us.seucartao.online Open in urlscan Pro
172.67.154.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://grecomvo.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ1cy5zZXVjYXJ0YW8ub25saW5lJTJGYmFuay1vZi1hbWVyaW...
Effective URL:
https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTN...
Submission: On May 11 via manual (May 11th 2024, 3:35:40 pm UTC) from NG — Scanned from DE

Summary HTTP 104 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 15 domains to perform 104 HTTP transactions. The main IP is 172.67.154.21, located in United States and belongs to CLOUDFLARENET, US. The main domain is us.seucartao.online.
TLS certificate: Issued by GTS CA 1P5 on April 30th 2024. Valid for: 3 months.

This is the only time us.seucartao.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.217.18.37 44.217.18.37	14618 (AMAZON-AES) (AMAZON-AES)
46	172.67.154.21 172.67.154.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:8041	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:80d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:992a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	172.67.133.53 172.67.133.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
9	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
7	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2800:3f0:4005... 2800:3f0:4005:408::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
3	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:ff40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
104	23

1 44.217.18.37 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-18-37.compute-1.amazonaws.com

grecomvo.lt.acemlnb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 172.67.154.21 (United States)

ASN13335 (CLOUDFLARENET, US)

us.seucartao.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:8041 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:992a (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.133.53 (United States)

ASN13335 (CLOUDFLARENET, US)

a3tech.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

pr.a3studio.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2800:3f0:4005:408::2003 (Argentina)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a753a2a74e7717e761ae0ee929def9b1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:ff40 (United States)

ASN13335 (CLOUDFLARENET, US)

sbp.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	seucartao.online us.seucartao.online	619 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 a753a2a74e7717e761ae0ee929def9b1.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 164	111 KB
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646	91 KB
8	gstatic.com fonts.gstatic.com csi.gstatic.com	303 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 421	104 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	201 KB
4	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 14027 sbp.izooto.com — Cisco Umbrella Rank: 197908	80 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	10 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205	171 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9403 prism.app-us1.com — Cisco Umbrella Rank: 9486	8 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 44	5 KB
1	a3studio.online pr.a3studio.online	1 KB
1	a3tech.online a3tech.online	734 B
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 9557	315 B
1	acemlnb.com 1 redirects grecomvo.lt.acemlnb.com	361 B
104	15

	Domain	Requested by
46	us.seucartao.online	us.seucartao.online
11	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net us.seucartao.online
7	fonts.gstatic.com	fonts.googleapis.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	cdn.jsdelivr.net	us.seucartao.online cdn.jsdelivr.net
4	fonts.googleapis.com	us.seucartao.online securepubads.g.doubleclick.net
3	cdn.izooto.com	us.seucartao.online cdn.izooto.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	a753a2a74e7717e761ae0ee929def9b1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	securepubads.g.doubleclick.net	us.seucartao.online securepubads.g.doubleclick.net
1	sbp.izooto.com	cdn.izooto.com
1	lh3.googleusercontent.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	pr.a3studio.online	us.seucartao.online
1	a3tech.online	us.seucartao.online
1	trackcmp.net	diffuser-cdn.app-us1.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	diffuser-cdn.app-us1.com	us.seucartao.online
1	grecomvo.lt.acemlnb.com	1 redirects
104	20

This site contains no links.

Subject Issuer	Validity	Valid
seucartao.online GTS CA 1P5	`2024-04-30` - `2024-07-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
izooto.com E1	`2024-04-13` - `2024-07-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
diffuser-cdn.app-us1.com E1	`2024-03-30` - `2024-06-28`	3 months	crt.sh
prism.app-us1.com E1	`2024-03-19` - `2024-06-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-26` - `2024-08-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
a3tech.online GTS CA 1P5	`2024-03-31` - `2024-06-29`	3 months	crt.sh
a3studio.online GTS CA 1P5	`2024-03-31` - `2024-06-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Frame ID: C220D2CCC40C2BBFBEB03707D4B63CA1
Requests: 90 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 9C944F055FEDDBC5E3AC0FBCEE0F423F
Requests: 1 HTTP requests in this frame

Frame: https://a753a2a74e7717e761ae0ee929def9b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3E6B007906DC73E69C4DB4E43539CD78
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB8FA2E1A3774884AD8C46D7E94B3035
Requests: 1 HTTP requests in this frame

Frame: https://a753a2a74e7717e761ae0ee929def9b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EE74D3687F1EE8971859F4AB8A947E83
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404291353000/amp4ads-v0.mjs
Frame ID: 9708C5D2A2484872D0B0DD36E2B33D82
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank of America Travel Rewards p1 - Seu Cartão

Page URL History Show full URLs

https://grecomvo.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ1cy5zZXVjYXJ0YW8ub25saW5lJT... HTTP 302
https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=emai... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

104
Requests

97 %
HTTPS

57 %
IPv6

15
Domains

20
Subdomains

23
IPs

4
Countries

1704 kB
Transfer

4388 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://grecomvo.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ1cy5zZXVjYXJ0YW8ub25saW5lJTJGYmFuay1vZi1hbWVyaWNhLXRyYXZlbC1yZXdhcmRzLXAxJTJGJTNGdXRtX3NvdXJjZSUzREFjdGl2ZUNhbXBhaWduJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NvbnRlbnQlM0RGSVJTVE5BTUUlMjUyMCUyNTJDJTI1MjB5b3UlMjUyMGRpZCUyNTIwaXQlMjUyMSUyNnV0bV9jYW1wYWlnbiUzRGNhbXBhbmhhLWlkMDIwLTA5LTA1LUVOR0o=&sig=CH6bx8eSHwJTFDTW6gy7wk8vDwU3aBBdFH9uPN38FbAd&iat=1715292323&a=%7C%7C92472274%7C%7C&account=grecomvo%2Eactivehosted%2Ecom&email=bc6cwFUHlOIrBF%2BRdyNKVYFy7%2F600ReMyXEBm%2FZftiai6N4MxfJ50q8%3D%3AUy0ZkJ42BDIl%2BJhvpg8usWk0XORtHFF%2B&s=df1e0ac2d7578d4520212450a7c15371&i=221A226A2A768 HTTP 302
https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

104 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
us.seucartao.online/bank-of-america-travel-rewards-p1/
Redirect Chain

https://grecomvo.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ1cy5zZXVjYXJ0YW8ub25saW5lJTJGYmFuay1vZi1hbWVyaWNhLXRyYXZlbC1yZXdhcmRzLXAxJTJGJTNGdXRtX3NvdXJjZSUzREFjdGl2ZUNhbXBhaWd...
https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ

146 KB
44 KB

1166ms
1082ms

Document
text/html

172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6350b877aedb48c35506948563f32b77e53386feef2acf7c27178f99efcb8449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88233d40dcb16aeb-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 11 May 2024 15:35:31 GMT
link: <https://us.seucartao.online/wp-json/>; rel="https://api.w.org/" <https://us.seucartao.online/wp-json/wp/v2/pages/2026>; rel="alternate"; type="application/json" <https://us.seucartao.online/?p=2026>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FeilOJ9bMZUQUuuaiLs%2F5NzFnVovfsdoGxO%2B5Ui%2FH23iVXGXs%2FzPIrFavlpKvv7twFJD%2FN3FgZr3kc5FDig67bk4XwKO2BcE2YfY1CwPW1bXYxODj1QEQE7hSRoFLbjJMNh2xS4e"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: application/json
date: Sat, 11 May 2024 15:35:30 GMT
location: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
x-amz-apigw-id: XnN6bFQ1IAMEnDA=
x-amzn-requestid: 4e535585-3923-47cc-9d39-bedee586ede6
x-amzn-trace-id: Root=1-663f9042-18e090a34626028417cedd47;Parent=4744e15f486c3cca;Sampled=0;lineage=12ce62b2:0
x-robots-tag: noindex

GET
H3 200 main.css
us.seucartao.online/wp-content/plugins/jeg-elementor-kit/assets/css/elements/ 192 KB
22 KB 66ms
65ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/jeg-elementor-kit/assets/css/elements/main.css?ver=2.6.2
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a92cd845b0439455ce0d0b33f29b30a4787c42c9224c38a1ce2bf0482f1b05c5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 224272
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 13:13:06 GMT
server: cloudflare
etag: W/"65537262-301b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nK7z5G58icgO0q6sybsXvyhcdu9Sr6MWkmNn05dUSxxumr%2FBmHWeayOlviSlC4bIuofMmnwz%2B8jRVTYKpsk4N02pGs63Trx2gL2oRjbPRWZ7%2FOlshM3qz8qxQDF2OyL5WYZ6fEMk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab676aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.min.css
us.seucartao.online/wp-includes/css/dist/block-library/ 111 KB
15 KB 103ms
102ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265758
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 03 Apr 2024 01:10:03 GMT
server: cloudflare
etag: W/"660cac6b-1bae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCB6wQCaTQA3JeEYR6tVxHs0Z2AQB49s61OIkMM9JKmom2mJ2gRcqhVl61jNzdjzcKNZLCMZE1V6LDKaDjQknfOyoFrQbtXbC%2FBH95aQMCN5S4b8fygG7xewWZov%2FAiM4iqfXbCR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab6b6aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 preloader-plus.min.css
us.seucartao.online/wp-content/plugins/preloader-plus/assets/css/ 1 KB
1005 B 104ms
102ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/preloader-plus/assets/css/preloader-plus.min.css?ver=2.2.1
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b096cfae2525b059116d8b86e549bf6ae43fdcc78a90c72a3a42236d5caac52

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 330411
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 Nov 2023 01:59:38 GMT
server: cloudflare
etag: W/"655eb20a-5a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ALUUCP6yi%2FP41xSjiVz%2Bx3VAnOlbXk4gkIHyPeAID0itbChYxTLOjM0F1JFZRX%2BF6mPE4j36R2XYSFl3B%2FhrL3vALGf5txMtwNbqfUal%2Fi1faxV2%2FvKzQ9%2FSBEz2ZyEy9ls76Fwx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab6c6aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 header-footer-elementor.css
us.seucartao.online/wp-content/plugins/header-footer-elementor/assets/css/ 776 B
763 B 104ms
102ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.23
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265758
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 18:22:55 GMT
server: cloudflare
etag: W/"65b003ff-308"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O8KSK%2FxBHy9mqkxaJS0qpeEAnWkJIdJghN9Bxg4s%2BA50RPhRP1MySTJAVKBRABGB4SW7qRUTLz8Wf8d61HuzLC0cspUypA30ddC2ipkLJ3kwo0FFzoElohJHn9k9UDo1qbouWfeO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab6d6aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend-lite.min.css
us.seucartao.online/wp-content/plugins/elementor/assets/css/ 115 KB
15 KB 105ms
103ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.18.3
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ecbdb2dc3f86c7ed142dce156d8f3ca1846b75bb512471935f45b8c8949645e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290946
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 18:22:47 GMT
server: cloudflare
etag: W/"65b003f7-1ca54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=psLbKt5OxNFao04Fvp5LuWyagOC40r6%2FCMOjkZx%2BWLLYyDywRtB91UePo%2F%2BQAJRcWOy%2BWvkn6Y0mOfXRNK9MD%2FwBaHiu7MwC53SM%2B1zZP982J2qeQOUbZX0SfWHo77%2Bv9%2BYgN7cA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab6f6aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 swiper.min.css
us.seucartao.online/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 16 KB
5 KB 106ms
104ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265758
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 18:22:47 GMT
server: cloudflare
etag: W/"65b003f7-4057"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z211jaAWaHiAL3dFVtz3NIvcezSYiDg%2FF%2FiG4oektbauRRKLABIgrveKp8jLherZyFaB%2FIxHAEm37MXGUdEMLZxu%2BB8ZRLZiwnW8brg3ScRB0q%2BXkCvtoG0FFPJxjCwGZeSYVNap"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab706aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 post-38.css
us.seucartao.online/wp-content/uploads/elementor/css/ 13 KB
2 KB 679ms
677ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/uploads/elementor/css/post-38.css?ver=1706034191
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fb449f0366b75fa5bf229498e4f5b7102232b56ad1ae163ea06fb38bbf062a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 18:23:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b0040f-329f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLjM6Yuy%2BaiURI9GNZ5VP0yvUXaYJ49DXAuoMaDYrDQI7jPXP8G7ZTqXun7olrAdr9DCkOlBZFCJ1lsWl%2B%2F2NVBLMuU%2BUT7OYMUuNNlpmZphABlpcnHUJBQ7i8nwSI9azD9%2F4Qbh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab716aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend-lite.min.css
us.seucartao.online/wp-content/plugins/elementor-pro/assets/css/ 11 KB
2 KB 106ms
104ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.6.4
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43a1639e9c2a26251797c2f35727aee7a8f9ba2b8468b9e7d621a88fc0915489

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 503985
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 17:49:47 GMT
server: cloudflare
etag: W/"6553b33b-2c8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sYW4fyGPrv76yYeBEM41CVEvMbWbTUAs5QUSqyFsAOD5tXXX1M13BEyOo3ibLKx%2BhYYEvCXKdY8cNy0JqBWr8mb2Sb7QbPSF2wgcB3J%2Fm%2BmmjZ4d2PhftZ7%2FMLVBEwBuhZa6wwds"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab726aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 post-126.css
us.seucartao.online/wp-content/uploads/elementor/css/ 9 KB
2 KB 107ms
105ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/uploads/elementor/css/post-126.css?ver=1706034191
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f02d5dbc887487f7ec335183e5d341de9bf2b8140feafd1a5f01a110d526ff0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418280
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 18:23:11 GMT
server: cloudflare
etag: W/"65b0040f-2379"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEptGeW3O5PnfL3Df%2FitcelbT8eFd%2BR6WXc%2FOFnprvsWkQBiVUyhdkh3wjVGfY3rI1JKypO6fOE%2BmrPK%2BEKZ2tkiLT8NaFEthjVpFfu3YuY1PE2eVdmqTLkqkVni5mw7RS5u7gK4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab736aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend.css
us.seucartao.online/wp-content/plugins/header-footer-elementor/inc/widgets-css/ 74 KB
9 KB 107ms
105ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.23
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea14d1b1233e6cbc9b1a156ac532f076f7adafc309726fca7bf8833f882ac872

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265758
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 18:22:55 GMT
server: cloudflare
etag: W/"65b003ff-127a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3dUGhd%2FG6Xcgo3XeCIoWMrdXYBHskIfpIBKpv2uonum55Kz7IFzEcyklrICkvaOCSJGSkCvVktpMrkzKULt50hWm5MPwk%2B7wLqN389RnPhtz0DlxDKyuN63bV6W8sG3vSW%2F1RrjV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab746aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 post-115.css
us.seucartao.online/wp-content/uploads/elementor/css/ 7 KB
1 KB 139ms
137ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/uploads/elementor/css/post-115.css?ver=1706034191
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa3bcbd35f161e493a8bb7587d083520bed8e50143df5471e9048a8e6359113f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 323283
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 18:23:11 GMT
server: cloudflare
etag: W/"65b0040f-1da8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eew0QaLhw%2FZ6mEKpxsf2LIolPwClMg4RuDYkMvWxWBKKr1GRgW1I%2FtNjXvZ0VvnSjnsJbjENB5NWpsmXfQzBZXsGn3VCdTQs39ZxpCmwaZos9njlgS0xogJ3e0Z7u%2Blm8lh2QiSs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab766aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.min.css
us.seucartao.online/wp-content/themes/hello-elementor/ 6 KB
2 KB 140ms
138ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/themes/hello-elementor/style.min.css?ver=2.9.0
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3c0ebe37e4fd4187131a0a8d039064a9014215c4b83199d909e7e0b2d7f450

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509581
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 13:21:57 GMT
server: cloudflare
etag: W/"65537475-167c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rfYqM7EZHy%2BV7kuuhrHbOqaTMlJ9%2FWp%2Fo4rCjLyRCSJ5QN0LRVigubcTf7W4QpVVG%2BsgUVC4lI51sfsmOxe2b%2B4o%2FrVw6DZFryu5qyYR9G2L37%2ByTqA6CyFBfieNPifLUfaN4xzz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab776aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 theme.min.css
us.seucartao.online/wp-content/themes/hello-elementor/ 12 KB
3 KB 140ms
139ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/themes/hello-elementor/theme.min.css?ver=2.9.0
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f9d3a91d5bbc09131900b7dc64ba4328bab03dc7221c5c2773397cb656bca18

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265758
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 13:21:57 GMT
server: cloudflare
etag: W/"65537475-3097"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNLFW%2Bb2%2B3BZWCfhchGbK9xcZ0mWFGQSccA8R9BqfOdxe0nkgjwj%2BP7bchkASqjZ0t1vX31u%2Ft8hBKLNN5biDfbTCcC%2BzUGAdC226IEKZ9WxFfKHbBGZQtG1OYCSKzcVIqZ3ABeF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab786aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 general.min.css
us.seucartao.online/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/ 3 KB
1 KB 141ms
139ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.7
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e584003b5c6df9bc2854b2775e527ef7240f3d1cae4047e9aa504cdfbc109f9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 596404
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 18:23:36 GMT
server: cloudflare
etag: W/"65b00428-d73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8bp20W3JGBYWJhDqglGkM7govKgi5snL3mHgIHzbslhkZdkYTyZBaDeFoQx6Lray%2BYKcrxW1ZbHqdvrtMxUe6PfHGsEjNh6jhL9lGrfGjnveX%2FBRhDvHRV%2BL86GCF96jt0X%2FpC%2BO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab7a6aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 36 KB
2 KB 137ms
51ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.5.3

Requested by

Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

260662dda999644617f0528cd8856dff06be79a08c922c8ad65f532abe417227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 May 2024 15:35:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 May 2024 15:35:31 GMT

GET
H3 200 jquery.min.js Show response
us.seucartao.online/wp-includes/js/jquery/ 86 KB
31 KB 141ms
140ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265758
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: cloudflare
etag: W/"64ecd5ef-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QIVlomvWg3fqQJnXwS%2F%2F7%2FwHU4WH7k40vQB9Yc%2BzVFpKJlSRejD8mzVhsLEGaMYvB4skB%2BoC%2F5g0heU5Be%2B2mpy54L7C2OOkhDoDX4XBmvDNlo8uA9bWCopUd3yf6vJnronxcurA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab7c6aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery-migrate.min.js Show response
us.seucartao.online/wp-includes/js/jquery/ 13 KB
5 KB 689ms
687ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6482bd64-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DslWSmHhaqQUh5b1Og2NRm8TuVHKs%2B9n54W5JLqJwrYqXjHWTXAS0domkzn8rxtEr0vPDwI8J%2FBiFQmiQ8PLq6jI1LV6SXqkUHUlB%2BMCs6vfqZppzFuwcmKdYsnLZT5dEQzxcqjW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab7d6aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 preloader-plus.min.js Show response
us.seucartao.online/wp-content/plugins/preloader-plus//assets/js/ 1 KB
1019 B 673ms
671ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/preloader-plus//assets/js/preloader-plus.min.js?ver=2.2.1
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea420d765b3a2def39c1b5ae6ec17b209cd156ab21fa8a8716159bb05ed655e7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 01:59:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655eb20a-48c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BSM%2B5Iw5im7xx2mzxZniI6UmxTKeTt%2FuoYxJcJHCqHnkAkO%2BjfMXqQsg84dFdYQIDVyPvu6In3Qd5XHhXWYJ7I5zxJ7pFvgi97YqXZNK%2BqYNeHP7tpCusmik6%2Fc1Q7pOOaM0ufj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab7f6aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 732ff00874c409d721ca2f54e9d845d594e78398.js Show response
cdn.izooto.com/scripts/ 1 KB
981 B 152ms
60ms Script
application/javascript 2606:4700::6810:8041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/732ff00874c409d721ca2f54e9d845d594e78398.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e311a93fce7b4374e56693db38b38bbd39b771cdcff5dda8ad07b497e66855bf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 01 Apr 2024 11:11:47 GMT
server: cloudflare
age: 194666
etag: W/"660a9673-570"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 88233d483ddd18d6-FRA
x-xss-protection: 1; mode=block
expires: Sun, 12 May 2024 15:35:31 GMT

GET
H3 200 wrapper.js Show response
us.seucartao.online/ 11 KB
4 KB 676ms
675ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wrapper.js?v=4.1233
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bedaca888c335196a7df2bc741a5b17f9b277126147e3412f73c11d90da00518

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Apr 2024 17:37:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6616ce66-2c9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d60jRzBsM1VqL4d6hq72XNCpP2YG8d1ovi%2FESBCokvkBqb0ZrIR42wVONRfYi20AfuXN1b08BsJP19NFj5%2FTh%2BD5LH4EkZOB6xEykPEZ%2Ff446%2BAeuX5a6S30JEI0FGdGg8LeHC3J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab836aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 seucartao222.png
us.seucartao.online/wp-content/uploads/2023/11/ 17 KB
17 KB 142ms
141ms Image
image/png 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.seucartao.online/wp-content/uploads/2023/11/seucartao222.png
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc82aa458fda78aa5f5f28fbb780bfcca83595fa395fad19619a2de2af535729

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:31 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2023 17:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 508913
etag: W/"6553aacc-435b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8bj86EQDV7bOCHr2pwG8MjDhs3fuCGcEd50D2%2FBriqoPiV%2BWa87AXfmrlnHY9X05HuTjfJHVJu6U%2FUX8OBp7%2FkyxeHvuXVVZIPNnPi%2BGUkF9iTWihYYVgkmv9WHdcnlwD%2FQSFjow"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47ab846aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 227 KB
35 KB 117ms
36ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Origin: https://us.seucartao.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 May 2024 15:35:31 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6562862
x-jsd-version: 5.3.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34902
x-served-by: cache-fra-etou8220083-FRA, cache-cph2320034-CPH
x-jsd-version-type: version
etag: W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/ 96 KB
14 KB 77ms
37ms Stylesheet
text/css 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/bootstrap-icons.css

Requested by

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bb6fd8cd85394cb367e8ac58e47292f2d68eb288fa12fab68e65430a5ddfce48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 May 2024 15:35:31 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2115023
x-jsd-version: 1.11.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13601
x-served-by: cache-fra-etou8220150-FRA
x-jsd-version-type: version
etag: W/"17fcf-G+wTgIPTsn/2h6nUG4C3l88gtwk"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ 79 KB
25 KB 37ms
36ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Origin: https://us.seucartao.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 May 2024 15:35:31 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2911864
x-jsd-version: 5.3.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25109
x-served-by: cache-fra-etou8220085-FRA, cache-cph2320034-CPH
x-jsd-version-type: version
etag: W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
550 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64a530dad84560bcb259fc7a6872ad18cd9d2ccd66481ac68d0c1f8fad121344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 May 2024 15:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 May 2024 14:58:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 May 2024 15:35:31 GMT

GET
H3 200 d8452776517b8f0f50e9b8b3ba435544.jpg.webp
us.seucartao.online/wp-content/uploads/2024/01/ 71 KB
72 KB 1025ms
1025ms Image
image/webp 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.seucartao.online/wp-content/uploads/2024/01/d8452776517b8f0f50e9b8b3ba435544.jpg.webp
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7d8508343661586bec8cb3a8711db04d76babba8eb10c4500406bdbff6fe96a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 72758
last-modified: Fri, 19 Jan 2024 01:01:05 GMT
server: cloudflare
etag: "65a9c9d1-11c36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2BQa38OkknbKLtQYgLCUwfK3GWkP99r4eLwNwcXFqQsFr4D8JUU1uvsyW8MGDiBvM6tQwQ9bA%2FVwkTgbML6hO0UxEpGYRlC2McV%2BYpjij42Ss73yPadGcjK6uYuGECa3GfBRPnbN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 88233d48fc736aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK fb1fa3cd-9a8d-43fc-a986-7f5ca66e205b
https://us.seucartao.online/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://us.seucartao.online/fb1fa3cd-9a8d-43fc-a986-7f5ca66e205b
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H3 200 seucartao222branco-1.png
us.seucartao.online/wp-content/uploads/2023/11/ 15 KB
15 KB 277ms
276ms Image
image/png 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.seucartao.online/wp-content/uploads/2023/11/seucartao222branco-1.png
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce3ebd350ebd822a95dfaf20c1826426e1185bf5f39eeaf454245fbf09e0740

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 22:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6553f8aa-3b0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCU%2FlEyBiXwJyD5x1yccrnJZUxpYGMe2R7Okn8W76JMUWp8XaU3pARiFbHJP34Gfisai7bsZ3EemD%2F9jxwft0vdpdHuD4VAJyJ8uZXPfGsC7PXu4g29%2Fy7eYomGVKPySZwQYt127"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d47db9d6aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 widget-icon-list.min.css
us.seucartao.online/wp-content/plugins/elementor/assets/css/ 10 KB
1 KB 670ms
670ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba8bea6a6bbbb634afd80fa6128f556a2d09331a9b5e14754d134c43748d5dcd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 18:22:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b003f7-26c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNQ9cBP2pPghvCK9drKBXz%2BugT5Jlm05MQA1mNf8GtcDiS7SdYk5uyWWQygAvCEChZBvI4Z10I%2FJwVuxcMqqZr56FCS%2BOWn11zCgE3B%2BNwHbCwWvpNUyvDZ27kYgVrj8MgYeE4yd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d492c9c6aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jeg-dynamic-styles.css
us.seucartao.online/wp-content/plugins/jeg-elementor-kit/lib/jeg-framework/assets/css/ 0
476 B 51ms
51ms Stylesheet
text/css 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/jeg-elementor-kit/lib/jeg-framework/assets/css/jeg-dynamic-styles.css?ver=1.3.0
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265759
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Tue, 14 Nov 2023 13:13:06 GMT
server: cloudflare
etag: "65537262-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0guI8d8DjZdcUiDcNYIwoVP1HlUtcvx1CZEqWL%2FfXSy8JfYQCj3T6tJ5jMzxLMOoD6gIskps4x9eTjnUgfQMNUfHbzhurgiScs58Vj%2FFSTanMOd2HdYIrGMJ8vVjlWKaKiqFaCmA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 88233d4bff736aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 hello-frontend.min.js Show response
us.seucartao.online/wp-content/themes/hello-elementor/assets/js/ 2 KB
1 KB 52ms
50ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9616f06873f843a28d209c2525b1f3cc56310a94f2c7e2cbfc1cd593cd0f093

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128128
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 13:21:57 GMT
server: cloudflare
etag: W/"65537475-752"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UkpIgAGjG7CQT3IwqGDdJszLunrfxkYDQme%2F8lS%2Btxo4RqwmIONSEeLx1vAO1Mz0FAPQYhxW86OZd1jjjATE3NVyDia%2BHPwuuvcT4iMnEQ24TqdfsdCxIOFZ4ERbzTFBaXUi9hid"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff7a6aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 webpack.runtime.min.js Show response
us.seucartao.online/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 52ms
51ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.18.3
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942c9264f9de00fecac162d8f657d9d32a977882341f6ab66e8bf98dab5e1e76

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128128
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 18:22:47 GMT
server: cloudflare
etag: W/"65b003f7-1385"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MOHmGLN2nf0M7HFfNYAu7xkmP6Yc8KUIdz%2BlAVcS8oq1yQ1xlNxL%2FDWYLgMBnWrhyQ2zV18sBbsAM9PK71Z08lFudU1e9Os20gJD%2BHeup74xnJb9N21FnCIZU333vxNhlEnrlt5R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff806aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend-modules.min.js Show response
us.seucartao.online/wp-content/plugins/elementor/assets/js/ 59 KB
18 KB 842ms
840ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.18.3
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e604215fe4a988196d6b824554fad49143f7450349b4a2a285dad3faeba2f7b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 18:22:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b003f7-eb0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISZrTx818yIx47InpaDPPg0ZBLTwZ7WTBF94BttrGSafVI88FapqZWUOwQffa%2Fl4y%2F65tya86k7lAvFxO2WqHdvMVNxzj6B2QpZtxVUS9eeLqAYO4mrsteM2vdkZGL60RkR1hshB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff826aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 waypoints.min.js Show response
us.seucartao.online/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 671ms
669ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 18:22:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b003f7-2fa6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aTpSi2U5RbGCn8TBbf4rqY8FMVPEVSzXw59wqNzsjOd%2F%2F3Xbmwc8sDNm448yNhEIDer3shQwdSiDvnD3ZiiP%2FQ57sMgN5Vm3AKL0%2B07b9ELHE0SelY8tTV89mXnZ%2FzT1NefUXYD2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff846aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 core.min.js Show response
us.seucartao.online/wp-includes/js/jquery/ui/ 21 KB
8 KB 56ms
54ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265757
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
server: cloudflare
etag: W/"63dbe690-53be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zqqo7DsH7vV3EFWAb0BxthNFr%2FG2OdgU2qnr3hSmbAD%2FBPXy8eK7rC25P6BQ2OmpTgrIZaBmVbEv%2FocsmGf6FsiqDD%2FL9lYlhtxklbYBPY6FPNO%2FpYxszBs00nEThjd7c7P%2FEv4W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff856aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend.min.js Show response
us.seucartao.online/wp-content/plugins/elementor/assets/js/ 39 KB
13 KB 881ms
879ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.18.3
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7e5b0c06ee5bbc14d3e9e9f3055b8108bab899e37aec44a227485f3c3624cee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 18:22:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b003f7-9df4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2B0wlIw5PyBCzrZK8dgmVVrQPvyw01uV6RvCE3BOeyiMnAl15B%2FkXhv0rdlQDN4%2FGeA5i8lKkXhk1EOdtp7bJTEIQpzTWr4EVBIWcvatoPVV5nz80fYp5DwxBwA%2FApexdI38pilO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff886aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sticky-element.js Show response
us.seucartao.online/wp-content/plugins/jeg-elementor-kit/assets/js/elements/ 4 KB
2 KB 675ms
673ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/jeg-elementor-kit/assets/js/elements/sticky-element.js?ver=2.6.2
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 437d2173a503fefc1557e3ff02150e54dd8f26a8dc76d96a9df520e992e54254

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 13:13:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65537262-11d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EcLWAJyMDN17Ab7C1WFMl%2FNF2wd0FAJznb5tjzAnnx0d%2BYDzeZ2FsmILdQMzLP362casyPQsq34xQ1m4Yoe%2FLAWPgIJsut401G2lOgiXOblMGRIs1ll5FUD2QdbWt77jmJcpQ%2FwI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff8b6aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 general.min.js Show response
us.seucartao.online/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/ 9 KB
4 KB 58ms
56ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.7
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7637af59dd2d44ca992f292bed5087cc968e8bc997116c16239014b0acd1c8a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128128
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 18:23:36 GMT
server: cloudflare
etag: W/"65b00428-2511"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SDmkbWmCBaKxdUOuVlQZFF6A1reCQPTccREoAXN1Uf5cm9NeVpUF325uziB8si%2BIhR8CtgGQG0s%2BntyO4h5Rtmuc36sbhu9%2B11LT6AcEOrUmOhFLD2tRYc3s0Gjp6XXZNgWVmrd9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff8d6aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend.js Show response
us.seucartao.online/wp-content/plugins/header-footer-elementor/inc/js/ 27 KB
4 KB 56ms
54ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.23
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df5bb108fb45ffd903b10fa15e2c7b9b869898bce89408d06609b8e2441bd30

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265757
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 18:22:55 GMT
server: cloudflare
etag: W/"65b003ff-6c66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IjJo4TopZ3GmdtV4Vczx%2B0wpsAHQ7tDnSBjS8Wy7Mqv3hf3uyXcOiacLvzuf9G%2BSdNxcqjzpEHW%2BgiJUiUQUIHisKFDLo7VpVMTwENptFRElBBwY1uL%2B4UVq0D4pBBe5NenqTiMH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff8f6aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 webpack-pro.runtime.min.js Show response
us.seucartao.online/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 56ms
55ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.4
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b53e811e2f70aae99b19dde4e877b98382a294a0727b2c8ab788ba030e858c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128128
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 17:49:47 GMT
server: cloudflare
etag: W/"6553b33b-1405"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aLSNRNaVwxTBsxZ10t%2F8qjlqJELofbhUrJTnrv%2FP7qeLwl4Dq1%2F8mUoPgo9Q%2BKbKn5WIXmgU5oHzQ0%2F%2Bg%2FW8BE8lBoOk7dWV3zdcLby%2BQBE8Z%2Bl5qIGYFZuw8mP3PznUD6srm8jN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff906aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
us.seucartao.online/wp-includes/js/dist/vendor/ 8 KB
3 KB 683ms
681ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63c7d511-1feb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGouMAWwqqklVUf8hRPv9gIN61g7%2B9neYM2lxwqs59BZIxCVl0SJcIXx4csS8KdKuisUKfgZsT3elsT7DEK%2F9cS8A%2FUSfWBADH5UmNvzGy8Af8KO9rb6%2F%2BSj7ryFhnGVPOZQVoDT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff916aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 regenerator-runtime.min.js Show response
us.seucartao.online/wp-includes/js/dist/vendor/ 6 KB
3 KB 54ms
53ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265757
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Sep 2023 19:30:24 GMT
server: cloudflare
etag: W/"6509f6d0-19e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=75X6UY4MsXvp208dA0SKK9z8c1adaZRvlvq8H4b4Tbpw%2FVWYdlX2JeHYPFh8WfI5iOZ2P0dpCOCth2R9vbG3r29qknkKyzmDQPrg%2BeT5xoI4mdQAy4REUyeQ2ashlxqKPnckoDc4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff926aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-polyfill.min.js Show response
us.seucartao.online/wp-includes/js/dist/vendor/ 38 KB
14 KB 61ms
60ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 367903
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 03 Apr 2024 01:10:03 GMT
server: cloudflare
etag: W/"660cac6b-96be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FU4INdxGQMayADxq7lcKfrtV5%2FsNcXJHuH38X9ec4NHqYaio4vXc%2FUDGYChXsxvZkjSA0v6Wqg6VfII%2FbAFH8Jl5BPFBC0hhe2H%2BXPMoQvJDAEjLIG90blIRE6T8cMNiOKSNenEP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff936aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 hooks.min.js Show response
us.seucartao.online/wp-includes/js/dist/ 4 KB
2 KB 662ms
661ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 03 Apr 2024 01:10:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660cac6b-10d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dx0NlmzOL10MNJtWDRR1gO64CJ9a7H6Fc%2FQpdQIl91qYQjfq9Y2EuXy0mFXzokWKB508wr5vF6WNmasjXNPDN6mUArKmKcVyxhUgVGHtEGe6%2BFTlEWlfGeycH95b3wep1O7hMDe0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff946aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 i18n.min.js Show response
us.seucartao.online/wp-includes/js/dist/ 9 KB
4 KB 650ms
649ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 03 Apr 2024 01:10:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660cac6b-23b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ST1ER1WztXGbaD9TXqZkXnSzn5zQaRDQw3gX1A8AKLLIZHVcAnyjKXvhtUf5B%2B6lwgF%2BfczS9hfCOsP570TAne%2FhcTT8VIeH6Ssy4kNFbcr8bpiitmEAK8s4iZauo37mOFHsVR%2BZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff956aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend.min.js Show response
us.seucartao.online/wp-content/plugins/elementor-pro/assets/js/ 20 KB
6 KB 57ms
56ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.4
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20edfbbe7c60d8e3562bdcda2dfca7ce7c2f7f55b67fe478904b9fc74a8d6c7d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 224273
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 17:49:47 GMT
server: cloudflare
etag: W/"6553b33b-4fbf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOo3FMIUmbWNXvWsejUjsikt8wu2DzJEjSe%2FA6Q%2Fuie8m4nl9jKtNJtJ94rRI3%2FnZAjUyJjGLBT3hvlNLI4KS%2BiRx%2Bfp%2B395b4HmuPG1OGz4UatyoI68atCaCnYE0CoDjQ9rBOql"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff976aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 elements-handlers.min.js Show response
us.seucartao.online/wp-content/plugins/elementor-pro/assets/js/ 24 KB
6 KB 59ms
58ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.4
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd319d2e96afcb9c7499d3301c77e3829c6099967341d70b7afbc00a60fcfb13

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128128
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 17:49:47 GMT
server: cloudflare
etag: W/"6553b33b-5e95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1Cao6KdYm8dr%2Bxpk%2Fft6Cj8bty%2F8XfaPnHrqKoWEJIV%2BHm70FxtTulGTmD%2B6L4uZUTyiSWCc7HOn%2F5siWGR4k%2FpqgZP1%2BG%2BhaeA9G7AWAE6WoVceGPSRHrmnI%2BHsJEo3HMKwkII"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4bff986aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 334 KB
79 KB 66ms
65ms Script
application/javascript 2606:4700::6810:8041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/732ff00874c409d721ca2f54e9d845d594e78398.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fa44e11b3633da31677571b8d79722f49e3a58d1770f8adf83fed7abbf1ad09

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 08 May 2024 12:21:12 GMT
server: cloudflare
age: 270824
etag: W/"663b6e38-53800"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 88233d4bfb2d18d6-FRA
x-xss-protection: 1; mode=block
expires: Mon, 27 May 2024 15:35:32 GMT

GET
DATA 200
OK truncated
/ 231 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90473a1a619e183dde264afd0632ecbaa69a98ce8a4ed8be947417e47a666670

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 3d-BG-01-1.jpg
us.seucartao.online/wp-content/uploads/2023/11/ 236 KB
237 KB 50ms
50ms Image
image/jpeg 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.seucartao.online/wp-content/uploads/2023/11/3d-BG-01-1.jpg
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/wp-content/uploads/elementor/css/post-115.css?ver=1706034191
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59030c1e43382c635e9bb1fe82d4a89cc4bbd41ffbd0f6d112097eb1ca13346a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/wp-content/uploads/elementor/css/post-115.css?ver=1706034191
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2023 13:40:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 466641
etag: W/"655378ce-3b0c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2BS5ZCZGaiqOQCeRIVhvLEt%2FdXNPLeBPCZAjLhCo2eRPkdeB4ahL0%2Fsq%2Fny33k4OXYT6lx7SepahWiHiyHl3yuo6Dh9GYP5VQEkt7L7aVzkkTchlyZ6d%2Fnhy775%2B6olwf4qITeDh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d4c0f9e6aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v15/ 36 KB
37 KB 122ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://us.seucartao.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 13:27:45 GMT
x-content-type-options: nosniff
age: 353267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36848
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 23:58:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 13:27:45 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 163ms
81ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://us.seucartao.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 07:48:42 GMT
x-content-type-options: nosniff
age: 373610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 07:48:42 GMT

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/fonts/ 128 KB
128 KB 39ms
39ms Font
font/woff2 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/fonts/bootstrap-icons.woff2?2820a3852bdb9a5832199cc61cec4e65

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bacd70afda7da1deac2bbd49b5717a4dd133bcd59c379525d705b8492f678e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/bootstrap-icons.css
Origin: https://us.seucartao.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 May 2024 15:35:32 GMT
x-content-type-options: nosniff
age: 211565
x-jsd-version: 1.11.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 130608
x-served-by: cache-fra-etou8220105-FRA
x-jsd-version-type: version
etag: W/"1fe30-0zcUywg26p6+AvTMwigGWTkDFno"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rP2Wp2ywxg089UriCZaSExd86J3t9jz86MvyyKy58Q.woff2
fonts.gstatic.com/s/dmsans/v15/ 39 KB
39 KB 199ms
116ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v15/rP2Wp2ywxg089UriCZaSExd86J3t9jz86MvyyKy58Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5042714b45298a9022f0f1e03cee6b117bd00104760945d9bfef6f7b9c6a86d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://us.seucartao.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 07:56:40 GMT
x-content-type-options: nosniff
age: 373132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39656
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 07:56:40 GMT

GET
H2 200 iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 9C94 0
0 135ms
54ms Document
text/html 2606:4700::6810:8041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.seucartao.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 2419356
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 88233d4d3b994db6-FRA
content-encoding: br
content-type: text/html
date: Sat, 11 May 2024 15:35:32 GMT
expires: Tue, 11 Jun 2024 15:35:32 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 142ms
48ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:32 GMT
content-encoding: gzip
via: 1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P10
age: 14
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 88233d4dfcf69034-FRA
x-amz-cf-id: paTN7byaYU5yStFQSofQiKU6S2w3BbROvO_h9TWbm4GO40ti7S-C_A==

GET
H2 200 / Show response
prism.app-us1.com/ 246 B
495 B 306ms
213ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=28490630&u=https%3A%2F%2Fus.seucartao.online%2Fbank-of-america-travel-rewards-p1%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DFIRSTNAME%2520%252C%2520you%2520did%2520it%2521%26utm_campaign%3Dcampanha-id020-09-05-ENGJ

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.27

Resource Hash

c32bc1236dc955c7153a33092a326209a249a18736f73aebd6973da89d3fcb07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.27
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 60
cf-ray: 88233d4ee9ae973c-FRA

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 261ms
161ms Script
text/javascript 2606:4700:4400::ac40:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=28490630&prismid=1053a943-1814-4a04-9b8c-0873138e6bc7&url=https%3A%2F%2Fus.seucartao.online%2Fbank-of-america-travel-rewards-p1%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DFIRSTNAME%2520%252C%2520you%2520did%2520it%2521%26utm_campaign%3Dcampanha-id020-09-05-ENGJ
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.27
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.27
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 11
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 88233d50d8982c56-FRA
content-length: 0

POST
H3 200 admin-ajax.php Show response
us.seucartao.online/wp-admin/ 1 B
733 B 323ms
322ms XHR
text/html 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.seucartao.online/wp-admin/admin-ajax.php

Requested by

Host: us.seucartao.online
URL: https://us.seucartao.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin, same-origin, strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://us.seucartao.online
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iL5uXoUMV57k3jdHWH0qomZXI%2BFUdi0%2BgWgIXuxs%2FBYIj1TQ0K7JCUGRtBvAbmkzraYlKyUC5YmccS5l3ZnoVQGyKzba%2BmNGsqPA7QZH%2FNzrIQNUd3CYVh%2FBprhi4xiPKFrH9uyT"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 88233d518cd56aeb-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
us.seucartao.online/wp-includes/js/ 18 KB
5 KB 666ms
666ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 03 Apr 2024 01:10:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660cac6b-4926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2idTZ8NP772HJx%2Bpg65lD%2Fonadh17JT8nYO%2BVfxP5xc1T%2FVRqez9vIg3A%2FmQW3oez5vZV04fhN3jEceKJLB2j2yB4V73yNHVrI7zxxtpPzwfpFL18lJAKwi8vJ5lGHC0P25t3qfF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d51acec6aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 94 KB
29 KB 174ms
80ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: us.seucartao.online
URL: https://us.seucartao.online/wrapper.js?v=4.1233

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

94cf103709c86feeedd4df723fd9fa933bf8da5c4a629706c85c53d0e6be6321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30062
x-xss-protection: 0
server: cafe
etag: 710 / 19854 / m202405070101 / config-hash: 18132992232683648774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 11 May 2024 15:35:33 GMT

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
us.seucartao.online/wp-content/plugins/elementor/assets/js/ 1 KB
1 KB 52ms
52ms Script
application/javascript 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: us.seucartao.online
URL: https://us.seucartao.online/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.18.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d191094291904cb0410cf3a475ea46eee6573c0922cc204759445e326d6d9233

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19756
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 18:22:47 GMT
server: cloudflare
etag: W/"65b003f7-550"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wX2f4xMujD5OMSwG2sr2YLyLEltM%2FnD5S8wDA%2BtiVjp0SFv2SeQS%2B565O7yiWRDgtse0TpGFrRyAhxIjiO7Rsvg6P2ZxTaWhthKOZOrKuGBh6jKTML8gtXblSA0qtB7GulXMvklZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d51cd026aeb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/ 454 KB
142 KB 39ms
39ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c7ac81c55a965d1a4348e5826a27f4c6c6a0ad079cf71acab65cd0e73bd310a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 11:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15047
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144987
x-xss-protection: 0
server: cafe
etag: 13401559270175520828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 11 May 2025 11:24:46 GMT

GET
H3 200 tracker Show response
a3tech.online/api/ 99 B
734 B 1246ms
1177ms Fetch
application/json 172.67.133.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a3tech.online/api/tracker

Requested by

Host: us.seucartao.online
URL: https://us.seucartao.online/wrapper.js?v=4.1233

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.133.53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40075d87778598426549ccde89965c4382e23fb8d9e81d7a01d5b19dd4110137

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only, master-only
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
referrer-policy: same-origin, same-origin
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 59
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: private, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i04xKFSgDJCHMK%2F8Z0RGee39KdUif3wklUQVXSgddqAMxHPf933JOrcfHpP7VFYQ34pWfUwtJJI4kevMkax7XnfBZCoqVF%2BOBSyhkBOlf9i7KjsHEqJu3m89DvYeyLgo"}],"group":"cf-nel","max_age":604800}
x-ratelimit-limit: 60
cf-ray: 88233d5379362bc7-FRA
x-frame-options: SAMEORIGIN, SAMEORIGIN
expires: -1

GET
H3 200 us-seu.json Show response
pr.a3studio.online/ 3 KB
1 KB 728ms
640ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pr.a3studio.online/us-seu.json?x=34073819.0103549

Requested by

Host: us.seucartao.online
URL: https://us.seucartao.online/wrapper.js?v=4.1233

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79a15b8ef380c47ea00f6e01d58f016a720fb4917a2bce1d0b35ae110defdc56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 11 May 2024 15:30:39 GMT
server: cloudflare
etag: W/"663f8f1f-bff"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Mi3ouRk%2Fg7M9QHXmt2mUrsw0PysdMUYsFplRsNoHntPCi%2BVqvCF%2B9pkR2ytBjoYQ%2FGWaHqpK9i%2B8k99DDjj572bhZTISBpwUjUu2hy4IlwJDBhPv3qWLqgxdXTr5bqfpx9f19o%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 88233d538ca63643-FRA

GET
H2 200 22969224836 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 164ms
59ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22969224836?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bffe343b46f9bac4e4c8a8f52406cf5c2105751ba4b67614ec86c061745d3591

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ssFyQi5vayncGmHSUjzwIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-ssFyQi5vayncGmHSUjzwIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0JBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQF3VfYK0C4p2LL7AeBOJVRy6wbgLi9s8XWGcC8Xf2i6z_gViIh-Pogn8b2QQOTJ89h1lJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDUwFLPwDi-wAAA1x5HLA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXYiecsmXw8IfoeTGxpAE--_cuiKJpxfnbXIWVyVIxR7epSwYoCcemKbVOn-iSTpN2RTeTbXtPqCLtTHSpUUCbIg_QRP5J6-45bG_OLcjAM7ebdD-gFWQs3DmNLfOaopgE2-3sheQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 121ms
46ms XHR
text/html 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXYiecsmXw8IfoeTGxpAE--_cuiKJpxfnbXIWVyVIxR7epSwYoCcemKbVOn-iSTpN2RTeTbXtPqCLtTHSpUUCbIg_QRP5J6-45bG_OLcjAM7ebdD-gFWQs3DmNLfOaopgE2-3sheQ==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMzx4Y2cn823kWaNLHhQW6izPhJecA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1Ie2BhOcMMz2Gf3Kn1gSjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1Ie2BhOcMMz2Gf3Kn1gSjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1pBicEqfwRoAxELcHMcW_NvIJjBjRbuSkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDWw1DMwjy8wAACBtyHs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://us.seucartao.online
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWzxms_d4UG3AtCp270QO5xoVTHaXBWkKcRlfVKpiDhb_P1QEhxgv6vxWn20_I1Skp01OyUfyYV1PYB_6gYvJ9ehL-8XOgwn2UXqTJ6Qb2fw9qwuFjWuNKi9YAPgjeqMzjZ7VNdlQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWzxms_d4UG3AtCp270QO5xoVTHaXBWkKcRlfVKpiDhb_P1QEhxgv6vxWn20_I1Skp01OyUfyYV1PYB_6gYvJ9ehL-8XOgwn2UXqTJ6Qb2fw9qwuFjWuNKi9YAPgjeqMzjZ7VNdlQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NDQxNzMzLDk3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly91cy5zZXVjYXJ0YW8ub25saW5lL2Jhbmstb2YtYW1lcmljYS10cmF2ZWwtcmV3YXJkcy1wMS8iLG51bGwsW1s4LCJhVWRtYUlqRDNqVSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFs3LCI2Il0sWzExLCJbXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1812f8f013951a85908ef7ea4d02dc4f2ab89211e26b8cd835299ac8c249acc9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-C3sTW0zqaphM632mibvEdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-C3sTW0zqaphM632mibvEdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw0pBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQF3VfYK0C4p2LL7AeBOJVRy6wbgLi9s8XWGcC8Xf2i6z_gbjM8SJrHRALcXMcW_BvI5vAht5udiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA1MDSz0D4_gCAwDceUme"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 seucartao22cinzall-150x150.png
us.seucartao.online/wp-content/uploads/2024/01/ 6 KB
6 KB 664ms
664ms Other
image/png 172.67.154.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.seucartao.online/wp-content/uploads/2024/01/seucartao22cinzall-150x150.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.154.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d2761a5f87476c2a775881859edf56e0a30532a4ce736ca69dcb04ab3a6dfe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 19:57:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65aec8b6-1746"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5whGO4evY3MubIrpLypGStoDOFO%2FYvvPybQd21q3sOma56R3aOUerIn%2F6Zc9tZN2a2hM6hXR2As6MVLT1v3ySt5T6f%2FrpwSqM5crOL1xhLybtwWSpxfgA5ud1fDUEXhenhU0O%2F16"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88233d55f84c6aeb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bci-ads._120_60. Show response
fundingchoicesmessages.google.com/f/AGSKWxWjMSpFSqJG0NE-rbdk6XkVmZdbKren0eThzjzkXTMxPJ_vdxWoCTufMWoaP4RHetKUZ__Xy7f1f0iQ9Yd4d4nqsO8iNI2sn099N0Hf2kvwKsNG-h4BB4HlR7M1_WxHDhTbKptPO72rI9IjZ-OYZIOncPDMr... 54 B
110 B 59ms
59ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWjMSpFSqJG0NE-rbdk6XkVmZdbKren0eThzjzkXTMxPJ_vdxWoCTufMWoaP4RHetKUZ__Xy7f1f0iQ9Yd4d4nqsO8iNI2sn099N0Hf2kvwKsNG-h4BB4HlR7M1_WxHDhTbKptPO72rI9IjZ-OYZIOncPDMrwrG0YfLGlPFQOHAharU31psWVBmsqj3/_=120x600,/adinsertjuicy._800x80_/bci-ads._120_60.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.aUdmaIjD3jU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyK3kmh64KbRKVCDfZg-urz2R_hUA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

c3ce93f5c5d038b0bc19bd3229180022435d06c906c7342650c07d755a768b0e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3_30zFuw1JKrHhyi1uEheg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3_30zFuw1JKrHhyi1uEheg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1JBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEId19grQLinYsvsB4E4lVHLrBuAuL2zxdYpwPxN_aLrP-AWIiH49iCfxvZBF78v3yOSUkjKb8wPjk_r6QoM6m0JL8oLTkttTi1qCy1KN7IwMjEwNTAUs_AOL7AAAAD10gh"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 118ms
38ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

62a1a9353e0a801bcb282cf9149842e5fed815b85ce92d2c6cc7731a32f0f227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24217
x-xss-protection: 0
server: cafe
etag: 1570753379814192630
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 11 May 2024 16:23:48 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXYiecsmXw8IfoeTGxpAE--_cuiKJpxfnbXIWVyVIxR7epSwYoCcemKbVOn-iSTpN2RTeTbXtPqCLtTHSpUUCbIg_QRP5J6-45bG_OLcjAM7ebdD-gFWQs3DmNLfOaopgE2-3sheQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-B3V3yXouTnQHuBesAxSibw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-B3V3yXouTnQHuBesAxSibw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1pBicEqfwRoAxEI8HMcW_NvIJtDwc9NpJiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqYKlnYB5fYAAA1I4i9A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://us.seucartao.online
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXYiecsmXw8IfoeTGxpAE--_cuiKJpxfnbXIWVyVIxR7epSwYoCcemKbVOn-iSTpN2RTeTbXtPqCLtTHSpUUCbIg_QRP5J6-45bG_OLcjAM7ebdD-gFWQs3DmNLfOaopgE2-3sheQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ktfqr7aJWK-QYIhVy7Fsvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-Ktfqr7aJWK-QYIhVy7Fsvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0pBicEqfwRoAxEI8HMcW_NvIJtBwpfsVk5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTA1sNQzMI8vMAAAyhUizg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://us.seucartao.online
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXYiecsmXw8IfoeTGxpAE--_cuiKJpxfnbXIWVyVIxR7epSwYoCcemKbVOn-iSTpN2RTeTbXtPqCLtTHSpUUCbIg_QRP5J6-45bG_OLcjAM7ebdD-gFWQs3DmNLfOaopgE2-3sheQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4ZlC0_Ulm14dH0M_uLixGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4ZlC0_Ulm14dH0M_uLixGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1JBicEqfwRoAxEI8HMcW_NvIJnCgf14fs5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTA1sNQzMI8vMAAAtFUigA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://us.seucartao.online
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXYiecsmXw8IfoeTGxpAE--_cuiKJpxfnbXIWVyVIxR7epSwYoCcemKbVOn-iSTpN2RTeTbXtPqCLtTHSpUUCbIg_QRP5J6-45bG_OLcjAM7ebdD-gFWQs3DmNLfOaopgE2-3sheQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YFCi3lxPfrewcrIuNVT4SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YFCi3lxPfrewcrIuNVT4SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII1pBicEqfwRoAxEI8HMcW_NvIJtDQsLWfWcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGJgaWOoZmMcXGAAAp9YiUw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://us.seucartao.online
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVeGtI7Ix-zDUwm-rMST652VzExk2qIU1CQrzRTP74VwItaLXmsWTQ0KYTwz5G4GSEYlP9WXjQoDKVAzLHK7z-WKfPqkKs4pZwG9mAmWimEIX0ofMYPPKviVYH-opR9mSuCw2uePg== Show response
fundingchoicesmessages.google.com/f/ 80 KB
24 KB 77ms
76ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVeGtI7Ix-zDUwm-rMST652VzExk2qIU1CQrzRTP74VwItaLXmsWTQ0KYTwz5G4GSEYlP9WXjQoDKVAzLHK7z-WKfPqkKs4pZwG9mAmWimEIX0ofMYPPKviVYH-opR9mSuCw2uePg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NDQxNzM0LDgxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdXMuc2V1Y2FydGFvLm9ubGluZS9iYW5rLW9mLWFtZXJpY2EtdHJhdmVsLXJld2FyZHMtcDEvIixudWxsLFtbOCwiYVVkbWFJakQzalUiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbNywiNiJdLFsxMSwiW10iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

d255bd619ade5ef47c8385be18d859622442c94ba9f0d7cf30686acf5fdd3dcf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oXdIc8GOF27iiQbjDy0CHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-oXdIc8GOF27iiQbjDy0CHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII0JBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEId19grQLinYsvsB4E4lVHLrBuAuL2zxdYpwPxN_aLrP-AWIiH49iCfxvZBCY83TybWUkjKb8wPjk_r6QoM6m0JL8oLTkttTi1qCy1KN7IwMjEwNTAUs_AOL7AAADlN0dk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
234 B 666ms
239ms Ping
image/gif 2800:3f0:4005:408::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lw29ptwb&ctx=0&met.9=1.2vl~2.2z6
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:408::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 11 May 2024 15:35:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 165ms
87ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f06d5eabb94fc565e84a5a1ec3b7eedfffbc90d949e334b7b4a15a6e27251927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12389
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 56 KB
13 KB 1380ms
1309ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=139262107646809&correlator=3069191475058823&eid=31083344%2C31083348%2C31083354%2C31083362%2C31079525&output=ldjh&gdfp_req=1&vrg=202405070101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=22969224836%2Cus.seucartao.online%2Cus.seucartao.online_content1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C250x250%7C1x1%7C336x280%7C336x250&fluid=height&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1715441734842&lmt=1715441734&adxs=650&adys=323&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fus.seucartao.online%2Fbank-of-america-travel-rewards-p1%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DFIRSTNAME%2520%252C%2520you%2520did%2520it%2521%26utm_campaign%3Dcampanha-id020-09-05-ENGJ&vis=1&psz=416x-1&msz=416x-1&fws=0&ohw=0&ga_vid=38289300.1715441735&ga_sid=1715441735&ga_hid=2004756221&ga_fc=false&dlt=1715441731765&idt=1948&prev_scp=price_rule%3D50.00&cust_params=utm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_campaign%3Dcampanha-id020-09-05-ENGJ&adks=3360309698&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

11cb07865eb31bdd198ae6b5b46111a555520d097ae3a4a849c697ab64f91cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13153
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://us.seucartao.online
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a753a2a74e7717e761ae0ee929def9b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E6B 0
0 158ms
45ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a753a2a74e7717e761ae0ee929def9b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.seucartao.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 May 2024 15:35:34 GMT
expires: Sun, 11 May 2025 15:35:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 194 KB
53 KB 739ms
732ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=139262107646809&correlator=3069191475058823&eid=31083344%2C31083348%2C31083354%2C31083362%2C31079525&output=ldjh&gdfp_req=1&vrg=202405070101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=22969224836%2Cus.seucartao.online%2Cus.seucartao.online_offerwall&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fsfs=1&ists=1&fas=11&rbvs=1&sc=1&abxe=1&dt=1715441734911&lmt=1715441734&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&hl=en-US&tos=fc&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fus.seucartao.online%2Fbank-of-america-travel-rewards-p1%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DFIRSTNAME%2520%252C%2520you%2520did%2520it%2521%26utm_campaign%3Dcampanha-id020-09-05-ENGJ&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=38289300.1715441735&ga_sid=1715441735&ga_hid=2004756221&ga_fc=false&dlt=1715441731765&idt=1948&cust_params=utm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_campaign%3Dcampanha-id020-09-05-ENGJ&adks=2222511621&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a8b3c9d21081c06b5b5da8d0912dec25a3b87d752d1f8f995e75148e0b88e66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54264
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://us.seucartao.online
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 189ms
90ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 May 2024 15:35:35 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB8F 0
0 118ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.seucartao.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 11861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 May 2024 12:17:54 GMT
expires: Sun, 11 May 2025 12:17:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
a753a2a74e7717e761ae0ee929def9b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EE74 0
0 0ms
0ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a753a2a74e7717e761ae0ee929def9b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.seucartao.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 May 2024 15:35:34 GMT
expires: Sun, 11 May 2025 15:35:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ 109 KB
6 KB 53ms
53ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.aUdmaIjD3jU.es5.O/d=1/exm=ad_blocking_detection_executable,kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyK3kmh64KbRKVCDfZg-urz2R_hUA/m=web_monetization_wall_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

843f652c087bc9b665a72a705eadd1b7e8b345bd29594c6279ee4f8469506607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 May 2024 15:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 May 2024 15:35:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 May 2024 15:35:35 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://us.seucartao.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 20:31:45 GMT
x-content-type-options: nosniff
age: 414230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 May 2025 20:31:45 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXYiecsmXw8IfoeTGxpAE--_cuiKJpxfnbXIWVyVIxR7epSwYoCcemKbVOn-iSTpN2RTeTbXtPqCLtTHSpUUCbIg_QRP5J6-45bG_OLcjAM7ebdD-gFWQs3DmNLfOaopgE2-3sheQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WIOA-3vzMJWhxMQIIOSpXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 15:35:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WIOA-3vzMJWhxMQIIOSpXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0JBicEqfwRoAxEI8HMcX_NvIJvBhwZVFzEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDUwFLPwDy-wAAA30YjEw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://us.seucartao.online
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXYiecsmXw8IfoeTGxpAE--_cuiKJpxfnbXIWVyVIxR7epSwYoCcemKbVOn-iSTpN2RTeTbXtPqCLtTHSpUUCbIg_QRP5J6-45bG_OLcjAM7ebdD-gFWQs3DmNLfOaopgE2-3sheQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dY-mcjibV1u0myYz6Z004A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 15:35:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dY-mcjibV1u0myYz6Z004A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw05BicEqfwRoAxEI8HMcX_NvIJvDi0oNFzEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDUwFLPwDy-wAAA6w4jPw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://us.seucartao.online
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _b8BIqtFz-rS9ROIPRWOZyzWiihe4Unh_bcu1JRxhWzNJb3viRu8vqyp1TyBvkulWUQkjLLBxDm1yqg1F7zM-DOBoZxgMA4zWEgNrDryp5F1sxXgS9Z5eg=h60
lh3.googleusercontent.com/ 4 KB
5 KB 480ms
391ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_b8BIqtFz-rS9ROIPRWOZyzWiihe4Unh_bcu1JRxhWzNJb3viRu8vqyp1TyBvkulWUQkjLLBxDm1yqg1F7zM-DOBoZxgMA4zWEgNrDryp5F1sxXgS9Z5eg=h60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dfc1e39b6040cf8a8b94aba30d956282761cc9f62ef171f559c44d507f320ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 15:35:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4319
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 12 May 2024 15:35:36 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 42ms
40ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://us.seucartao.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 13:27:43 GMT
x-content-type-options: nosniff
age: 353272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 13:27:43 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
125 KB 46ms
44ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://us.seucartao.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:45:43 GMT
x-content-type-options: nosniff
age: 416992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 May 2025 19:45:43 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012404291353000/ Frame 9708 196 KB
56 KB 204ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404291353000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c4be780a30373a345a7b98b06e469a2786da9230a91c535c8642dfb77d57f47

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 May 2024 14:59:20 GMT
age: 88576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56106
x-xss-protection: 0
server: sffe
etag: "fc0281157a033ca6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 10 May 2025 14:59:20 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012404291353000/v0/ Frame 9708 15 KB
5 KB 279ms
114ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404291353000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a892ac14f8a5110763c6d9bd4743d66e3b69db246fd5540059b2e418f9bde3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 May 2024 14:59:20 GMT
age: 88576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5220
x-xss-protection: 0
server: sffe
etag: "c963bf303e97982c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 10 May 2025 14:59:20 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012404291353000/v0/ Frame 9708 95 KB
28 KB 280ms
115ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404291353000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023740dafad6ea2c6e50968f80e4a994ccff22989518edd4344bd09f2792e4a6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 May 2024 14:59:20 GMT
age: 88576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29041
x-xss-protection: 0
server: sffe
etag: "fdeeb42644b3bed3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 10 May 2025 14:59:20 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012404291353000/v0/ Frame 9708 5 KB
2 KB 276ms
112ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404291353000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8b9d4e9dfbeb3444a0e22c3cdaf6830a8a4801b3cb4bfbfae37df03c04296d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 May 2024 14:59:20 GMT
age: 88576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "d8b0416c8df3dbc0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 10 May 2025 14:59:20 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012404291353000/v0/ Frame 9708 40 KB
13 KB 264ms
99ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404291353000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc493a67c97cd871696372b348c0fc224b23549edb365e1da49fd28e216c7dd7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 May 2024 14:59:20 GMT
age: 88576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "24e71630b0cb8bd1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 10 May 2025 14:59:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9708 18 KB
2 KB 50ms
50ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

ac0de4b42abf65a70a248df54d442549060d9c7d478dbffcc975fa3b5b2eb2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 May 2024 15:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 May 2024 14:02:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 May 2024 15:35:36 GMT

GET
DATA 200
OK truncated
/ Frame 9708 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a01325b42a6b49f97da0af527953272d8b1103568a93d6f3477732551c9fc8b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 9708 2 KB
2 KB 39ms
39ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 13:43:11 GMT
x-content-type-options: nosniff
server: cafe
age: 6745
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 12 May 2024 13:43:11 GMT

GET
H3 200 icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 9708 295 B
319 B 40ms
40ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 14:23:55 GMT
x-content-type-options: nosniff
server: cafe
age: 4301
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 12 May 2024 14:23:55 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v59/ Frame 9708 33 KB
33 KB 39ms
38ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v59/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://us.seucartao.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 07:48:13 GMT
x-content-type-options: nosniff
age: 373643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34184
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 23:36:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 07:48:13 GMT

GET adview
pagead2.googlesyndication.com/pagead/ Frame 9708 0
0

POST
H2 200 nblk Show response
sbp.izooto.com/ 0
94 B 350ms
252ms XHR
text/plain 2606:4700::6810:ff40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sbp.izooto.com/nblk
Requested by: Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 11 May 2024 15:35:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 88233d66eb09913a-FRA
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9708 42 B
65 B 73ms
73ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLR27QxDU8xEbDBzoR6W5gxgE0c02WwPFarDNClEAH_YzXCIO2XSeiznJtwePgAAiOgDbjdO1kXAapNbOn5UxZnAHJmrJNM23uOZcahM51eWBMvwSozwIbO56KNhktFGdhV7hIsunYpCCOe7I2ec_g1TOkFXN9wCgGObE0ZRo&sig=Cg0ArKJSzPjC76zVqnyvEAE&id=ampim&o=592,346&d=416,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=327&tls=1327&g=100&h=100&tt=1327&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=124.0.6367.201&uab=64&uafvl=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.seucartao.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 11 May 2024 15:35:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405070101&jk=139262107646809&bg=!UFOlUxzNAAZxHNKdURw7ADQBe5WfONe3TnZo-y26C38CQvQawYfJI9385sTPLkKMx0DNWM-lsad674QyN67aERqFhjBhAgAAADJSAAAAAWgBB34ANYIfxTt9D2q2EVvCDcYLBFsSJuDa3NbGdgCQNxBSGJmsD0uqXPRHzsXJyibYBmDXHYoydWEBmQKfXze1kIeDGCP4gboskunNU3CLPmGHfyS1qBfehHKmiLTZ0br4v-LsJhOhdfOepCEyrNc-xjubDENd5x2Sx-JfRRvFhaBL59xHsXy-Xs5ui6UE_pBeJi26pj5Up6RjhtpQo52P6GRAub2SAAq8eJZiA5Dg_K3Wjp0EkaNweFD6HeMa0qb1--ZRxcduWKHwYvF8r4fG79IyzIsp_EAT4QfCwQfIVJkEr2TEcFgAyW0zq7wKaRWi5_aQwtpukOj4gMftD648SI650JjcRgXLZz4RvMqctql3WlFy6lLyz2NZUSoqmT0uGWD8H8Zt37YG39J8wCJqkFG11GMEgK-Jarss6GYSBWphxmKrJEjlNAgdYSpugWU4uRP1lY8DWly6bQP_YIAA9WRL24SBHKpbA091NTOQRORU6kRGyVbGzhvwQiyW2I_SQuO2-bFQjeCmGfPN_0tnqeH7i5ptjUcdYHgva582g61uUE3ke6v2mHDvLdY3k8cFqm_beO63livPFwMtRc_FRTf4tDOPmq9kLLQnEg57pHsCWO1Nh5yf-da3fKQS9zwI-QY0zDyNflXIb0yOoKjzdqSHHs_hIjFA0wMRC_yV46cwxWg2avEE1JDJiSX8exRLt4CgkSJ5EImuByXjQx1WIM4VWN_nrNMlDjw445haZMNM07VxBUJGvpQDwxw_l7UxWm-JivjkTD0FBWMIpBgo0zGEsvlgeR2eyHqSaDsVUrcZ5Iq9NK7jl2siy84Rgwgos6_LqnN2Gp8ZuwwNXRS94iqapbqBzCnSEkiaaes2nYerx_EAtVTtdOSQfyD27aEDMbyxQ_2iqUXGz9QTa3BL8eGhbk-rrg2yph_Mnp7_SFZ2EhLhAOwdBdCjU214pUJVj7ZqNnxwgINGhH4

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/adview?ai=CNkYWR5A_ZqazI7mA1PIPsvSLqAfPh5Obd7C-isioEsOFs6eYDhABIIeUqp0BYJXqjoKcB6AB5Jqk0gPIAQGpAv0K2k70EbI-4AIAqAMByAMKqgTfAk_QmdhSquZ2cvKNuN2R1IhTO6sGB2QCXXPb6UTEEN9jJtEMba7MTY2rYOGqWWZczff-yME9tJxg8Si3z2gHvibUvAcJqmKpgwIHijcJliPiEunqTxX8PZIB3Vgb_DskzpN1fFyUZMWr2x_V-wowmwoiq9-uS6tjjOEWVmHzfjuj0h3xvVJUCNVjOR63iV2QtjavRCw-MMCn60bwVi96NxXfPeXP-r0B8zaz8ZjA82wc5re6UQxbPKUPu1yUfD4Nmw1jRNZgh44VW8X2gLagdrpaDRok4FKhBUBtWe3vWfG__7xGqzZxrmkYs_1Gpva3CjSSc4EY4gWibiQUVxfCYjje8cYvWedJ2IuYMcSLon3TRBfsVxqUPLkfIg5E5ZigCGdwSm2s9DZQJeK5jGAjA4McdkqtXnyYF1kkziCtVXZfU5FG8Lh4QTI0Up9aY5xq-RycldWkFXTZUL2_iIO818AE74jIkNsD4AQBiAW-6JjFNpIFBAgEGAGSBQQIBRgEgAeE5dstqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwUQ6OmZTtIIKgiR4YBwEAEYHTIH64uA4L-ADToIAICAgICAlChIvf3BOliTlPq59oWGA5oJ9QFodHRwczovL3d3dy5oYW5zZW1lcmt1ci5kZS9hbmdlYm90ZS9wcml2YXRlLWtyYW5rZW52ZXJzaWNoZXJ1bmcvcG0_YWRucj0zNjA0MzM3JmV0Y2NfY21wPVByaXZhdGUlMjBLcmFua2VudmVyc2ljaGVydW5nJTIwUGVyZm9ybWFuY2UlMjBNYXgmZXRjY19ncnA9JmV0Y2NfbWVkPVNFQSZldGNjX3Bhcj1Hb29nbGUmZXRjY19ia3k9JmV0Y2NfbXR5PSZldGNjX3BsYz0mZXRjY19jdHY9JmV0Y2NfYmRlPWMmZXRjY192YXI9e2djbGlkfYAKA8gLAeINEwiGv_q59oWGAxU5AFUIHTL6AnXYEwzQFQGYFgGAFwGyFx8KHQgAEhRwdWItNDgyNzI1MTU2MjcwNjk5NBjO5ZcBshgJEgKwUhgBIgEA&sigh=NRHQDqdycrY&uach_m=%5B%5D&ase=2&nis=5&cbvp=2

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.izooto.com/	1970-01-21 06:06:41	Name: IZCID Value: b123c98f-fed6-42c7-867d-76096ca54b89
prism.app-us1.com/	1970-01-20 21:13:53	Name: prism_28490630 Value: 1053a943-1814-4a04-9b8c-0873138e6bc7
.seucartao.online/	1970-01-20 21:13:53	Name: prism_28490630 Value: 1053a943-1814-4a04-9b8c-0873138e6bc7
us.seucartao.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: hudd9o68b01su0notfrs8bsroc
.seucartao.online/	1970-01-21 05:16:17	Name: FCNEC Value: %5Bnull%2Cnull%2C%5B%5B5%2C%22698%22%5D%5D%5D
.seucartao.online/	1970-01-21 00:49:53	Name: __eoi Value: ID=70f32776d86abd04:T=1715441734:RT=1715441734:S=AA-Afjb2f7rlXGX5St0f3Fywuqkf

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.seucartao.online/bank-of-america-travel-rewards-p1/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FIRSTNAME%20%2C%20you%20did%20it%21&utm_campaign=campanha-id020-09-05-ENGJ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3tech.online
a753a2a74e7717e761ae0ee929def9b1.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.izooto.com
cdn.jsdelivr.net
csi.gstatic.com
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
grecomvo.lt.acemlnb.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
pr.a3studio.online
prism.app-us1.com
sbp.izooto.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
trackcmp.net
us.seucartao.online
pagead2.googlesyndication.com
142.250.181.238
142.250.184.202
142.250.185.130
142.250.185.195
151.101.193.229
172.67.133.53
172.67.154.21
188.114.97.3
216.58.206.34
2606:4700:4400::ac40:992a
2606:4700::6810:8041
2606:4700::6810:ff40
2606:4700::6812:80d8
2800:3f0:4005:408::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2001
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a04:4e42:200::485
44.217.18.37
023740dafad6ea2c6e50968f80e4a994ccff22989518edd4344bd09f2792e4a6
07d2761a5f87476c2a775881859edf56e0a30532a4ce736ca69dcb04ab3a6dfe
11cb07865eb31bdd198ae6b5b46111a555520d097ae3a4a849c697ab64f91cf9
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
1812f8f013951a85908ef7ea4d02dc4f2ab89211e26b8cd835299ac8c249acc9
1c4be780a30373a345a7b98b06e469a2786da9230a91c535c8642dfb77d57f47
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1fa44e11b3633da31677571b8d79722f49e3a58d1770f8adf83fed7abbf1ad09
20edfbbe7c60d8e3562bdcda2dfca7ce7c2f7f55b67fe478904b9fc74a8d6c7d
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
260662dda999644617f0528cd8856dff06be79a08c922c8ad65f532abe417227
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
2ce3ebd350ebd822a95dfaf20c1826426e1185bf5f39eeaf454245fbf09e0740
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3c3c0ebe37e4fd4187131a0a8d039064a9014215c4b83199d909e7e0b2d7f450
3e584003b5c6df9bc2854b2775e527ef7240f3d1cae4047e9aa504cdfbc109f9
3f02d5dbc887487f7ec335183e5d341de9bf2b8140feafd1a5f01a110d526ff0
40075d87778598426549ccde89965c4382e23fb8d9e81d7a01d5b19dd4110137
437d2173a503fefc1557e3ff02150e54dd8f26a8dc76d96a9df520e992e54254
43a1639e9c2a26251797c2f35727aee7a8f9ba2b8468b9e7d621a88fc0915489
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5042714b45298a9022f0f1e03cee6b117bd00104760945d9bfef6f7b9c6a86d4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
59030c1e43382c635e9bb1fe82d4a89cc4bbd41ffbd0f6d112097eb1ca13346a
5b53e811e2f70aae99b19dde4e877b98382a294a0727b2c8ab788ba030e858c9
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5f9d3a91d5bbc09131900b7dc64ba4328bab03dc7221c5c2773397cb656bca18
5fb449f0366b75fa5bf229498e4f5b7102232b56ad1ae163ea06fb38bbf062a9
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a1a9353e0a801bcb282cf9149842e5fed815b85ce92d2c6cc7731a32f0f227
6350b877aedb48c35506948563f32b77e53386feef2acf7c27178f99efcb8449
64a530dad84560bcb259fc7a6872ad18cd9d2ccd66481ac68d0c1f8fad121344
6a01325b42a6b49f97da0af527953272d8b1103568a93d6f3477732551c9fc8b
6ecbdb2dc3f86c7ed142dce156d8f3ca1846b75bb512471935f45b8c8949645e
7637af59dd2d44ca992f292bed5087cc968e8bc997116c16239014b0acd1c8a7
76a892ac14f8a5110763c6d9bd4743d66e3b69db246fd5540059b2e418f9bde3
79a15b8ef380c47ea00f6e01d58f016a720fb4917a2bce1d0b35ae110defdc56
7b096cfae2525b059116d8b86e549bf6ae43fdcc78a90c72a3a42236d5caac52
7df5bb108fb45ffd903b10fa15e2c7b9b869898bce89408d06609b8e2441bd30
7f8b9d4e9dfbeb3444a0e22c3cdaf6830a8a4801b3cb4bfbfae37df03c04296d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
843f652c087bc9b665a72a705eadd1b7e8b345bd29594c6279ee4f8469506607
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8e604215fe4a988196d6b824554fad49143f7450349b4a2a285dad3faeba2f7b
90473a1a619e183dde264afd0632ecbaa69a98ce8a4ed8be947417e47a666670
942c9264f9de00fecac162d8f657d9d32a977882341f6ab66e8bf98dab5e1e76
94cf103709c86feeedd4df723fd9fa933bf8da5c4a629706c85c53d0e6be6321
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a8b3c9d21081c06b5b5da8d0912dec25a3b87d752d1f8f995e75148e0b88e66c
a92cd845b0439455ce0d0b33f29b30a4787c42c9224c38a1ce2bf0482f1b05c5
ac0de4b42abf65a70a248df54d442549060d9c7d478dbffcc975fa3b5b2eb2a0
b9616f06873f843a28d209c2525b1f3cc56310a94f2c7e2cbfc1cd593cd0f093
ba8bea6a6bbbb634afd80fa6128f556a2d09331a9b5e14754d134c43748d5dcd
bacd70afda7da1deac2bbd49b5717a4dd133bcd59c379525d705b8492f678e95
bb6fd8cd85394cb367e8ac58e47292f2d68eb288fa12fab68e65430a5ddfce48
bc82aa458fda78aa5f5f28fbb780bfcca83595fa395fad19619a2de2af535729
bedaca888c335196a7df2bc741a5b17f9b277126147e3412f73c11d90da00518
bffe343b46f9bac4e4c8a8f52406cf5c2105751ba4b67614ec86c061745d3591
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c32bc1236dc955c7153a33092a326209a249a18736f73aebd6973da89d3fcb07
c3ce93f5c5d038b0bc19bd3229180022435d06c906c7342650c07d755a768b0e
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
c7ac81c55a965d1a4348e5826a27f4c6c6a0ad079cf71acab65cd0e73bd310a8
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc493a67c97cd871696372b348c0fc224b23549edb365e1da49fd28e216c7dd7
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d191094291904cb0410cf3a475ea46eee6573c0922cc204759445e326d6d9233
d255bd619ade5ef47c8385be18d859622442c94ba9f0d7cf30686acf5fdd3dcf
dfc1e39b6040cf8a8b94aba30d956282761cc9f62ef171f559c44d507f320ab2
e311a93fce7b4374e56693db38b38bbd39b771cdcff5dda8ad07b497e66855bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
ea14d1b1233e6cbc9b1a156ac532f076f7adafc309726fca7bf8833f882ac872
ea420d765b3a2def39c1b5ae6ec17b209cd156ab21fa8a8716159bb05ed655e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06d5eabb94fc565e84a5a1ec3b7eedfffbc90d949e334b7b4a15a6e27251927
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7d8508343661586bec8cb3a8711db04d76babba8eb10c4500406bdbff6fe96a
f7e5b0c06ee5bbc14d3e9e9f3055b8108bab899e37aec44a227485f3c3624cee
fa3bcbd35f161e493a8bb7587d083520bed8e50143df5471e9048a8e6359113f
fd319d2e96afcb9c7499d3301c77e3829c6099967341d70b7afbc00a60fcfb13

us.seucartao.online Open in urlscan Pro 172.67.154.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

97 %HTTPS

57 %IPv6

15 Domains

20 Subdomains

23 IPs

4 Countries

1704 kBTransfer

4388 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

us.seucartao.online Open in urlscan Pro
172.67.154.21 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

97 %
HTTPS

57 %
IPv6

15
Domains

20
Subdomains

23
IPs

4
Countries

1704 kB
Transfer

4388 kB
Size

6
Cookies

104 HTTP transactions
2 data transactions