae2a4aae0f16c12b5725d376c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1199

GET
H/1.1 200
OK NRJS-c1fa2eb36da78a45176 Show response
bam.nr-data.net/1/ 49 B
397 B 462ms
220ms Script
text/javascript 162.247.243.29

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-c1fa2eb36da78a45176?a=1067573716&v=1.229.0&to=M1cAYkACCBBQAUVZVwodN0RbTA8NVQdJHkgMQg%3D%3D&rst=4382&ck=0&s=807da9bd04774fe8&ref=https://www.2viaboleto.com.br/&ap=5&be=131&fe=4130&dc=113&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1681038906525,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:68,%22c%22:68,%22s%22:78,%22ce%22:106,%22rq%22:106,%22rp%22:131,%22rpe%22:139,%22dl%22:134,%22di%22:244,%22ds%22:244,%22de%22:244,%22dc%22:4257,%22l%22:4257,%22le%22:4260%7D,%22navigation%22:%7B%7D%7D&fp=250&fcp=250&at=HxADFAgYGx4%3D&jsonp=NREUM.setToken
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:11 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-fra-eddf8230061-FRA

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C2C 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 143471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Apr 2023 19:23:59 GMT
expires: Sat, 06 Apr 2024 19:23:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BAFA 783 B
535 B 28ms
27ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bef46f451af23dcb3865e71d2c702b4d9bc82ebc047a8d97e2d370f3a31ab6c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k6huz0udY827Fv5VvgtreA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-k6huz0udY827Fv5VvgtreA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 11:15:10 GMT
expires: Sun, 09 Apr 2023 11:15:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 66AE 43 B
215 B 176ms
174ms Image
image/gif 2600:1f13:800:7782:504d:3412:cd3a:ac20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e131d250-4725-d141-b475-adf074e05805&tv=%7Bc:9hLujw,time:1053,type:e,im:%7Bpci:%7Btdr:1006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1053,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1047~0%5D,as:%5B1047~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:192,fm:tAVBX1X+11%7C12%7C131%7C141%7C142%7C151%7C161%7C162%7C171*.990511-61634100%7C1711%7C1712%7C1713%7C1714%7C1811%7C191%7C1a1%7C1b1%7C1b2,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:22,sis:208%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:504d:3412:cd3a:ac20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:11 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BAFA 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230405&jk=1926835649570687&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C2C 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 420157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 14:32:34 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8C2C 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_iYYKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 11:15:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK NRJS-c1fa2eb36da78a45176 Show response
bam.nr-data.net/resources/1/ 36 B
363 B 219ms
219ms XHR
text/plain 162.247.243.29

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/NRJS-c1fa2eb36da78a45176?a=1067573716&v=1.229.0&to=M1cAYkACCBBQAUVZVwodN0RbTA8NVQdJHkgMQg%3D%3D&rst=4853&ck=0&s=807da9bd04774fe8&ref=https://www.2viaboleto.com.br/&st=1681038906525&at=HxADFAgYGx4%3D
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05113f3d2f2c9c796fa170885bf0b8163bf56264e5842692cdce5cfdec7cc625

Request headers

Referer: https://www.2viaboleto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 09 Apr 2023 11:15:11 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.2viaboleto.com.br
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 36
x-served-by: cache-fra-eddf8230061-FRA

POST
H/1.1 200
OK NRJS-c1fa2eb36da78a45176 Show response
bam.nr-data.net/events/1/ 24 B
350 B 222ms
222ms XHR
image/gif 162.247.243.29

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-c1fa2eb36da78a45176?a=1067573716&v=1.229.0&to=M1cAYkACCBBQAUVZVwodN0RbTA8NVQdJHkgMQg%3D%3D&rst=5079&ck=0&s=807da9bd04774fe8&ref=https://www.2viaboleto.com.br/&ptid=35e94af9-0001-bf9e-a097-018765ba2831
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.2viaboleto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 09 Apr 2023 11:15:11 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.2viaboleto.com.br
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230061-FRA

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66AE 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8880331394398&version=m202301230201&ct=76&x=1&cor=9081338181489495000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Apr 2023 11:15:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
66ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230405&jk=1926835649570687&bg=!HR6lHkrNAAYIJb0jKCU7ADkAdvg8WhAyDpV7YJIH2TYxOa6t8uuCiJSHXJqy-IRQx9UeVrDKxhToyfmBFRRbXP_zXP4K3a5QTnMCAAAAflIAAAADaAEHCgBWuJ3UjO9EkeOtN4inDycCLMlt01gnvjKwFmnNwgODZBCKVh_pHKGv47n4omZWZq27VM5XLxJv8YbXZHpXkjky-DYBNB0WxxK-sTNdijn4PoA6gDDacqSZArK14wkCNNg-ghFi7Dr1X5LeBl9SZeh-navn2htlXfDSC7Rvf9bOxWHSvVIAdj8UFWbBYYSwzdzUT3s_uZiOXODbt5-fSvPCzfGyaGmTjcVFOLXN5-cj7SGAtONI5m2p562QgYRga-ve_mVoNTkpEJCLkbrbDy-2ElogkI9-TwsQEfMdsHZZQ5YmQGVmwTESVvbtEN2i9Wd7eS6FKn-FJuhTSalbVOp-R26WYTGJeOAKYlgEMd5MlGEDy1caSgt1-AAUvGvZ3jkYNBG0j4EtxzGMUz7q5yXl3Q7Yjb7S__KrrgT7ojmiku6OU5qyVpLTqYIuNQj4RDcKiE1zwBY4yQFKnuxPPyM6NkymrNuvvrFqO3B3DZIlwMihy7ykclnLA7WMwhkWtzjyKHSB5yss7fCQPKRVjchuHOwyWPScJFFU_pBPw3xGvcPuc_RH4q0Ysn1qPiSFsCTjjTyWd1BquV7kW71GkHexj2C4O4DMt5-c7KLfOKTkEPF7yeuvVkAooBzyeM2ngufKUgCJ85O4mJqStGqPDzmIrEluw0hnjjFr5A-GpmCHw6J6Xgw2OhiT3sxQZU44theo3Tr_axiYnvvs4B7sGG9BSIg2QAL2N-wTlWfo3CPwSjoat-gvrHsI5RWffMPDXwPOC7n2lEeHEnqhPNBfflGsJ_ptij7M19gPp3FZ38bXFIgDtr89NzLhOqGDJy8iROZw6MJxwNf2WLYtHlLAhA5BM-b_8BaG7bhWFjUIJ6g68_kU8swYl0kWUUV2jYvNvDEI6DtUZ439TP2sd3tZc5XeGckNQxAwo7i7s_Gr5xEwPK4vArTBHgZSab49tJiTlBD2bBbjDSLdui7z1Iw8-261D4keFmP6uuh7R5lRGFduZDsyJd50YvKKbSLXwymHh5OW9RqHF7St7UafiXw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.2viaboleto.com.br/	1970-01-20 20:33:18	Name: _ga Value: GA1.3.1913409177.1681038907
.2viaboleto.com.br/	1970-01-20 10:58:45	Name: _gid Value: GA1.3.110347969.1681038907
.2viaboleto.com.br/	1970-01-20 10:57:18	Name: _gat_gtag_UA_53198037_1 Value: 1
.2viaboleto.com.br/	1970-01-20 20:18:54	Name: __gads Value: ID=e2d47fe427818d8f-22d0cead8add00b3:T=1681038907:RT=1681038907:S=ALNI_MaPi6eCiRMC9GNi3tEAGA07VouHLw
.2viaboleto.com.br/	1970-01-20 20:18:54	Name: __gpi Value: UID=00000bd37c6b06d3:T=1681038907:RT=1681038907:S=ALNI_Mb2ab0XMWzteT75JvgaDOwT3FocDg
.doubleclick.net/	1970-01-20 20:18:54	Name: IDE Value: AHWqTUmSNIS7lWXhlMVUO8-mmNi6Bz2KXoc3m0ztCsqoL53x-REcLq-11R0VwAP97pA
.doubleclick.net/	1970-01-20 10:57:22	Name: DSID Value: NO_DATA
.w55c.net/	1970-01-20 20:27:33	Name: wfivefivec Value: hvYFxgF61PLt0N5
.w55c.net/	1970-01-20 11:40:30	Name: matchgoogle Value: 5
.simpli.fi/	1970-01-20 19:44:21	Name: suid Value: 24D3F2EEA841454F94BDF58705153B79
.blismedia.com/	1970-01-20 19:42:58	Name: b Value: 64329E3D5D083D623E8C544ABLIS
.adform.net/	1970-01-20 11:40:30	Name: C Value: 1
.innovid.com/	1970-01-20 13:06:54	Name: uuid Value: b770e8f5-2554-4c65-8831-6b4b41e0db78-20230409 07:15:09
.adform.net/	1970-01-20 12:23:42	Name: uid Value: 8718878180531707196
.casalemedia.com/	1970-01-20 19:42:54	Name: CMID Value: ZDKePasjxGtnr.ukb1CpCQAA
.casalemedia.com/	1970-01-20 13:06:54	Name: CMPS Value: 1134
.casalemedia.com/	1970-01-20 13:06:54	Name: CMPRO Value: 1134
.adnxs.com/	1970-01-20 13:06:54	Name: uuid2 Value: 3749956833105631270
.adnxs.com/	1970-01-20 13:06:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In=f0AN*!]tbPl1M>e)ZlrFUfJ+tGXxo3B)imn?7waf^_KK%?1-:L@2y'$aaV(gZa_V33If)y3KL9D3I?+mgWQn5
.quantserve.com/	1970-01-20 13:06:54	Name: d Value: EGsBCQHbKIEA
.quantserve.com/	1970-01-20 20:27:33	Name: mc Value: 64329e3d-e9581-c444b-eabf2
.pubmatic.com/	1970-01-20 10:58:45	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 19:42:54	Name: KADUSERCOOKIE Value: EEF4E2C0-0C71-4993-AA69-E95DBBB4C0B0
.mathtag.com/	1970-01-20 20:23:14	Name: uuid Value: d4856432-9e3f-4300-9520-31869b1f4db5
.mathtag.com/	1970-01-20 11:40:30	Name: mt_mop Value: 4:1681038911
.ctnsnet.com/	1970-01-20 19:42:54	Name: cid_03e1914583f14bf6b4b2305b365dd7d7 Value: 1
.ctnsnet.com/	1970-01-20 19:42:54	Name: gid_CAESEBkIedWxp5f83aU8oCiC1o8 Value: 1
.travelaudience.com/	1970-01-20 20:27:33	Name: _tracker Value: %7B%22UUID%22%3A%22782438B1-8E9E-4459-942E-4E19A571C245%22%7D
.everesttech.net/	1970-01-20 19:42:54	Name: everest_g_v2 Value: g_surferid~ZDKePgAAANgFowA9
.tribalfusion.com/	1970-01-20 13:06:54	Name: ANON_ID Value: arnseFNZaiMjAmemFmDwuZagMBrMo8PKaSdjSEfF9SZccywQu3STK5UtLd3qF1gplZc6HJAyej1ZbAkXhvTcbxSvA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-1114895170912147&fa=3&ifi=10&uci=a!a&btvi=5&xpc=cQpfN2RlkB&p=https%3A//www.2viaboleto.com.br Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-1114895170912147&fa=4&ifi=11&uci=a!b&btvi=6&xpc=OICLqDTmRQ&p=https%3A//www.2viaboleto.com.br Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ag.innovid.com
bam.nr-data.net
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
js-agent.newrelic.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
web.webpushs.com
www.2viaboleto.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.66
151.101.130.137
151.101.130.49
162.247.243.29
178.63.88.48
185.29.132.241
185.80.39.216
185.89.210.244
198.47.127.19
2600:1f13:800:7782:504d:3412:cd3a:ac20
2600:9000:2127:fe00:8:48e:53c0:93a1
2606:4700::6812:18ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:806::2003
2a00:1450:4001:806::2006
2a00:1450:4001:806::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9d
2a02:6ea0:c700::17
2a02:fa8:8806:16::1370
2a05:d01c:1d8:8100:7781:4495:ac65:b0a4
3.124.143.199
3.33.220.150
34.96.105.8
35.186.193.173
35.186.253.211
35.190.0.66
35.204.158.49
37.157.6.246
51.89.9.253
54.220.168.134
69.173.144.165
01c45aaa52000cd6953f4bad3cdc47e4a667ed0afc50e4e3fa7afe91d7a50082
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
03037ab6da2abbc92f5a9d15b9a26aa4c99c428fd944c350b3a09b71d8754845
04e2bf8b45eb7c57a0e534e4782c67b2ccfc7788b5cb8221aef4f68a3aaef104
05113f3d2f2c9c796fa170885bf0b8163bf56264e5842692cdce5cfdec7cc625
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
0770b353a9e537b5ca96aaa338c89046d8b3c03859fc27ab7cbda454003712e6
09ff63be86efff337442534f9a041582520c6c97be4eabeaffd443d857ac24d2
0a81c51fdca70a0e0cb72e27e1ab7e32decf2c10c7cd5469cd5f4afc55e0d47e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbcf1b601485bcd74630815ea6180a77c56c6bfe481b36b00240a76211cfb18
0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e100bdf373cf6f3120c1ad917d1773be14fd69da96cb7e930be7218bf41f942
0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8
110b95da6e397f48c09a27114251fd4157f473f66013e6ba78e0a78b310ada58
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1c359be8d42735792ec0f6ebf1a37c96ab09d936b369543a347547c93cc7c901
20e4f92000fdd6db3859e5a887e00f3eda04a89c231ec8270dec5200fa46d2f5
2197d977fd86c0ce36c2db29da04a3e9bb4dbc64ddac67519f379dbd37fd0fe8
23598d34c690a9648cd9751d4293bf64c9eeaf90ea9762ff5f783bbb50663acf
23eb134e746f1e5c265c5d33d045af48c444617adaa281fb993d6070bdc04c9f
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
28bce427c6d0dc435e757269ff824004937e5ad65f032fdc4524119b746eeeeb
28f5fa40f39fa4b08302c82a0882701e50cf1c8a61ce6ac76501d822ac66f823
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
2930e494569c86f6d92380843e7e2f636d2393f03550c8c4a3105555babe913c
2a810283ef3a450039039318677538039c2adadfe2703a12f98b07735ba15290
2b4d71e68760154cf89d865d2816de9b79e3d7407061d39ac8b61015388ba789
2b7857735f209a7446ddba4f53920335b47b2862486f4cb53346fb89f608b1db
2c40ed179b696f5690385254e6d461ae5e8396729af33955e70dfb2482ce00d8
2de5dbb6c7491affb6ca7b92ba29bb712bfd7e73ad36786c3fb0ba57c86e73d0
2ff0ff037fc73d5bbea051dc0575e0c2d4a8d93dedb2715b00a126b0a7006d0d
315d7701e6050d8935fe781df48be35fbcfb0f1e5897c78e305e747b89e9c070
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
346e1b927246849bc11cc69c9df8cab8ebdd6c8db92b5f57730cb58f07ce57d1
34e0bb5c5ed1184e6452cf7562faf332af1a26e95e50e035ff0a9f7065e6df9e
35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce
3d8aff3488c1f0cf82473f1d958bd176e445282c3caaeb32a4f1c09c427e9be1
3e5607ea43d18a908a4c66eabf6648472467b084de61d70229daaf2ceb403237
3fcc65363965765df778ba971639d84376f09dc17e9769b5a26895d7344e2bef
430dbbdaf8b1aee2d9bcc678728025a780d9a2212ddfb55af48f4ec08252befd
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
46f4baefb952425144ddecbc344eefd3e8474120d0a905197ceca703773a0af6
4759a5cbbaf2b48c7ab2ed5eb46b93e12fda0964ac3278ef367d8e7660ca5b0b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcde2058847d8c4fe4fb2ba5b0bb8c48eadf51c371e4e3bbce3c1bb09808063
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebe38f1e00ba9ba783f7828e1ebdb7fa455ce59451b330198a9e98e4fb19f32
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ebc61ff97ce47c96a59ac77aeeea0207caca52a385123bd199ade1c25659bb
531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
5942aa38a57c18eabdf62bc76252331129b993797b54400a7041cbade76b78d2
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7fe66186bd39c8189568917d9a4e849f4dc404e39def5278606f35ed35e6a2
5c8aee8e0b70fff05f1923310674a6b79d401e65f642d291e15ba779dd1035df
5cb8afa23d794598d2e509f33f56bad58616cc0fb9c9aa75380e1b4a16390554
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631914f76acb9cbb821fd70e116d546902bdb27df5e2176769b1206ef58ddcc0
63e67bf1851816832c5a08b4090fa45fbfa97d0298cf4e3fd03140ac49ec2413
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6e51b1506ae8b2c4acec4dfc6aa5e5ff817462d3a67e2bfdf0a5f633b6b7d379
6fc0db464c7c0a52b9fbb64825882ff81273f56319fb6376a4e4738f04fc2758
7117fc3005bd535577a248feda72de2f33d09b8a5d4ee5f344e08f7a9c90cbb7
72957e5c2b234ae7cde201e06138eb4d692d5508d4e21a7d27cc7074813c4832
732eecb68ef3d0de07b24ccd9267a189090c57630e02f415906e6722a54be2b0
743f55303d7eab3ed0aa287fa248124f833da6f085a1d9a56eeeae00e109b441
7d5e2c8f259d9f8be3197487826c56d6781c9547b264e16e3999cc7534268935
7df1f1e0416d3774b6c4db6c9bd0c3d57ff62ffda8ac4fb42187a2120edec163
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
7e2d9dc11c42c4c70b2edab9599a14a1401ac0effc16729a5cee66d57fa1d56d
83187f67b69648e0dfa3751b056278342742dfcfe5af158312679a0c7c2be218
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8659fffff542481ed52bf651702cf42265eebbadc992eb5fef58a57f2aac4ff8
8af62449a9d4c9bfcbed67d04bf990832c687d81a939109b6080341d1bbe2545
8b913e87f320c679e3f441d3ec19509e91179087cc59bd3ad3b57ffd96a243d9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f7c2c31ea859cfc1d95cb315d2f2a36e7c34dc815ad25fc3d851b771ca580e3
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
93326eb41a20db97ca003b220ef4ddb2c3bd07bbed23ef5031cbd78972b502ab
94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83
997c2317aa5c7a37d5fad9bfbf40c4a78227ebf8036edf76c0083eb77bff479f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bbc1ede5c163301e776b1bd1307275e343af6a94e38e470a3530dbc78bf0959
9cec8f40b1b61512d27ac4cc6dd741dad05e524d9c38ed5d2fb5e4ec42f33bf6
9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4
9eef1086914a261727440b5426f1a4422e0ede94cde641136286bd25d8d49e2f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0ebdbbb4f7f44c1cf7609fec1036388fc176a0e582201445d50d07633489d8b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bd7408de95c847558282cc24ea3589f76f817963fb99e088beaed2cddf4440
a650c814d488eae07920ba06e2725bb96d96292b417ae35024f8445ce2fd7afc
a6c3a6797b2bac5fe6ffb1dcee41d518f2a7c5785e83d5c49e47afb1fde4df9a
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
aa51c452743520d3d7be8569341b9c4b6e2174975e6f4e30cb74d93d27f38349
ab0ab067228b5003c6151ce723d078e5ad5c0d8c07fb6718ee1a82442b51b49d
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af00905084228f83bf706b8325d6d5db6d96f1771d52e5a8ccc89787c201b1f6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a977d7cddb22c664832e1ae5057809849c4c635c9a4c15fa019761159e8262
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
bc614820bb8a7621f48a2bbe3058977302c670692a1c5783788893218bfb7e0a
bef46f451af23dcb3865e71d2c702b4d9bc82ebc047a8d97e2d370f3a31ab6c8
c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff
c8dfbbfebd0fa034a8bc6731e0ca1a4e96ad040cc4954fcedf0e78cc33568833
c8fba4095c22ea77f83395b3803fbf7eaebb91ebd992c461db4ac5874be63fb3
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d247591f9522801d7a053e929a77212df61c2f153a309141648ad9a7894b1a32
dc8a77e5ac1f53da25a33471319015fc8eee8c4548b892215de0faac8a6e6599
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
dfa12b21a8af3c77a55cd7481712205532fa2959e83b80eaa331c6b9e8712fae
e0b7c636c8756825c0652b5d3decf36bbcb6ea03eb8fce82e2dc10e8dc0bb622
e1d8656eab6c03d6ac0205611e249a38fd3a719cd51aed01130dbab1e6b7ecee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c8d6cda903250d395120bb2b795693ad41cd75ef06e02bcae47967dc73cf86
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35f122e6ce4a1a7716ec5195343a95677ce8b6499637d3dac5388c178883d7e
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ad960b15b5e9aa621e0a2527a4ea2c857d4d10d2b4bf82835e019f9760b44e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fded76bc20710d1e8bed8013883fec71c7951f9d52c622b787395b946905b511

www.2viaboleto.com.br Open in urlscan Pro 178.63.88.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

276 Requests

91 %HTTPS

57 %IPv6

35 Domains

50 Subdomains

37 IPs

9 Countries

3291 kBTransfer

7097 kBSize

30 Cookies

1 Outgoing links

Redirected requests

276 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.2viaboleto.com.br Open in urlscan Pro
178.63.88.48 Public Scan

Screenshot
Live screenshot

Full Image

276
Requests

91 %
HTTPS

57 %
IPv6

35
Domains

50
Subdomains

37
IPs

9
Countries

3291 kB
Transfer

7097 kB
Size

30
Cookies

276 HTTP transactions
18 data transactions