utua.com.br Open in urlscan Pro
2606:4700:10::ac43:1b40 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&...
Submission Tags: @phish_report
Submission: On August 30 via api (August 30th 2023, 1:29:23 pm UTC) from FI — Scanned from FI

Summary HTTP 131 Redirects Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 26 domains to perform 131 HTTP transactions. The main IP is 2606:4700:10::ac43:1b40, located in United States and belongs to CLOUDFLARENET, US. The main domain is utua.com.br. The Cisco Umbrella rank of the primary domain is 723431.
TLS certificate: Issued by E1 on July 18th 2023. Valid for: 3 months.

This is the only time utua.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:10:... 2606:4700:10::ac43:1b40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:3e00:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	52.222.139.100 52.222.139.100	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
6	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	52.31.175.73 52.31.175.73	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3 4	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2001:4860:480... 2001:4860:4802:32::35	15169 (GOOGLE) (GOOGLE)
1 2	52.19.229.56 52.19.229.56	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
4	2600:9000:21f... 2600:9000:21f3:b200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:1ac... 2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
131	42

4 2606:4700:10::ac43:1b40 (United States)

ASN13335 (CLOUDFLARENET, US)

utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:29 (United States)

ASN13335 (CLOUDFLARENET, US)

bucket.utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:551 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.begrowth.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
location.begrowth.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:3e00:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-100.ams50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.175.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::35 (United States)

ASN15169 (GOOGLE, US)

growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.229.56 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-229-56.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:b200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 150 pagead2.googlesyndication.com — Cisco Umbrella Rank: 107	231 KB
20	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 stats.g.doubleclick.net — Cisco Umbrella Rank: 87 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 237 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371	281 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 884 static.adsafeprotected.com — Cisco Umbrella Rank: 607 dt.adsafeprotected.com — Cisco Umbrella Rank: 579	137 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 405	219 KB
10	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3238 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	83 KB
5	utua.com.br utua.com.br — Cisco Umbrella Rank: 723431 bucket.utua.com.br	35 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	2 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 426 mug.criteo.com — Cisco Umbrella Rank: 2631	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1329 google-bidout-d.openx.net — Cisco Umbrella Rank: 1333	811 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
2	run.app growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app	67 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	114 KB
2	google.fi www.google.fi — Cisco Umbrella Rank: 34958	515 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 809 bcp.crwdcntrl.net — Cisco Umbrella Rank: 776	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 755 id5-sync.com — Cisco Umbrella Rank: 400	27 KB
2	begrowth.com.br assets.begrowth.com.br — Cisco Umbrella Rank: 945293 location.begrowth.com.br	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	169 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	35 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1732	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1403	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 603	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1404	8 KB
131	26

	Domain	Requested by
19	tpc.googlesyndication.com	utua.com.br securepubads.g.doubleclick.net 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
18	pagead2.googlesyndication.com	4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com pagead2.googlesyndication.com utua.com.br googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
6	region1.analytics.google.com	www.googletagmanager.com
6	securepubads.g.doubleclick.net	utua.com.br securepubads.g.doubleclick.net
5	dt.adsafeprotected.com	4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
5	googleads.g.doubleclick.net	4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com utua.com.br pagead2.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	static.adsafeprotected.com	4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com srcdoc
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.google.com	2 redirects tpc.googlesyndication.com
4	fonts.googleapis.com	utua.com.br securepubads.g.doubleclick.net 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
4	utua.com.br	utua.com.br
3	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	utua.com.br 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
3	4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
2	growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app	assets.begrowth.com.br
2	www.googletagservices.com	4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com utua.com.br
2	gum.criteo.com	1 redirects static.criteo.net
2	www.google.fi	utua.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	oajs.openx.net	1 redirects utua.com.br
2	www.googletagmanager.com	utua.com.br www.googletagmanager.com
1	s0.2mdn.net	4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
1	location.begrowth.com.br	assets.begrowth.com.br
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	utua.com.br
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	assets.begrowth.com.br	utua.com.br
1	bucket.utua.com.br	utua.com.br
131	42

This site contains no links.

Subject Issuer	Validity	Valid
utua.com.br E1	`2023-07-18` - `2023-10-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-25` - `2024-05-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
begrowth.com.br GTS CA 1P5	`2023-07-15` - `2023-10-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.id5-sync.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.a.run.app GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Frame ID: F59350822CB1449922ACCE48DA583C4D
Requests: 42 HTTP requests in this frame

Frame: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D20F5CBF14477D0A21C1BED9C0227128
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=utua.com.br
Frame ID: 27027AF0843400DD44704CABE186AAF5
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 38B472E9D5807C7C21133F57BFDBB12E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: FB9D9AFDF2676AD6CD146AAF90D69BDF
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: B2430E2FE003F1A25B67964875490EDE
Requests: 12 HTTP requests in this frame

Frame: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 436069CF528F28EC61E00FE0691C3A11
Requests: 27 HTTP requests in this frame

Frame: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3F36B1BD91CE51CB26539E414FAAAA41
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMunu4wDEPjajI4DGLm4zvABMAE&v=APEucNVyp7F4wQ16GkSk1vZgyEsF0WuiM8xLbQ9fD-vhESJ9sniVUr6RBCxrrxKzlr58an_STIdqY8vpi5Q9Bke7EEPttNuy_Q
Frame ID: 4B7DA7A66A9101684AD035BAC55E8534
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DC30ABD372B4AD9EF5CC2D79200B2217
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4D47FFE5D767AF320931EAFB7191C44B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js
Frame ID: F7FE67DFA96B38EA1438866188D8FF64
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C4463BAA7B0AF3A54D5035302BFA9E20
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 34E2532FA6ABB279986A062D7765E0C5
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_300x600.js
Frame ID: 3D40636C66BA7956757321E23CD3E33B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4B456E111EA5F991B3AF5217A4B78AE7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D512CEEF265002E23ECD328E793FE82C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Solicita tu Crédito Crediplan del Banco G&T Continental

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

131
Requests

94 %
HTTPS

68 %
IPv6

26
Domains

42
Subdomains

42
IPs

6
Countries

1424 kB
Transfer

4079 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&rid=esp&cc=1

Request Chain 29

https://gum.criteo.com/sid/json?origin=publishertagids&domain=utua.com.br&sn=ChromeSyncframe&so=0&topUrl=utua.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=g6Hz0XxPbmlpNlcvYUZtZm8va1g2ejUzVnpDbnV6ZHFnSGhGczROeG9rNXBBTGhIZkVndy9wOW1YenkxSWFxRm8xS084UUZnRjN5bUMxLzRBK3BiMytCeE5ZdjMxSm5OM082YVNpZVk5YktDYzRVZzNycnU1M0dLNSswNGIxSVlIUWQrSkxHbjZtMTNyNnVLTFdTTWt4YnpwdUNDVlF2dUJodXRxOVNmVkNOeW5XeEVwSENrS3BOY2h2NGdPNzcvYXFlVjdWQ0F1V3dkOXViU2N4cWpJRTczd0hpU2NPVEtpV1hJeWhwdGRkQnRSbG9mekpCREpVUEJjakU5amwwZ1hkWnNBa2xkbGZEaXFHWHdoWllXM0xBTEtVUT09fA&cppv=2

Request Chain 80

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMWzVOPoqyAKwEf4RV8alTA&google_cver=1

Request Chain 85

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO9ELtx3axOV6flykU5qPwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIKJZp-lhNSNFO4jTQzFHhw&google_cver=1

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEmj309jp-03G82WUBNo7Ks&google_cver=1

Request Chain 87

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM3NDU2NzA5MDY0NjQ5NjU4MA%3D%3D

Request Chain 105

https://fw.adsafeprotected.com/rfw/st/1563689/72635399/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013465714&ias_pubId=pub-1757064723917999&ias_chanId=1&ias_placementId=20363147696&bidurl=https://utua.com.br/gt-emp-gt-crediplan-p1/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ifb1mbAg9xSD9YrpSfvIRt&adContainerId=gcc_LkTvZLvGGoq1-gaNoqXQBQ&cbFunctionName=goog_wrapCb_LkTvZLvGGoq1-gaNoqXQBQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Futua.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Futua.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:aad32586-1a48-5d8c-98d1-2a7564f5a03b,c:mMWCUc,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-68f67cd888-dth9t,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tOqiSQe+11%7C12%7C13%7C14%7C15%7C16*.1563689-72635399%7C161%7C1621%7C1711%7C1712,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:23,oid:38dcda96-4739-11ee-bd34-b21dc13447b1,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

131 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
utua.com.br/gt-emp-gt-crediplan-p1/ 67 KB
16 KB 976ms
679ms Document
text/html 2606:4700:10::ac43:1b40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1b40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: baabe841a183f789441505ad8d2db2ebc7ef4327f1ed1df9b3833ce62b2288e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=300
cf-cache-status: MISS
cf-ray: 7fed61b0aad7d957-HEL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 13:29:16 GMT
last-modified: Wed, 30 Aug 2023 13:29:16 GMT
link: <https://utua.com.br/wp-json/>; rel="https://api.w.org/" <https://utua.com.br/wp-json/wp/v2/posts/24678>; rel="alternate"; type="application/json" <https://utua.com.br/?p=24678>; rel=shortlink
server: cloudflare
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-cloud-trace-context: d95dd6058bc99e72e976e2b6cfe6af9b
x-powered-by: PHP/7.4.33

GET
H2 200 css2
fonts.googleapis.com/ 848 B
827 B 203ms
71ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans&display=swap

Requested by

Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b7b259a87df556c5752105da739eaaf0142a9b2c83fec6fd092501f90bc5817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 13:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 12:30:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 13:29:16 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 309ms
148ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f085eacb16e19b129f0270067e1dc18499edbb2d58764be3a1da3da491c40a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29267
x-xss-protection: 0
server: cafe
etag: 788 / 19599 / m202308240101 / config-hash: 3287751012361123362
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 13:29:16 GMT

GET
H2 200 classic-themes.min.css
utua.com.br/wp-includes/css/ 291 B
311 B 205ms
204ms Stylesheet
text/css 2606:4700:10::ac43:1b40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1b40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:16 GMT
via: 1.1 google, 1.1 google
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Jul 2023 17:03:10 GMT
server: cloudflare
etag: W/"123-600756c650f80-gzip"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: 630ad452cedb9173b66cdde75112d455
cache-control: private, max-age=300
cf-ray: 7fed61b4fb8fd957-HEL
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.post.css
utua.com.br/wp-content/themes/clean-n-beauty-theme/css/ 25 KB
6 KB 215ms
214ms Stylesheet
text/css 2606:4700:10::ac43:1b40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/style.post.css?ver=30082023102915
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1b40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0f4a91fcfd33700f0038f09a0e1999632b45a664f5134de0016fd5c6f453f1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:16 GMT
via: 1.1 google, 1.1 google
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Jul 2023 17:03:09 GMT
server: cloudflare
etag: W/"649f-600756c55cd40-gzip"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: de41a5b9224a3fb1b825a3ff289c8b5f
cache-control: private, max-age=300
cf-ray: 7fed61b4fb91d957-HEL
alt-svc: h3=":443"; ma=86400

GET
H2 200 8bdc8496-continental-442x332.png
bucket.utua.com.br/img/2021/12/ 9 KB
9 KB 1512ms
1409ms Image
image/png 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2021/12/8bdc8496-continental-442x332.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f39e493d44f1322c379953233b13fd5bafeb1445796750813f957310d567d764

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:18 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdtEy61Wogz9YVcXRkuX4qH3VIq3uZ5MtT2-DwbD_YhJGEF0itog20AjN1KAo6CxJmJXNL6uJ6NnRXvHwygvkelaLo8pCR0Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 8752
x-goog-meta-height: 332
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Tue, 25 Oct 2022 21:29:18 GMT
x-goog-meta-child-of: 27155
server: cloudflare
etag: "118d23d3e7a116cdf6618c3be1b9f592"
vary: Accept-Encoding
x-goog-generation: 1666733358568657
content-type: image/png
x-goog-hash: crc32c=cALf3g==, md5=EY0j0+ehFs32YYw74bn1kg==
x-goog-meta-width: 442
cache-control: public, max-age=36000, must-revalidate
x-goog-stored-content-length: 8752
accept-ranges: bytes
cf-ray: 7fed61b6ead54c7c-HEL
x-goog-meta-size: img-442
expires: Wed, 30 Aug 2023 23:29:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 266 KB
86 KB 218ms
87ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71ac7258a5b4c47c7dd590c016dd547d4a2792a125e367a342a2780efa30c854

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87419
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Aug 2023 13:29:16 GMT

GET
H2 200 growthcontrol-lite-ltv.build.js Show response
assets.begrowth.com.br/growthcontrol/ 72 KB
19 KB 1721ms
1432ms Script
text/javascript 2606:4700:20::681a:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be9717ba973ccaabdd9e2038a32145503c8358a01125498b8774db6354a0a40

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:18 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdu49EbbxV5l8n395wvIxMVbVFYmMQT6GKXArqY2LWh_4K6fTUu7SfGlJZVACLxGJLMIJqrjvsfDX17n9QAkdWRKXWtERIsx
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Fri, 17 Mar 2023 19:37:01 GMT
server: cloudflare
etag: W/"bdee3d3f971900ba215ddd16446ef924"
vary: Accept-Encoding
x-goog-generation: 1679081821460101
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=ur+DTg==, md5=ve49P5cZALohXd0WRG75JA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8CJOqyRXPsCKVHrKPVWsiCs1xOkYK%2BK2DPswe4yZlShNQtNWM5dVyAQHRuCA00t3NHew2dh2XV3lFaRCEbs4DmGN7K8FSjT85gKFPLPOoUQ41Mv9fhi04zH71TOqx6pTMqstxfCFkFQ5EVLLHsw1dmCHwI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 73954
cf-ray: 7fed61b81e663766-HEL
expires: Wed, 30 Aug 2023 13:30:17 GMT

GET
H3 200 spritesheet.png
utua.com.br/wp-content/themes/clean-n-beauty-theme/images/ 3 KB
4 KB 194ms
194ms Image
image/png 2606:4700:10::ac43:1b40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/images/spritesheet.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/style.post.css?ver=30082023102915
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b5ed98c1c669333e381edd9834e3ed35c578bb0347884887526ff53d3082d6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/style.post.css?ver=30082023102915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:16 GMT
via: 1.1 google, 1.1 google
cf-cache-status: MISS
last-modified: Fri, 14 Jul 2023 17:03:09 GMT
server: cloudflare
etag: "def-600756c55cd40"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 949fa6045a43e69d83b62937f4bd2866
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 7fed61b649f6376e-HEL
alt-svc: h3=":443"; ma=86400
content-length: 3567

GET
H2 200 rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2
fonts.gstatic.com/s/dmsans/v14/ 14 KB
14 KB 191ms
60ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b99e2ac0acd1e779f2db8aa9fc92e5901207ad6150689a5318163a70ee667157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://utua.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:42:00 GMT
x-content-type-options: nosniff
age: 71236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14132
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 22:06:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 17:42:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 404 KB
127 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72300
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129934
x-xss-protection: 0
server: cafe
etag: 17007686020673988365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 28 Aug 2024 17:24:16 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 105ms
31ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 20:18:11 GMT
content-encoding: gzip
age: 493865
x-guploader-uploadid: ADPycdvWBLiVqBwFLc4rZNgK-IlSnpW05L2_AVuDY8ZgQ67qHT7bhQAzvizvUCGbJufYRp_BwtN7tikS6Z5DqwKR6MNkBg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 23 Aug 2024 20:18:11 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 228ms
113ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 31 Aug 2023 13:29:17 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 114ms
40ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32539
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfmnneShRr8qNjrw%2BNIBWAJljaTt1Cl99rLloJW2pCQgsAClxMQCRNklG9x3AYlnxqz57T0jRiBPyygrg%2BTCr4TJy5jsdHDjmA0hkrtbIJweKMYPGqz1BWIHBLFXHDqrmPJVwNMhT%2BdZeKa7Ptw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7fed61b92f6f3769-HEL

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 119 KB
26 KB 116ms
43ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: FMD5XQGCJEJ2G1MF
age: 323
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7fed61b92a874e13-HEL
x-amz-id-2: sHj3XSUcecw8AvI5wNonc7WdZgBkjiCxZecsy11TnZgCGXUcgk+Y+qmotJ2IxTZzXDnWx2enroU=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 147ms
73ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:17 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 3b4005d15db2955782e277e5824d9ee0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 217ms
61ms Script
text/javascript 2600:9000:2250:3e00:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:3e00:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: null
Date: Wed, 30 Aug 2023 05:08:18 GMT
Via: 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 30060
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: tjvKcRiKOs0lPcPt5XmZH5ikHq8AP6guYYXiGgLpuetDXQsLsNE4FQ==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 188ms
61ms Script
text/javascript 52.222.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-100.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 15:55:11 GMT
content-encoding: gzip
via: 1.1 ab1d15e056bdcedbea349504173a4eca.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 15:52:21 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 77647
x-amz-server-side-encryption: AES256
etag: W/"abaee4c7a9cdd5e5098ecb24384e9e09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: LFgCg26P_d3_HID_DglFSPmPps83R-7FBAVSMRmAzA3Y9VBbZmQYCg==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 304 KB
71 KB 837ms
836ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2157805383288464&correlator=4063796982435573&eid=31076398%2C31077255%2C31077231%2C31076770&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=21862753527%2Cutua_desk_top%2Cutua_desk_content%2Cutua_desk_sidebar%2Cutua_desk_interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x250%7C970x250%7C980x90%2C320x50%7C300x250%7C336x280%2C120x600%7C160x600%7C300x600%7C300x250%2C1x1&fluid=0%2Cheight%2C0%2C0&ifi=1&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C8&sc=1&cookie_enabled=1&abxe=1&dt=1693402156891&lmt=1693391356&adxs=436%2C650%2C1468%2C-9&adys=98%2C405%2C122%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&vis=1&psz=1600x1200%7C800x0%7C120x250%7C0x-1&msz=1600x0%7C800x0%7C120x250%7C0x-1&fws=4%2C4%2C516%2C2&ohw=1600%2C1600%2C1600%2C0&ga_vid=1100487925.1693402157&ga_sid=1693402157&ga_hid=941327026&ga_fc=false&dlt=1693402156290&idt=569&cust_params=request_uri%3D%252Fgt-emp-gt-crediplan-p1%252F%26utm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04%26placement%3Ddirect%26hour%3D16%26dayshifts%3Dnight&adks=3399986936%2C1558435176%2C695725469%2C687659283&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1caa8123cf928d65ed3faf9f7b2372e64f5ece0383c7a2049ed0dac82e174814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72618
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D20F 6 KB
3 KB 251ms
97ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 13:29:17 GMT
expires: Thu, 29 Aug 2024 13:29:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 37 KB
13 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9aabc95877405be6d241a9c2aac270eb9f0da56062d1cbc78c922eaf9004c8b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82089
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13172
x-xss-protection: 0
server: cafe
etag: 7949494514302333357
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 28 Aug 2024 14:41:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
83 KB 80ms
79ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90794d79592dade01fa5cd13cf6dc2a026ff2111bdeb7d1bab27e7e81a1af33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85227
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 13:29:16 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-e...
https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-e...

85 B
204 B

158ms
157ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&rid=esp&cc=1
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: f4f4f508004414e79ecdf9b7c8499941cbf3f9e6cb359395457e279e5e56fb52

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:17 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-gkTWjA9QblnZnnSSIq+EoHPJyXE"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://utua.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 30 Aug 2023 13:29:17 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://utua.com.br
location: /esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 212ms
68ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://utua.com.br
date: Wed, 30 Aug 2023 13:29:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 105ms
33ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je38s0&_p=941327026&_gaz=1&cid=1100487925.1693402157&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693402157&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&dt=Solicita%20tu%20Cr%C3%A9dito%20Crediplan%20del%20Banco%20G%26T%20Continental&en=page_view&_fv=2&_ss=2&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 202ms
66ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y1WZWFMSQF&cid=1100487925.1693402157&gtm=45je38s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
408 B 247ms
102ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y1WZWFMSQF&cid=1100487925.1693402157&gtm=45je38s0&aip=1&z=570924213

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 98ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je38s0&_p=941327026&cid=1100487925.1693402157&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1693402157&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&dt=Solicita%20tu%20Cr%C3%A9dito%20Crediplan%20del%20Banco%20G%26T%20Continental&en=scroll&_c=1&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 231ms
74ms XHR
application/json 52.31.175.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 55d99965d2b9b983514ec89785ddc6db3d33aeffc0e8c317bbd81ab6168424e3

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:17 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://utua.com.br
cache-control: no-cache
x-server: 10.45.6.79
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2702 15 KB
6 KB 214ms
73ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=utua.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 13:29:16 GMT
server: Kestrel
server-processing-duration-in-ticks: 357878
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2702
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=utua.com.br&sn=ChromeSyncframe&so=0&topUrl=utua.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=g6Hz0XxPbmlpNlcvYUZtZm8va1g2ejUzVnpDbnV6ZHFnSGhGczROeG9rNXBBTGhIZkVndy9wOW1YenkxSWFxRm8xS084UUZnRjN5bUMxLzRBK3BiMytCeE5ZdjMxSm5OM082YVNpZVk5YktDYzRVZzNycnU1M0dLNSswNG...

427 B
652 B

214ms
60ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=g6Hz0XxPbmlpNlcvYUZtZm8va1g2ejUzVnpDbnV6ZHFnSGhGczROeG9rNXBBTGhIZkVndy9wOW1YenkxSWFxRm8xS084UUZnRjN5bUMxLzRBK3BiMytCeE5ZdjMxSm5OM082YVNpZVk5YktDYzRVZzNycnU1M0dLNSswNGIxSVlIUWQrSkxHbjZtMTNyNnVLTFdTTWt4YnpwdUNDVlF2dUJodXRxOVNmVkNOeW5XeEVwSENrS3BOY2h2NGdPNzcvYXFlVjdWQ0F1V3dkOXViU2N4cWpJRTczd0hpU2NPVEtpV1hJeWhwdGRkQnRSbG9mekpCREpVUEJjakU5amwwZ1hkWnNBa2xkbGZEaXFHWHdoWllXM0xBTEtVUT09fA&cppv=2

Requested by

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

16080bd80022ff137957a5360167505c841a5ad9efc36d4e909f522234351b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1268923
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=g6Hz0XxPbmlpNlcvYUZtZm8va1g2ejUzVnpDbnV6ZHFnSGhGczROeG9rNXBBTGhIZkVndy9wOW1YenkxSWFxRm8xS084UUZnRjN5bUMxLzRBK3BiMytCeE5ZdjMxSm5OM082YVNpZVk5YktDYzRVZzNycnU1M0dLNSswNGIxSVlIUWQrSkxHbjZtMTNyNnVLTFdTTWt4YnpwdUNDVlF2dUJodXRxOVNmVkNOeW5XeEVwSENrS3BOY2h2NGdPNzcvYXFlVjdWQ0F1V3dkOXViU2N4cWpJRTczd0hpU2NPVEtpV1hJeWhwdGRkQnRSbG9mekpCREpVUEJjakU5amwwZ1hkWnNBa2xkbGZEaXFHWHdoWllXM0xBTEtVUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 275508
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 38B4 0
176 B 145ms
66ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 30 Aug 2023 13:29:17 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame FB9D 222 KB
62 KB 215ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 19:22:21 GMT
age: 65216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 19:22:21 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame FB9D 15 KB
5 KB 386ms
232ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 30 Aug 2023 10:00:11 GMT
age: 12546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 29 Aug 2024 10:00:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame FB9D 94 KB
28 KB 389ms
235ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 05:50:45 GMT
age: 113912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 05:50:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame FB9D 5 KB
2 KB 409ms
255ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 16:22:50 GMT
age: 75987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 16:22:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame FB9D 40 KB
13 KB 410ms
257ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 10:05:13 GMT
age: 98644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 10:05:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FB9D 4 KB
751 B 79ms
78ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 13:29:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 12:04:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 13:29:17 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FB9D 3 KB
3 KB 199ms
68ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/es.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab8154bbb82f41f4009ccb93d75bdda93b9feae5c9af58cf19b7f469f326e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 01:51:35 GMT
x-content-type-options: nosniff
server: cafe
age: 41862
etag: 15786609255193711385
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2927
x-xss-protection: 0
expires: Thu, 31 Aug 2023 01:51:35 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FB9D 344 B
581 B 193ms
63ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 2405
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 31 Aug 2023 12:49:12 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame B243 222 KB
61 KB 252ms
135ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 19:22:21 GMT
age: 65216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 19:22:21 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame B243 15 KB
5 KB 238ms
238ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 30 Aug 2023 10:00:11 GMT
age: 12546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 29 Aug 2024 10:00:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame B243 94 KB
28 KB 240ms
240ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 05:50:45 GMT
age: 113912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 05:50:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame B243 5 KB
2 KB 252ms
252ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 16:22:50 GMT
age: 75988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 16:22:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame B243 40 KB
13 KB 253ms
252ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 10:05:13 GMT
age: 98645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 10:05:13 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B243 3 KB
3 KB 161ms
63ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/es.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab8154bbb82f41f4009ccb93d75bdda93b9feae5c9af58cf19b7f469f326e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 01:51:35 GMT
x-content-type-options: nosniff
server: cafe
age: 41862
etag: 15786609255193711385
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2927
x-xss-protection: 0
expires: Thu, 31 Aug 2023 01:51:35 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B243 344 B
402 B 164ms
67ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 2405
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 31 Aug 2023 12:49:12 GMT

GET
DATA 200
OK truncated
/ Frame B243 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75f09ebeb95359be845a9da895f4c553810aa626f7e63433d0d7f79f688ed42a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4360 6 KB
3 KB 63ms
61ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 13:29:17 GMT
expires: Thu, 29 Aug 2024 13:29:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9053404986416157682
tpc.googlesyndication.com/daca_images/simgad/ Frame B243 18 KB
18 KB 137ms
70ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9053404986416157682

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b40f033d1afd3d098bdf46a434a34eab56530ffc6af093aea2e432da444774b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:05:53 GMT
x-content-type-options: nosniff
age: 188604
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18019
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 14:55:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 27 Aug 2024 09:05:53 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11482331046210890610/ Frame FB9D 25 KB
25 KB 188ms
132ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11482331046210890610/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab4223d5cac8387e50214f0c9529a8e00f3d77229ed3fe9a172425c7163b0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:17 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25136
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 13:02:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Aug 2024 13:29:17 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17783254076830642467/ Frame FB9D 3 KB
3 KB 119ms
62ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17783254076830642467/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a73279971409038dd7c54ee5f2240ac88afb88b833d88f7d9c47e01ef48940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 05:47:59 GMT
x-content-type-options: nosniff
age: 373278
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2598
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 04:50:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 05:47:59 GMT

GET
DATA 200
OK truncated
/ Frame FB9D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f76612a35f464f6e61ac7f90b1457b4da987e747053469869bcdaa7e5fc3ae3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F36 6 KB
3 KB 62ms
61ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 13:29:17 GMT
expires: Thu, 29 Aug 2024 13:29:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 35ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je38s0&_p=941327026&cid=1100487925.1693402157&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=3&sid=1693402157&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&dt=Solicita%20tu%20Cr%C3%A9dito%20Crediplan%20del%20Banco%20G%26T%20Continental&en=ad_impression&_c=1&ep.query_id=CLSvndC-hIEDFYWR3godjswPyg&_et=831
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 36ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je38s0&_p=941327026&cid=1100487925.1693402157&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=4&sid=1693402157&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&dt=Solicita%20tu%20Cr%C3%A9dito%20Crediplan%20del%20Banco%20G%26T%20Continental&en=ad_impression&_c=1&ep.query_id=CLWvndC-hIEDFYWR3godjswPyg&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 35ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je38s0&_p=941327026&cid=1100487925.1693402157&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=5&sid=1693402157&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&dt=Solicita%20tu%20Cr%C3%A9dito%20Crediplan%20del%20Banco%20G%26T%20Continental&en=ad_impression&_c=1&ep.query_id=CLavndC-hIEDFYWR3godjswPyg&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 34ms
33ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je38s0&_p=941327026&cid=1100487925.1693402157&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=6&sid=1693402157&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&dt=Solicita%20tu%20Cr%C3%A9dito%20Crediplan%20del%20Banco%20G%26T%20Continental&en=ad_impression&_c=1&ep.query_id=CLevndC-hIEDFYWR3godjswPyg&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FB9D 16 KB
16 KB 62ms
60ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://utua.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 384848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 02:35:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FB9D 15 KB
15 KB 79ms
78ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://utua.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 465745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 04:06:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FB9D 12 KB
12 KB 101ms
101ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://utua.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 11:44:36 GMT
x-content-type-options: nosniff
age: 92681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 11:44:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FB9D 9 KB
10 KB 121ms
121ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://utua.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 07:05:38 GMT
x-content-type-options: nosniff
age: 541419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Aug 2024 07:05:38 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4B7D 624 B
670 B 247ms
113ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMunu4wDEPjajI4DGLm4zvABMAE&v=APEucNVyp7F4wQ16GkSk1vZgyEsF0WuiM8xLbQ9fD-vhESJ9sniVUr6RBCxrrxKzlr58an_STIdqY8vpi5Q9Bke7EEPttNuy_Q

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 13:29:18 GMT
expires: Wed, 30 Aug 2023 13:29:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4360 86 KB
30 KB 279ms
143ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 13:29:18 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4360 42 B
173 B 342ms
207ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Csnx3x76xBIZYe5EeHN_IbzuirFLpYGlyoScmOeNpoOcBZWntuGGxbUQ9MGC0qrO5DhBmrEfJCUseia7hzVyyTrD_Dx1Wrx0nfe6qi-PNoh5r3waw

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4360 0
58 B 342ms
207ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9821611651444879812&x=1&ct=76

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 4360 3 KB
1 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 11:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 11:27:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 4360 20 KB
8 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:55:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4360 181 KB
57 KB 311ms
149ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 13:29:18 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 3F36 4 KB
671 B 70ms
70ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 13:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 11:44:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 13:29:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DC30 14 KB
1 KB 70ms
70ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 13:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 12:01:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 13:29:18 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame DC30 2 KB
973 B 61ms
61ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 14:00:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame DC30 23 KB
9 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:59 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4D47 143 B
383 B 161ms
62ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 13:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame DC30 3 KB
1 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 11:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 11:27:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame DC30 20 KB
8 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:55:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC30 181 KB
57 KB 374ms
246ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 13:29:18 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame DC30 36 KB
15 KB 194ms
60ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:09:15 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 3F36 20 KB
8 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:07:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 14:07:06 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3F36 205 B
520 B 201ms
75ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:41:38 GMT
x-content-type-options: nosniff
age: 150460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 27 Aug 2024 19:41:38 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3F36 604 B
695 B 201ms
76ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:38:06 GMT
x-content-type-options: nosniff
age: 71472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 28 Aug 2024 17:38:06 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B243
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

76ms
75ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date: Wed, 30 Aug 2023 13:29:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FB9D 0
0 109ms
108ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLc7gLETvZLTpO4Wj-gaOmb_QDMuH_b5utM_Blr8RZBABIJ_O9n1gsQWgAbyq2f4CyAEJ4AIAqAMByAMKqgT6AU_QJz5RpZPDBMqxjp2QefAarwwlb8YDbLH-Q6b5nUXUaqC119xCPx2EAgmYP6VDqyeSFtg22s21r59_kUlWdIGII9NRW5ncAollXLCJAdZkM0UDMR1-JGE_jv5ugRzEJBT0IhkcnMYJZJBYRLFCN6pRBmpcsapUu8UWCLuaElSRfWs0_ER3RRi-4Z8GQwseqMTHEn7HobzfxFFvN-TTp89_kUVKyhcbAdXTqlHiF3vyYkBDsXAXWa-4MuzNWidZftp5MvvoP9ogm-pamd8Zuvpl7QXuGk141IFcFdzC6Jv7mWFvMD180hohuFXL6UkW7KYeYOUliwRONSTABJz8567PA-AEAYgF4ZPi3weSBQQIBBgBkgUECAUYBKAGLoAHrNWmgQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCApDPSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJGmh0dHBzOi8vcHJvLmthcGl0YWxycy5jb20vgAoDyAsB2gwQCgoQoOi2-vW1r-hVEgIBA7gT5APYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDk3OTk3NzQ2MzgzMzAyNBiZgXQ&sigh=10qa1OjKQPA&uach_m=[]&ase=2&cid=CAQSSwBpAlJWho0lIZXlRjGc7XaYgVF_U8X8IOYdE9zO6XOSLHp7bI9sOZTpYaZv4kGnNBic7HKLCLJMnmj6ZjdU_ruYuiaSgHDixLC0QhgB&template_id=484&cbvp=2
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4D47
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

89ms
89ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 13:29:18 GMT
expires: Wed, 30 Aug 2023 13:29:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 13:29:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
location.begrowth.com.br/ 175 B
593 B 138ms
48ms Fetch
application/json 2606:4700:20::681a:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.begrowth.com.br/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e96fedf15d68453deaa1fb3bfdfb2849ba0b23b42f990d2b8dd8a5e35b6a229

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:18 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvqgVTr%2BPR%2FFWpw2aam4cmsSSHphag84QiGEfBRoJcDF2z%2FE6YWCd3uvKhOGqoIV3%2BIPWkj5vRodceEpSZE2%2BOqD8ppALLXTl0r946xTZmDFpxbDPEg3YAERGzn%2Fl2AdTJAgm7OGFP6h7J7ClhGjZaGuyqm%2Fsg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/json
cf-ray: 7fed61c2097c4c87-HEL

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4B7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMWzVOPoqyAKwEf4RV8alTA&google_cver=1

43 B
766 B

105ms
58ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMWzVOPoqyAKwEf4RV8alTA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMunu4wDEPjajI4DGLm4zvABMAE&v=APEucNVyp7F4wQ16GkSk1vZgyEsF0WuiM8xLbQ9fD-vhESJ9sniVUr6RBCxrrxKzlr58an_STIdqY8vpi5Q9Bke7EEPttNuy_Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 13:29:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMWzVOPoqyAKwEf4RV8alTA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4B7D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO9ELtx3axOV6flykU5qPwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIKJZp-lhNSNFO4jTQzFHhw&google_cver=1

43 B
766 B

55ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIKJZp-lhNSNFO4jTQzFHhw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMunu4wDEPjajI4DGLm4zvABMAE&v=APEucNVyp7F4wQ16GkSk1vZgyEsF0WuiM8xLbQ9fD-vhESJ9sniVUr6RBCxrrxKzlr58an_STIdqY8vpi5Q9Bke7EEPttNuy_Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 13:29:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIKJZp-lhNSNFO4jTQzFHhw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 4B7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEmj309jp-03G82WUBNo7Ks&google_cver=1

43 B
845 B

61ms
61ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEmj309jp-03G82WUBNo7Ks&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMunu4wDEPjajI4DGLm4zvABMAE&v=APEucNVyp7F4wQ16GkSk1vZgyEsF0WuiM8xLbQ9fD-vhESJ9sniVUr6RBCxrrxKzlr58an_STIdqY8vpi5Q9Bke7EEPttNuy_Q

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:18 GMT
an-x-request-uuid: aeb14934-6f7c-42de-9f3a-1fd159a689d8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.182; 185.204.1.182; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEmj309jp-03G82WUBNo7Ks&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4B7D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM3NDU2NzA5MDY0NjQ5NjU4MA%3D%3D

170 B
243 B

72ms
70ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM3NDU2NzA5MDY0NjQ5NjU4MA%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:18 GMT
an-x-request-uuid: 4f93bb85-c3b9-48a4-8ec5-9d138b18b373
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM3NDU2NzA5MDY0NjQ5NjU4MA%3D%3D
x-proxy-origin: 185.204.1.182; 185.204.1.182; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B243 0
0 107ms
107ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFql4LETvZLXpO4Wj-gaOmb_QDPOFy_Bxop2iv4sRpsmouOcyEAEgn872fWCxBaABv7r3lijIAQKpAj1n4vGWMGg-4AIAqAMByAMIqgSEAk_QtzTmW4SCY-IGWgJBE7C8qC8-nbWZSov73WW0vRkYEjtZBnYQ5ynIjI0ZH99y3jFWTl5FZ-LAq2wq2BLcA6csGWYwcoab4o6KSiQpxzfBufksfWCvKCBSq3LDrN8UGhRxVPyu3Lh0e9EXL2byBBDKvck1KeqfiJdOH4vkVwxz5dyuvkcNfWuq25KTZbALAks3r-2qwXisBBQnynRvdeyWLmlbPwINSHEaAOFojfNOilROOj-aWGs81jflr62bzw6pW7guLykIwh9P5lk_T2t-4Ofsx2LKu7vWIE0cwJKBgvKzWc_ixErdlMOTRXCM2vVy2QON00su1mQUYVpKYrAj3FN0wATsj5bSogTgBAGIBcbH_9JJkgUECAQYAZIFBAgFGASgBgKAB7_yx_YCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQl65E0ggUCIBhEAEYHTICigI6AoBASL39wTqaCVxodHRwczovL2Fwa3BvcnRhbC1ycy54eXovP2NhbXBhaWduaWQ9MTk3Njk4NDQ2NzgmZ2dwbGFjZW1lbnQ9dXR1YS5jb20uYnImZ2dhZGlkPTY2ODE3OTA2OTU3NoAKA8gLAdoMEAoKELCL7bTbp6ndBhICAQPYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDk3OTk3NzQ2MzgzMzAyNBiZgXQ&sigh=XaFugrHj-iM&uach_m=[]&ase=2&cid=CAQSSwBpAlJWho0lIZXlRjGc7XaYgVF_U8X8IOYdE9zO6XOSLHp7bI9sOZTpYaZv4kGnNBic7HKLCLJMnmj6ZjdU_ruYuiaSgHDixLC0QhgB&cbvp=2
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4360 0
56 B 162ms
161ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7336102866355&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4360 0
56 B 162ms
161ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7336102866355&version=m202307240101&ct=76&x=1&cor=9821611651444880000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4360 90 KB
39 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHLkwDj0Qx2YdR4NtzccT5HLc1be00QhBeBEb2J97Pjaxl_FfDxQFcdudse8vq5DJWkaZcwbSf_jGyhYfm9ZsWZoBEVjPeGTwUizamlcSKOhB0mdFb7pO8Ok7we_l55k-Gzn6WBwaMmedsF3FtnLW8SSjwRniW3IL2LiL8K-iO_ZjMp3w&dbm_d=AKAmf-CkEDd44-AIK1DFsm_4VP1l3vVFywLzTj2uxMMwfbCkNgK8SjExushFiSY1S0wFLj_JoL9Lit8Y-9tuIj6hX-pyOHjt7zI9uC8G0hMyd9x3_GIPA8ZpgNm0AByzF14T8YtatCGtKg7TjFOQQTSngjJq2tPgJ80jxE7hl6CGiCosajk2ukVERLouZLvvWJsekqP4__l9c-ijKYdlU4VDZUaRVC6zWH3qSjmum1N6BhngFAUA9ag0HxTNtkkFj66LTWLVXBTtZ6Wj-1xpvGr5NumLKGtfDZt37IkVY9dBtoXONZZPW16p8lvBxkh_m_aSPkaPpea8_W_TiPscXZhoxADlk7s4enD6BqKRg1e7FD_vaXxGKfQLevA8iaDDb7gkzVuCmf5nv5Wlm1p869s-pa8HoFhMDCLcnJpKGFBAPq-m4IPwIg7nPDtFs0sYz0czoEd1QuaXSFytLjXkA923tvHGBEEOkSJ92adzBsLFks-jXAkA8rx5EI59rNKmdp7wPmKI0M3M7mPvl8j99fw0ClrOLDfWlOACMLtjDvZvkKNgqbIdOwsO9hjfD0KrlyfF-JnMe0TJ2Z5SyDfoFrNcpnrzX5acxLCbRyxMs9TDmCZ3dlvy7PTZZ9D6hS0DBwmUZlsrJ9LNS6wHwZUYqqe1dPGALQtr56APjcD0JUeewNDIOCidzlaWe_Eli2vhyemIbjx_KJtdfT4Kk1nF274As9r16k1-zMOXNuooEuCRX2xQZPKDPSb73RbQthdNVpDnXCmHfyHrPsAn7Krtf39gB1VVQ7PylqoSm3q7bdpQyidDI8xKWTNqWNV8PlTtZUGT8f4SAQ_gD-IBveUEftwdjj18QJy9iM-63bwqIvbn-qGAqI2E5jzUAuQy2jV-cNt1OpJVDBNgD4oFrxwL8fazO7OcNXgb_V0ZyKUhUUPD97msL1_u3_sPwtkQb0sXeuAvHr-6lAEvtdCZoYVq4YchzU8ZnGQd3_ueDmyVB9OAFATVOlBEvvEAq8lGlgdCedE7GQqqQzl1qBqb-ZvDpdToIh4fAXFuS2SGn9YNulMgwD5uJhXDD2CIw3nZkTpoc6OMbgtHNqg32C2Mlpi_aDPcLJmQTvcsXwjf5prDelfnJ7AVdxdASXKRKNkieYI7W0T0NejRQWEPntLY8EEc3PsScFBiq31EpbCC2PmHZgC0s96HKih861ZvJFNvZmXfl-7B_rQsOzql8wPIyfDFa9sgX5i_AgHensX_SRDbyQP6EpX8UhH1xrZ4qrrhiXC66WNXeZj8xChOW7xcHaYMHuRgP0ynRp5uf5pE1wkbMojAZPJU-ULRRrKAUNkjriNHgpi0phoswIRp6lUoq6hDCx9xRLnxaLI2IPSRo6ac1xV2MQ6jdOJ1X8MAc0v8iKbGTN4eLwA1VWNceOAGNATZFw9JgY-4bDxJ27RS1Psag-uSpej4mHvtYObJI856Peov31O3H-jk0R3zXlRKUmzuRldYsIvyY4pyUC_Rrg3u657GFi8WWNGdaxkinvmoGZFy7uR4RKC8ys1YaDsbbQN0MUlYkoFYU_T0z9lYvz_jCYCVvTXUOx6ATGydgNOoElDnLBm6u5p5QldijxjP87A3WoS2iNcFz_K41tSVvKn5Y_SyfMp9RshdeMb7Kadi0HW8Fiqg5VOsvhEdw_XiJPJSMAE5HAhMHi_bOSeiwzENavo-jB8LmMbONCcRl3NlPTypRBx9W3XWWzWXso7lDVbKuxC0NmPPoL6a2hSc2lHff6tTJbck7WskfTblM-LB90qkt2HpgZbsMs-Ol8ocl1Q_9kqBXy_LNruszb4BOBO97DQuULdshzkgcmCXFouOhQ9Ih2DGHVHQog9pjNsyUDelLnZF3q46JHynDjjVbR9_oseaXXPz_HJ8H0xh4EX5easjNp3c7MJFVii_V6ygyhIRr3WvV2ji_HvtuB0m9krMtZY8POgWOGZhJWEEWz9toB9soOUD5umu_-Pkl_aGpfBX9bCvLMUx6XavZ4A8G6akblUqRIi7akT-_y3KCJ0F3V132HtrlCNKPrKKLfNBxEeoiDw_YyKRWyOS5Fxwh2FWFH94qimSbbCxmwBoN-9_B1jOToFoMnsqv_ZWARuvqPwxOxGPIBfaLNlrmggrBkQ5dZsbCYNJRQ6fiFDxYGuK89DAXabxWs4wjHwtlmTGL_jGcichkEdj50IA5hvEjdbOY1qf0eleh-EwpSFoV71RCx1aC5o90GqNlNBjsU-19B1NHATSi5_NdENd0H2AoZkPCDaW0W7pbONHyglbBiT2FnxFGwOyr5IIjval4Ir_TxF2Bixoxh3LXir5oulQ8gRcxH7tn2jvDOjT5j1fwKEgT2V2hktxSJtMkVuHvjWQ6XrBSLX47XdwqRWTOeVkzkeAtKPNVjyr0IZ98ROxDWBNj_xFaxjsb22cEct0d0hcOCUfXlb1Dw4ZsbdVaZTqunrbMVlfECj6cS4lDGB0JGCWu8meje7yAajz5cVRbPgs9f8tHY5QOw1RMtmCbODgkbAxLUSulc5Wp-fiML7BnirShV37B8Vene-yVpOTH56yU-7TY-Ha4t4blTlRSKdOS6a-GIql7f3HX8kLbGKI4hfEvnZa-CWaBclS8B-2YWl-Kq3HKNR_hTZwRirRqqPuWnhP_AeLs3NbBuVwM5k7UGxGyMFRyYIvqNYMa5BSJa_fCItmQgR8Vh8vqsOvfZIyLXivuCNsBAVZLcU688i4ZqB1FCzi52BeNcWU1rZ_6q4RmeLt8K0QvilsAoH_pHmcIfBsRJGDMxEruc0kffSWhkCufKUJKxk7ILnb8b6CJdJUIXBBokjfZ4gVgCZfkx2StSAXzf8g0J7s8HJa-3Bq61NhceHOVOaYFTiGcopE91-FuGms0lBFh6-YzOjAEtG5O5Q7v7LmH41Oho974TVd1EX9nTIWSCXfIuQfg3tGvJqEk1YRAda5MvpgJn5pQSjLmfcX-tZdA_gxmfbAxBJ6afcM21Sx6aTrRzJWIlVfNy6EHFA62o74VMuLXjv0ZvA4E3nVrm4DQA_xXD-LBwDzjxCT3Frh6Qd4tszoCiYGNLO3fvJ-o8ktUJCx42Eq4rAWbsue8vuRKH1KmYs6nGWEHLJmxp4fg0u6nGal43h_m7Czz5ir9d4pesOwG5Bscm8QOfVxX3-QOq3VwBcTT9fP0Yg7dR4pKiCju2Do7oIexzdOWxBIc0Yq2D0BYdRQdfJ1meaBA-6nxudgNNUhO9OD8YTl6z7Vfkl3RjoRC_JSYM9nhfqa0LVbbFS2-RqCmYk1jnK-X7WW5hoKNey21GaNGC_5atCORyISliiZOu9_nJlRpwCueUSfUxAeVmn4ota6XMAuTYGYW3EwPt3zprETBz8-oW_pAN0fsJsAqI-exXLEn42rqkWzJRinukpjQk52W9NvkvblydVbtSiz2XFBFFDH4zh7oyeIqUYQ8k3Vyd3PHsxuTJnfyUelC8mu0Ih40mGdwkmYl3NIl5nIlGsPC7BvKCcpWXsMM95kx4eql7R3XO6mXOqxhinJkuH0n83I7LaAiFr-_C07BZ0NbT4FY-XkhnfCT4yI2gS1GH4fxUH3SMSlkZj6RqvVc03xfpzLaqnLCu7KyC6MEunC-Iqg7JU3LwR1l7qSHD3mFh7UYEzMYXrwbHQj8GJaXkt88eiDfLUToPeki130DeVA3KeLNO6rq-uTH-EPbhEPreuo_WamUd67Y9cJkqPxxUVph-LPdoLkmup3AuLSIWFlhwxmFic5qg3fYG6R5gE1fG7y3_zO87_MeK7uoG4ePuz3IosBN4p1r8hskXQuVXroX5mxUKHg9x40tL0A_dGGI4Zc&cid=CAQSSwBpAlJWho0lIZXlRjGc7XaYgVF_U8X8IOYdE9zO6XOSLHp7bI9sOZTpYaZv4kGnNBic7HKLCLJMnmj6ZjdU_ruYuiaSgHDixLC0QhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=9821611651444880000&adk=2228999115&idt=343&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

837df75f4667bd839cb180f83343b234b0c7a4031aee92f93d8e43411e297e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39397
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 351ms
257ms Preflight
text/html 2001:4860:4802:32::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 30 Aug 2023 13:29:18 GMT
server: Google Frontend
x-cloud-trace-context: 196c374625e1a78344b15d5ebb9b2283

POST
H2 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
67 B 333ms
331ms XHR
text/html 2001:4860:4802:32::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 13:29:19 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 0ff6d50b698672f5a50624890370c8e5
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame F7FE 37 KB
14 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 282870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 06:54:48 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1563689/72635399/ Frame 4360 250 KB
75 KB 245ms
73ms Script
application/javascript 52.19.229.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1563689/72635399/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013465714&ias_pubId=pub-1757064723917999&ias_chanId=1&ias_placementId=20363147696&bidurl=https://utua.com.br/gt-emp-gt-crediplan-p1/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ifb1mbAg9xSD9YrpSfvIRt
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHLkwDj0Qx2YdR4NtzccT5HLc1be00QhBeBEb2J97Pjaxl_FfDxQFcdudse8vq5DJWkaZcwbSf_jGyhYfm9ZsWZoBEVjPeGTwUizamlcSKOhB0mdFb7pO8Ok7we_l55k-Gzn6WBwaMmedsF3FtnLW8SSjwRniW3IL2LiL8K-iO_ZjMp3w&dbm_d=AKAmf-CkEDd44-AIK1DFsm_4VP1l3vVFywLzTj2uxMMwfbCkNgK8SjExushFiSY1S0wFLj_JoL9Lit8Y-9tuIj6hX-pyOHjt7zI9uC8G0hMyd9x3_GIPA8ZpgNm0AByzF14T8YtatCGtKg7TjFOQQTSngjJq2tPgJ80jxE7hl6CGiCosajk2ukVERLouZLvvWJsekqP4__l9c-ijKYdlU4VDZUaRVC6zWH3qSjmum1N6BhngFAUA9ag0HxTNtkkFj66LTWLVXBTtZ6Wj-1xpvGr5NumLKGtfDZt37IkVY9dBtoXONZZPW16p8lvBxkh_m_aSPkaPpea8_W_TiPscXZhoxADlk7s4enD6BqKRg1e7FD_vaXxGKfQLevA8iaDDb7gkzVuCmf5nv5Wlm1p869s-pa8HoFhMDCLcnJpKGFBAPq-m4IPwIg7nPDtFs0sYz0czoEd1QuaXSFytLjXkA923tvHGBEEOkSJ92adzBsLFks-jXAkA8rx5EI59rNKmdp7wPmKI0M3M7mPvl8j99fw0ClrOLDfWlOACMLtjDvZvkKNgqbIdOwsO9hjfD0KrlyfF-JnMe0TJ2Z5SyDfoFrNcpnrzX5acxLCbRyxMs9TDmCZ3dlvy7PTZZ9D6hS0DBwmUZlsrJ9LNS6wHwZUYqqe1dPGALQtr56APjcD0JUeewNDIOCidzlaWe_Eli2vhyemIbjx_KJtdfT4Kk1nF274As9r16k1-zMOXNuooEuCRX2xQZPKDPSb73RbQthdNVpDnXCmHfyHrPsAn7Krtf39gB1VVQ7PylqoSm3q7bdpQyidDI8xKWTNqWNV8PlTtZUGT8f4SAQ_gD-IBveUEftwdjj18QJy9iM-63bwqIvbn-qGAqI2E5jzUAuQy2jV-cNt1OpJVDBNgD4oFrxwL8fazO7OcNXgb_V0ZyKUhUUPD97msL1_u3_sPwtkQb0sXeuAvHr-6lAEvtdCZoYVq4YchzU8ZnGQd3_ueDmyVB9OAFATVOlBEvvEAq8lGlgdCedE7GQqqQzl1qBqb-ZvDpdToIh4fAXFuS2SGn9YNulMgwD5uJhXDD2CIw3nZkTpoc6OMbgtHNqg32C2Mlpi_aDPcLJmQTvcsXwjf5prDelfnJ7AVdxdASXKRKNkieYI7W0T0NejRQWEPntLY8EEc3PsScFBiq31EpbCC2PmHZgC0s96HKih861ZvJFNvZmXfl-7B_rQsOzql8wPIyfDFa9sgX5i_AgHensX_SRDbyQP6EpX8UhH1xrZ4qrrhiXC66WNXeZj8xChOW7xcHaYMHuRgP0ynRp5uf5pE1wkbMojAZPJU-ULRRrKAUNkjriNHgpi0phoswIRp6lUoq6hDCx9xRLnxaLI2IPSRo6ac1xV2MQ6jdOJ1X8MAc0v8iKbGTN4eLwA1VWNceOAGNATZFw9JgY-4bDxJ27RS1Psag-uSpej4mHvtYObJI856Peov31O3H-jk0R3zXlRKUmzuRldYsIvyY4pyUC_Rrg3u657GFi8WWNGdaxkinvmoGZFy7uR4RKC8ys1YaDsbbQN0MUlYkoFYU_T0z9lYvz_jCYCVvTXUOx6ATGydgNOoElDnLBm6u5p5QldijxjP87A3WoS2iNcFz_K41tSVvKn5Y_SyfMp9RshdeMb7Kadi0HW8Fiqg5VOsvhEdw_XiJPJSMAE5HAhMHi_bOSeiwzENavo-jB8LmMbONCcRl3NlPTypRBx9W3XWWzWXso7lDVbKuxC0NmPPoL6a2hSc2lHff6tTJbck7WskfTblM-LB90qkt2HpgZbsMs-Ol8ocl1Q_9kqBXy_LNruszb4BOBO97DQuULdshzkgcmCXFouOhQ9Ih2DGHVHQog9pjNsyUDelLnZF3q46JHynDjjVbR9_oseaXXPz_HJ8H0xh4EX5easjNp3c7MJFVii_V6ygyhIRr3WvV2ji_HvtuB0m9krMtZY8POgWOGZhJWEEWz9toB9soOUD5umu_-Pkl_aGpfBX9bCvLMUx6XavZ4A8G6akblUqRIi7akT-_y3KCJ0F3V132HtrlCNKPrKKLfNBxEeoiDw_YyKRWyOS5Fxwh2FWFH94qimSbbCxmwBoN-9_B1jOToFoMnsqv_ZWARuvqPwxOxGPIBfaLNlrmggrBkQ5dZsbCYNJRQ6fiFDxYGuK89DAXabxWs4wjHwtlmTGL_jGcichkEdj50IA5hvEjdbOY1qf0eleh-EwpSFoV71RCx1aC5o90GqNlNBjsU-19B1NHATSi5_NdENd0H2AoZkPCDaW0W7pbONHyglbBiT2FnxFGwOyr5IIjval4Ir_TxF2Bixoxh3LXir5oulQ8gRcxH7tn2jvDOjT5j1fwKEgT2V2hktxSJtMkVuHvjWQ6XrBSLX47XdwqRWTOeVkzkeAtKPNVjyr0IZ98ROxDWBNj_xFaxjsb22cEct0d0hcOCUfXlb1Dw4ZsbdVaZTqunrbMVlfECj6cS4lDGB0JGCWu8meje7yAajz5cVRbPgs9f8tHY5QOw1RMtmCbODgkbAxLUSulc5Wp-fiML7BnirShV37B8Vene-yVpOTH56yU-7TY-Ha4t4blTlRSKdOS6a-GIql7f3HX8kLbGKI4hfEvnZa-CWaBclS8B-2YWl-Kq3HKNR_hTZwRirRqqPuWnhP_AeLs3NbBuVwM5k7UGxGyMFRyYIvqNYMa5BSJa_fCItmQgR8Vh8vqsOvfZIyLXivuCNsBAVZLcU688i4ZqB1FCzi52BeNcWU1rZ_6q4RmeLt8K0QvilsAoH_pHmcIfBsRJGDMxEruc0kffSWhkCufKUJKxk7ILnb8b6CJdJUIXBBokjfZ4gVgCZfkx2StSAXzf8g0J7s8HJa-3Bq61NhceHOVOaYFTiGcopE91-FuGms0lBFh6-YzOjAEtG5O5Q7v7LmH41Oho974TVd1EX9nTIWSCXfIuQfg3tGvJqEk1YRAda5MvpgJn5pQSjLmfcX-tZdA_gxmfbAxBJ6afcM21Sx6aTrRzJWIlVfNy6EHFA62o74VMuLXjv0ZvA4E3nVrm4DQA_xXD-LBwDzjxCT3Frh6Qd4tszoCiYGNLO3fvJ-o8ktUJCx42Eq4rAWbsue8vuRKH1KmYs6nGWEHLJmxp4fg0u6nGal43h_m7Czz5ir9d4pesOwG5Bscm8QOfVxX3-QOq3VwBcTT9fP0Yg7dR4pKiCju2Do7oIexzdOWxBIc0Yq2D0BYdRQdfJ1meaBA-6nxudgNNUhO9OD8YTl6z7Vfkl3RjoRC_JSYM9nhfqa0LVbbFS2-RqCmYk1jnK-X7WW5hoKNey21GaNGC_5atCORyISliiZOu9_nJlRpwCueUSfUxAeVmn4ota6XMAuTYGYW3EwPt3zprETBz8-oW_pAN0fsJsAqI-exXLEn42rqkWzJRinukpjQk52W9NvkvblydVbtSiz2XFBFFDH4zh7oyeIqUYQ8k3Vyd3PHsxuTJnfyUelC8mu0Ih40mGdwkmYl3NIl5nIlGsPC7BvKCcpWXsMM95kx4eql7R3XO6mXOqxhinJkuH0n83I7LaAiFr-_C07BZ0NbT4FY-XkhnfCT4yI2gS1GH4fxUH3SMSlkZj6RqvVc03xfpzLaqnLCu7KyC6MEunC-Iqg7JU3LwR1l7qSHD3mFh7UYEzMYXrwbHQj8GJaXkt88eiDfLUToPeki130DeVA3KeLNO6rq-uTH-EPbhEPreuo_WamUd67Y9cJkqPxxUVph-LPdoLkmup3AuLSIWFlhwxmFic5qg3fYG6R5gE1fG7y3_zO87_MeK7uoG4ePuz3IosBN4p1r8hskXQuVXroX5mxUKHg9x40tL0A_dGGI4Zc&cid=CAQSSwBpAlJWho0lIZXlRjGc7XaYgVF_U8X8IOYdE9zO6XOSLHp7bI9sOZTpYaZv4kGnNBic7HKLCLJMnmj6ZjdU_ruYuiaSgHDixLC0QhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=9821611651444880000&adk=2228999115&idt=343&cac=0&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.229.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-229-56.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5bbe0257e3a06cb33479f082f09548a98819e63b4d80f7857db2c17a6195729b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:18 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 4360 30 KB
11 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHLkwDj0Qx2YdR4NtzccT5HLc1be00QhBeBEb2J97Pjaxl_FfDxQFcdudse8vq5DJWkaZcwbSf_jGyhYfm9ZsWZoBEVjPeGTwUizamlcSKOhB0mdFb7pO8Ok7we_l55k-Gzn6WBwaMmedsF3FtnLW8SSjwRniW3IL2LiL8K-iO_ZjMp3w&dbm_d=AKAmf-CkEDd44-AIK1DFsm_4VP1l3vVFywLzTj2uxMMwfbCkNgK8SjExushFiSY1S0wFLj_JoL9Lit8Y-9tuIj6hX-pyOHjt7zI9uC8G0hMyd9x3_GIPA8ZpgNm0AByzF14T8YtatCGtKg7TjFOQQTSngjJq2tPgJ80jxE7hl6CGiCosajk2ukVERLouZLvvWJsekqP4__l9c-ijKYdlU4VDZUaRVC6zWH3qSjmum1N6BhngFAUA9ag0HxTNtkkFj66LTWLVXBTtZ6Wj-1xpvGr5NumLKGtfDZt37IkVY9dBtoXONZZPW16p8lvBxkh_m_aSPkaPpea8_W_TiPscXZhoxADlk7s4enD6BqKRg1e7FD_vaXxGKfQLevA8iaDDb7gkzVuCmf5nv5Wlm1p869s-pa8HoFhMDCLcnJpKGFBAPq-m4IPwIg7nPDtFs0sYz0czoEd1QuaXSFytLjXkA923tvHGBEEOkSJ92adzBsLFks-jXAkA8rx5EI59rNKmdp7wPmKI0M3M7mPvl8j99fw0ClrOLDfWlOACMLtjDvZvkKNgqbIdOwsO9hjfD0KrlyfF-JnMe0TJ2Z5SyDfoFrNcpnrzX5acxLCbRyxMs9TDmCZ3dlvy7PTZZ9D6hS0DBwmUZlsrJ9LNS6wHwZUYqqe1dPGALQtr56APjcD0JUeewNDIOCidzlaWe_Eli2vhyemIbjx_KJtdfT4Kk1nF274As9r16k1-zMOXNuooEuCRX2xQZPKDPSb73RbQthdNVpDnXCmHfyHrPsAn7Krtf39gB1VVQ7PylqoSm3q7bdpQyidDI8xKWTNqWNV8PlTtZUGT8f4SAQ_gD-IBveUEftwdjj18QJy9iM-63bwqIvbn-qGAqI2E5jzUAuQy2jV-cNt1OpJVDBNgD4oFrxwL8fazO7OcNXgb_V0ZyKUhUUPD97msL1_u3_sPwtkQb0sXeuAvHr-6lAEvtdCZoYVq4YchzU8ZnGQd3_ueDmyVB9OAFATVOlBEvvEAq8lGlgdCedE7GQqqQzl1qBqb-ZvDpdToIh4fAXFuS2SGn9YNulMgwD5uJhXDD2CIw3nZkTpoc6OMbgtHNqg32C2Mlpi_aDPcLJmQTvcsXwjf5prDelfnJ7AVdxdASXKRKNkieYI7W0T0NejRQWEPntLY8EEc3PsScFBiq31EpbCC2PmHZgC0s96HKih861ZvJFNvZmXfl-7B_rQsOzql8wPIyfDFa9sgX5i_AgHensX_SRDbyQP6EpX8UhH1xrZ4qrrhiXC66WNXeZj8xChOW7xcHaYMHuRgP0ynRp5uf5pE1wkbMojAZPJU-ULRRrKAUNkjriNHgpi0phoswIRp6lUoq6hDCx9xRLnxaLI2IPSRo6ac1xV2MQ6jdOJ1X8MAc0v8iKbGTN4eLwA1VWNceOAGNATZFw9JgY-4bDxJ27RS1Psag-uSpej4mHvtYObJI856Peov31O3H-jk0R3zXlRKUmzuRldYsIvyY4pyUC_Rrg3u657GFi8WWNGdaxkinvmoGZFy7uR4RKC8ys1YaDsbbQN0MUlYkoFYU_T0z9lYvz_jCYCVvTXUOx6ATGydgNOoElDnLBm6u5p5QldijxjP87A3WoS2iNcFz_K41tSVvKn5Y_SyfMp9RshdeMb7Kadi0HW8Fiqg5VOsvhEdw_XiJPJSMAE5HAhMHi_bOSeiwzENavo-jB8LmMbONCcRl3NlPTypRBx9W3XWWzWXso7lDVbKuxC0NmPPoL6a2hSc2lHff6tTJbck7WskfTblM-LB90qkt2HpgZbsMs-Ol8ocl1Q_9kqBXy_LNruszb4BOBO97DQuULdshzkgcmCXFouOhQ9Ih2DGHVHQog9pjNsyUDelLnZF3q46JHynDjjVbR9_oseaXXPz_HJ8H0xh4EX5easjNp3c7MJFVii_V6ygyhIRr3WvV2ji_HvtuB0m9krMtZY8POgWOGZhJWEEWz9toB9soOUD5umu_-Pkl_aGpfBX9bCvLMUx6XavZ4A8G6akblUqRIi7akT-_y3KCJ0F3V132HtrlCNKPrKKLfNBxEeoiDw_YyKRWyOS5Fxwh2FWFH94qimSbbCxmwBoN-9_B1jOToFoMnsqv_ZWARuvqPwxOxGPIBfaLNlrmggrBkQ5dZsbCYNJRQ6fiFDxYGuK89DAXabxWs4wjHwtlmTGL_jGcichkEdj50IA5hvEjdbOY1qf0eleh-EwpSFoV71RCx1aC5o90GqNlNBjsU-19B1NHATSi5_NdENd0H2AoZkPCDaW0W7pbONHyglbBiT2FnxFGwOyr5IIjval4Ir_TxF2Bixoxh3LXir5oulQ8gRcxH7tn2jvDOjT5j1fwKEgT2V2hktxSJtMkVuHvjWQ6XrBSLX47XdwqRWTOeVkzkeAtKPNVjyr0IZ98ROxDWBNj_xFaxjsb22cEct0d0hcOCUfXlb1Dw4ZsbdVaZTqunrbMVlfECj6cS4lDGB0JGCWu8meje7yAajz5cVRbPgs9f8tHY5QOw1RMtmCbODgkbAxLUSulc5Wp-fiML7BnirShV37B8Vene-yVpOTH56yU-7TY-Ha4t4blTlRSKdOS6a-GIql7f3HX8kLbGKI4hfEvnZa-CWaBclS8B-2YWl-Kq3HKNR_hTZwRirRqqPuWnhP_AeLs3NbBuVwM5k7UGxGyMFRyYIvqNYMa5BSJa_fCItmQgR8Vh8vqsOvfZIyLXivuCNsBAVZLcU688i4ZqB1FCzi52BeNcWU1rZ_6q4RmeLt8K0QvilsAoH_pHmcIfBsRJGDMxEruc0kffSWhkCufKUJKxk7ILnb8b6CJdJUIXBBokjfZ4gVgCZfkx2StSAXzf8g0J7s8HJa-3Bq61NhceHOVOaYFTiGcopE91-FuGms0lBFh6-YzOjAEtG5O5Q7v7LmH41Oho974TVd1EX9nTIWSCXfIuQfg3tGvJqEk1YRAda5MvpgJn5pQSjLmfcX-tZdA_gxmfbAxBJ6afcM21Sx6aTrRzJWIlVfNy6EHFA62o74VMuLXjv0ZvA4E3nVrm4DQA_xXD-LBwDzjxCT3Frh6Qd4tszoCiYGNLO3fvJ-o8ktUJCx42Eq4rAWbsue8vuRKH1KmYs6nGWEHLJmxp4fg0u6nGal43h_m7Czz5ir9d4pesOwG5Bscm8QOfVxX3-QOq3VwBcTT9fP0Yg7dR4pKiCju2Do7oIexzdOWxBIc0Yq2D0BYdRQdfJ1meaBA-6nxudgNNUhO9OD8YTl6z7Vfkl3RjoRC_JSYM9nhfqa0LVbbFS2-RqCmYk1jnK-X7WW5hoKNey21GaNGC_5atCORyISliiZOu9_nJlRpwCueUSfUxAeVmn4ota6XMAuTYGYW3EwPt3zprETBz8-oW_pAN0fsJsAqI-exXLEn42rqkWzJRinukpjQk52W9NvkvblydVbtSiz2XFBFFDH4zh7oyeIqUYQ8k3Vyd3PHsxuTJnfyUelC8mu0Ih40mGdwkmYl3NIl5nIlGsPC7BvKCcpWXsMM95kx4eql7R3XO6mXOqxhinJkuH0n83I7LaAiFr-_C07BZ0NbT4FY-XkhnfCT4yI2gS1GH4fxUH3SMSlkZj6RqvVc03xfpzLaqnLCu7KyC6MEunC-Iqg7JU3LwR1l7qSHD3mFh7UYEzMYXrwbHQj8GJaXkt88eiDfLUToPeki130DeVA3KeLNO6rq-uTH-EPbhEPreuo_WamUd67Y9cJkqPxxUVph-LPdoLkmup3AuLSIWFlhwxmFic5qg3fYG6R5gE1fG7y3_zO87_MeK7uoG4ePuz3IosBN4p1r8hskXQuVXroX5mxUKHg9x40tL0A_dGGI4Zc&cid=CAQSSwBpAlJWho0lIZXlRjGc7XaYgVF_U8X8IOYdE9zO6XOSLHp7bI9sOZTpYaZv4kGnNBic7HKLCLJMnmj6ZjdU_ruYuiaSgHDixLC0QhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=9821611651444880000&adk=2228999115&idt=343&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:57:58 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 4360 11 KB
4 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:57:58 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4360 0
0 248ms
107ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvY_61vU8wC6TmE07bOrDxzX5h8ZRdX9k5WM5NCZDIP6wlxYu1nEoEx4XqPD82v_ThCEPxJA8zMhrBRZz9t-S_sr03LT37MK2fr4ywvwO0FqglwLCmZJqP1fe9lB1btwuBAa-gwt2PCQDI-FuWq-E21FgLqqANqYILpYb562irlsfkLdmZXhrvcz8Qh1WfC2NIhS9UsdwUyH_x6Vtu7hh1OKs5xPOUKEctrkyDu2zHoC1GAr1FHIFcR_zZm-mNA6E2fhYzTjXGaUsM8TcfUXlfBpVoaPxpj6POmyxv9L1AiXuyUXNzfaBXaNv_Ut68TO2P_JPWZ3r5z5qnu1lt4XvlVQcjlSJkJ8mKlIt6a6Hbt14Z5u7QEQRW_TaLRJ3s8bftvBqCzwhcOQCPWQNzLhMJs2a_8Z_N-y53nUl4H5I9w7SbLvklEhEekRg9Vh0XiqywnmU_GKxckwqZYRKILBKus8h_suTqsL5_xZkFEVi6vJhOQnJmvEaJoY8e8AlCJTLjAjhEEUSY9skpRHIZ88m8D5ic53uVfZNfBDp9DvWBV_36QwYTFF5Xy1T8ejKb2WX4I1V5u7Q8A3SVJSviCIOoo3mRy4B5sljT7J-bmqDEkJGazWP4EiJr0ldw07nzeASlbGhK_wFMIf9H66LL9SmSbu5eqKU88etKN7bWndtlmNSx7vpsviPvkGfsjuzVGknR1Sku_woMOx8SJFAgm9xz_BINYnzANAJRQ02yZyowE2_sSMaWos-LpXjpL8suHTF-XaSWWkI176l_SMeKVC8bv-Usa3KFRl8TFIOFaTjL2hpzSv69vgOx46p-6xFGiVaamWi4x9V3dKk7yZznvBv35L-dOLnGQ3ARI06Okkqr8uFz3iI8Nm9HdWUNwAi3A9J2lzvRF8zOLjifdb4RKv-EG6u1gKLcgULorJd_7TKmcKxkdUZTec27RQophp99qpd4Jl-aEcHIHZ0uOiVYuLrys1OzlYxxw1kWjAhT33KcBWoa6mDjCGQnE_Puczhr8ngAyQHTXBHGH6YzsFI6Juh_K8eG2CNywt4pjU8kSRo-Hs0owkiaMeifw0vALeQgt4eoQye7dchBe7JetSd3R2RDdmsLRec_F3OzCRsagQpKOriHshT6bAAtPnUf6Eo9qBeICbuRNEunHh75WRI64QiDeCdat4EnB8HbrX299lq2hCeVTtt5o6-1zvGCVNOM9vbAOoN5zB3c0ZLeu5fIwW_1RoMJp_RjcZEg&sai=AMfl-YSVT8SZzj3IGFIFGTY4cxZDQrZ17HnuqwROADnxYUMS_rJOkVCR5tOhkk_M4PaBlMrX8HI6TUnceI14EnJ5ZUAgcIE_1L2H2p9EWezI96upAIDKkW0kYxGpW2Z4FEnHoEOLDeI6izfs_O2JdCuimIZPMrN-HT3yl9-ij57ItLcN1nudbIatICwcIt9aS4kjeWWTV4eabMao3ytNm6I7JhEz0jo3wirtdSfg2pG9Dy1nFd0BlXHwBAHAbpWPU6aiTQNKgbLAQXArbmkgSvRHMHehHz71_-Ekn5Q1cCVdDxeYK8o9opHdv_Mb7i0&sig=Cg0ArKJSzN-ylJu0gp1aEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230828.36744&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 13:29:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 30 Aug 2023 13:29:18 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4360 41 KB
13 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 292010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Aug 2024 04:22:28 GMT

GET
H2 200 9580612449183863315
s0.2mdn.net/simgad/ Frame 4360 34 KB
35 KB 202ms
63ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9580612449183863315

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb935ba57fd223c02ca04478439b61d059a6518d1be0c13fac1d9f09029b0dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:29:21 GMT
x-content-type-options: nosniff
age: 86397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35034
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 10:50:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Aug 2024 13:29:21 GMT

GET
DATA 200
OK truncated
/ Frame 4360 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f4def8bcf4602930631d840367cf676aadfd92a89118222c0ef3ee2584631fe

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C446 22 KB
8 KB 62ms
62ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 292008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 04:22:30 GMT
expires: Mon, 26 Aug 2024 04:22:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js Show response
pagead2.googlesyndication.com/bg/ Frame C446 38 KB
14 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 16:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 592326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14677
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 16:57:12 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4360 0
0 101ms
100ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvY_61vU8wC6TmE07bOrDxzX5h8ZRdX9k5WM5NCZDIP6wlxYu1nEoEx4XqPD82v_ThCEPxJA8zMhrBRZz9t-S_sr03LT37MK2fr4ywvwO0FqglwLCmZJqP1fe9lB1btwuBAa-gwt2PCQDI-FuWq-E21FgLqqANqYILpYb562irlsfkLdmZXhrvcz8Qh1WfC2NIhS9UsdwUyH_x6Vtu7hh1OKs5xPOUKEctrkyDu2zHoC1GAr1FHIFcR_zZm-mNA6E2fhYzTjXGaUsM8TcfUXlfBpVoaPxpj6POmyxv9L1AiXuyUXNzfaBXaNv_Ut68TO2P_JPWZ3r5z5qnu1lt4XvlVQcjlSJkJ8mKlIt6a6Hbt14Z5u7QEQRW_TaLRJ3s8bftvBqCzwhcOQCPWQNzLhMJs2a_8Z_N-y53nUl4H5I9w7SbLvklEhEekRg9Vh0XiqywnmU_GKxckwqZYRKILBKus8h_suTqsL5_xZkFEVi6vJhOQnJmvEaJoY8e8AlCJTLjAjhEEUSY9skpRHIZ88m8D5ic53uVfZNfBDp9DvWBV_36QwYTFF5Xy1T8ejKb2WX4I1V5u7Q8A3SVJSviCIOoo3mRy4B5sljT7J-bmqDEkJGazWP4EiJr0ldw07nzeASlbGhK_wFMIf9H66LL9SmSbu5eqKU88etKN7bWndtlmNSx7vpsviPvkGfsjuzVGknR1Sku_woMOx8SJFAgm9xz_BINYnzANAJRQ02yZyowE2_sSMaWos-LpXjpL8suHTF-XaSWWkI176l_SMeKVC8bv-Usa3KFRl8TFIOFaTjL2hpzSv69vgOx46p-6xFGiVaamWi4x9V3dKk7yZznvBv35L-dOLnGQ3ARI06Okkqr8uFz3iI8Nm9HdWUNwAi3A9J2lzvRF8zOLjifdb4RKv-EG6u1gKLcgULorJd_7TKmcKxkdUZTec27RQophp99qpd4Jl-aEcHIHZ0uOiVYuLrys1OzlYxxw1kWjAhT33KcBWoa6mDjCGQnE_Puczhr8ngAyQHTXBHGH6YzsFI6Juh_K8eG2CNywt4pjU8kSRo-Hs0owkiaMeifw0vALeQgt4eoQye7dchBe7JetSd3R2RDdmsLRec_F3OzCRsagQpKOriHshT6bAAtPnUf6Eo9qBeICbuRNEunHh75WRI64QiDeCdat4EnB8HbrX299lq2hCeVTtt5o6-1zvGCVNOM9vbAOoN5zB3c0ZLeu5fIwW_1RoMJp_RjcZEg&sai=AMfl-YSVT8SZzj3IGFIFGTY4cxZDQrZ17HnuqwROADnxYUMS_rJOkVCR5tOhkk_M4PaBlMrX8HI6TUnceI14EnJ5ZUAgcIE_1L2H2p9EWezI96upAIDKkW0kYxGpW2Z4FEnHoEOLDeI6izfs_O2JdCuimIZPMrN-HT3yl9-ij57ItLcN1nudbIatICwcIt9aS4kjeWWTV4eabMao3ytNm6I7JhEz0jo3wirtdSfg2pG9Dy1nFd0BlXHwBAHAbpWPU6aiTQNKgbLAQXArbmkgSvRHMHehHz71_-Ekn5Q1cCVdDxeYK8o9opHdv_Mb7i0&sig=Cg0ArKJSzN-ylJu0gp1aEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=282&vt=11&dtpt=281&dett=2&cstd=0&cisv=r20230828.36744&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 13:29:18 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 4360
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1563689/72635399/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013465714&ias_pubId=pub-1757064723917999&ias_chanId=1&ias_placementId=20363147696&bidurl=ht...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

151ms
77ms

Script
application/javascript

2600:9000:21f3:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:21f3:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
date: Tue, 29 Aug 2023 03:05:10 GMT
x-amz-cf-pop: FRA2-C2
age: 123849
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 1JnIUhWk8hAFbR0rZ7G3BU5b_ap0LyfFmSgkcgPVJFt4niXaymdhLQ==

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:19 GMT
server: nginx
x-server-name: app18.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 34E2 91 KB
23 KB 206ms
71ms Script
application/javascript 2600:9000:21f3:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 7142971
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: LcP44iHTdpPSsKeHR5m8XJYeiKds3dJxdNv-SQd7giTdFJEq2tnKHQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4360 43 B
215 B 489ms
146ms Image
image/gif 2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1563689&asId=aad32586-1a48-5d8c-98d1-2a7564f5a03b&tv=%7Bc:mMWCUV,pingTime:-3,time:67,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:22%7D,%7Bpiv:0,vs:o,r:l,t:66%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:67,n:66,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B58~1,0~0%5D,as:%5B58~300.600%5D%7D%7D,%7Bsl:o,t:66,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOqiSQe+11%7C12%7C13%7C14%7C15%7C16*.1563689-72635399%7C161%7C1621%7C1711%7C1712,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:23%7D&br=c
Requested by: Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:19 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4360 43 B
215 B 484ms
147ms Image
image/gif 2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1563689&asId=aad32586-1a48-5d8c-98d1-2a7564f5a03b&tv=%7Bc:mMWCUY,pingTime:-6,time:70,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:70,n:66,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B58~1,0~0%5D,as:%5B58~300.600%5D%7D%7D,%7Bsl:o,t:66,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOqiSQe+11%7C12%7C13%7C14%7C15%7C16*.1563689-72635399%7C161%7C1621%7C1711%7C1712,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:23%7D&tpiLookup=ao:utua.com.br*&br=c
Requested by: Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:19 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4360 43 B
216 B 473ms
145ms Image
image/gif 2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1563689&asId=aad32586-1a48-5d8c-98d1-2a7564f5a03b&tv=%7Bc:mMWCVb,pingTime:-2,time:83,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1149,beZ:1151,mfA:1154,cmA:1156,inA:1156,inZ:1161,prA:1161,prZ:1166,si:1173,poA:1174,poZ:1208,cmZ:1208,mfZ:1208,loA:1219,loZ:1223,ltA:1232,ltZ:1232%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:22%7D,%7Bpiv:0,vs:o,r:l,t:66%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:83,n:66,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B58~1,0~0%5D,as:%5B58~300.600%5D%7D%7D,%7Bsl:o,t:66,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B17~0%5D,as:%5B17~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOqiSQe+11%7C12%7C13%7C14%7C15%7C16*.1563689-72635399%7C161%7C1621%7C1711%7C1712,idMap:16*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:23,sinceFw:58,readyFired:true%7D&br=c
Requested by: Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:19 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4360 43 B
215 B 473ms
147ms Image
image/gif 2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1563689&asId=aad32586-1a48-5d8c-98d1-2a7564f5a03b&tv=%7Bc:mMWCVd,pingTime:0,time:85,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:22%7D,%7Bpiv:0,vs:o,r:l,t:66%7D,%7Bpiv:100,vs:i,r:,t:84%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:84,n:66,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B58~1,0~0%5D,as:%5B58~300.600%5D%7D%7D,%7Bsl:o,t:66,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B18~0%5D,as:%5B18~300.600%5D%7D%7D,%7Bsl:i,t:84,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOqiSQe+11%7C12%7C13%7C14%7C15%7C16*.1563689-72635399%7C161%7C1621%7C1711%7C1712,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:23%7D&br=c
Requested by: Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:19 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C446 0
20 B 164ms
164ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4CHVLkTvZLvGGoq1-gaNoqXQBQAAAAA4AeAEAg&bg=!FRalFlnNAAbGwlhq5sI7ADQBe5WfOJEATQirJdd5GemTz0f1vZ2r8vxmTInopauYYqIsGKYYZtHJ1Sxq_Y8joWrjxMJJAgAAALFSAAAACmgBB5kDAH-lKfL97ohwPkczz2EPQO6HOdLYoBtu9W1jv3tH4fVFiiWsTdd-Spq0I2MNUtiP3RcDtme7kwFmQDyK92LZG4qsc0Py2L4iNfdkOy144m3JeCBcAZWYFRIqVXKsiZE2P_0-8-BPW7zX_Id39NVUdHtv6Jwg-FJDe3CAwSxe_O8LXFomAnONiZbi_Ms8J21ZYj2QoHHfgWd9l1S7qB6coHzkz4PGWM9HWpPw3CLatUfdfKNx4oKDKthvxpF7R3jPE58J_0ZHt5lDB_YEHYC6JaZ993lhTcDf6yIKFSk0tyx-MGJ3BhUD4YXE2tkvbWhAP57fmdMb3xKq7lPEz4RHf4aj2VmtsZ_fnCzAjHxKAP3s6Y3_1Q8F7aTR6KJ-EgnU315RPsPjLIMu8fQZyKVZA78CGEQeKswdW6c1-NQQXp8mEaHD0hwfR4nG4Eoaza6D-mx5o8XMBHVi3gSCH_C7I-f9hs_ZMiuZxMQeRGgIWFpbOOfLhcR9426DygHERQ_Uo2vfyB0sqPhnyuCoznS8nxvE9fBvWDZJEd6fYP7ZtxXpJOMt64VYXpQeX_ecsiK1AAi3Xk7Ohwr4AhROzYKJoZLSZ-pJuB79RNUzIunRPA53vdf2uYzPIIDfemdik75WCung0D6GrcSPOYNpY2CIwvROukqVBVLl5t2vAqzSuVEVYBZeCC2kQRX1pxa98HWTl4TOW95pMS2QMmA8RUAn_gJDtGvslnm7FWUZGMIEvSwnQgGWB52XNBbkPbLaI8Xj4mOVJhMikkbUuxfx0MVNVqbFfpZSnBfy1888ZY-7qDoG93NpvCC36XBj_MCpr8ikyJ5klUn4_wfqDbFMv_4VQPEMQmxgMjxtAHG6BP9K-l3KaTixH0rJg02VG16PFvNAiVsLVeRc9uJR5j1AACl9cmXSJMXBvVps4EE5qMKiC814tGqMkkr4OB5vifBEMOY1gGAcTy4J4r-9gUgj-Cx_bP9g25cs-c9sfar8TMrBoDpbPwkahz-hI_7I7KywXtsAWA

Requested by

Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FB9D 42 B
64 B 165ms
165ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmoZYEQ7vfhBcmMTFUmqhHtt73DXp6iLMSqCvqR9mhhbK0c12Kml27EuT3Fzaqq45cUptwbjaKVrkoo7hWiDVMyn9unXOMmOWuGxohoj4n96fwPkc46wbdSdlNwgmzkozLMqhXVG-QOg&sai=AMfl-YQ7GCHbVxmsCK_xU2xyluxFMp4BQmumH6PS_YOtIeTzaXPDdV0Uahaq5gIWW_uK65QD1ICfLTV7HIxgNoCWtEDigdbRaQnMJjwa1GgvpA0qyIyPgaDb9eJwyNCOqN5Gxn7ZCQQ8wjJoULUC&sig=Cg0ArKJSzFvJkCs6lP7OEAE&cid=CAQSSwBpAlJWho0lIZXlRjGc7XaYgVF_U8X8IOYdE9zO6XOSLHp7bI9sOZTpYaZv4kGnNBic7HKLCLJMnmj6ZjdU_ruYuiaSgHDixLC0QhgB&id=ampim&o=310,122&d=980,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,0,1002,1002&tos=0,0,0,1002,0&tfs=492&tls=1494&g=100&h=100&tt=1494&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4360 0
26 B 226ms
100ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudxjKtfxS4NEj26QgCMfMyWID4pYwQL2RH7bY3nKy7b9mr0atkTyX2AW-gfsycnWxxqKotHSoLbwkyBsf247Wn8qAhTmVJhLlgMpqOLpcZMEiFv3UGx-5IEM9F0YdUUlGGeAQFK9TD_o61r3X1WK1-icYbYTic7WPuomb7nZG_kV1nQcY8Tm--F4vDSxHTBA2wX3P7IVjwYS-e&sai=AMfl-YTS2VnYQpxD9uMxZh_Nnv5CiiR6KIu1ARQpIO5K9jqPb9btKfkfqW7_5Q0aVDbFMAznWAhDEkBHVHw1IFCiWXqcV993qHiBYaP3XcMNdisUBbXi8UYtV6pohncmGsokWyZw9dq4w7DM7BYWQ_dTuDJqInA&sig=Cg0ArKJSzNQbGVX7mUcjEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 passback_300x600.js Show response
static.adsafeprotected.com/ Frame 3D40 3 KB
2 KB 63ms
62ms Script
application/javascript 2600:9000:21f3:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_300x600.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b542fa63865c7855e651a48910a341dfdd0508ec6f293e1253537b2778e2742

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: kTzCLI3J0Rawp2tFRAwfopfiJxzrNFGH
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
date: Fri, 25 Aug 2023 00:48:10 GMT
x-amz-cf-pop: FRA2-C2
age: 477670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:42 GMT
server: AmazonS3
etag: W/"439e58c5a30158dbdc47481bb170410a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: N8NOyvnAt03_w1gtUj0ddtAuEUwdzbVe5o-KrHnKYGBQ_9ustLbLyA==

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B243 42 B
64 B 165ms
165ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupWm5lXGUlc3VRSDkecHKpf_HMBr9cxZXf7cOUGBQxM2XHranOEpk7SRg2stnI7Zv7z5qF0zlfwSwTKMPlZa6zl6oeVF-7tiZ8ffj2_-tcdVqRdRG3lN0n6tvgybuabXGrrehH9L6-Ig&sai=AMfl-YStZy65i_LEtVXEDmYzhrkHR6y_lW2MD6gM6KxQxH0EnzkD86Vroo0ltN5ZT2C3iSk8Ldwu8K1kiAfnJYVhJKDuCzZFPaT2FJqfo7KVCrHBjA--ne7Tj-fqcuiR2lS8gOqzPcHhH9tFSLrO&sig=Cg0ArKJSzJmrXoSGQGuJEAE&cid=CAQSSwBpAlJWho0lIZXlRjGc7XaYgVF_U8X8IOYdE9zO6XOSLHp7bI9sOZTpYaZv4kGnNBic7HKLCLJMnmj6ZjdU_ruYuiaSgHDixLC0QhgB&id=ampim&o=632,1044&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=518&tls=1518&g=55.714285373687744&h=55.714285373687744&tt=1518&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 IAS_PassbackAds_300x600.png
static.adsafeprotected.com/ Frame 3D40 34 KB
34 KB 69ms
68ms Image
image/png 2600:9000:21f3:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_300x600.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e503fe67eef6d53b7297abd5062e4db7a6b381eaa7d4ac4f8c53a9bb08e248c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: tQgHbMfZoUlj3hcvrSYdqixcUVtCIeBK
date: Fri, 25 Aug 2023 00:48:11 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 477669
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 34357
last-modified: Fri, 18 Feb 2022 23:29:00 GMT
server: AmazonS3
etag: "26e2b461771f6fb855141aa77c859584"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: viJPVQ9RVi974rHM4xwlv2ielp04JRtQLwXyBBzig8pC-CjIcgOMsQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4360 43 B
215 B 146ms
146ms Image
image/gif 2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1563689&asId=aad32586-1a48-5d8c-98d1-2a7564f5a03b&tv=%7Bc:mMWD38,pingTime:-10,time:576,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xNDAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693402159565%7C%7C0178dd3ce689a4f020ea4acbd9ba6a7e%7C%7C0f286e8f7fa153358c622af13d09b529%7C%7C9dbb31e639431101a694901928ee0fa2%7C%7C5ff0bc1015f21064f2c6db3427097ab5%7C%7C29235f1cfc2789709c8edcf073bb1d64%7C%7Cdf04ee95dade89f615a1eb2a8bb0f540%7C%7C567c438bd164bbbf1c5e9348c7646d2c%7C%7C1663701684%7D
Requested by: Host: 4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
URL: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:19 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 234ms
111ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ac85d5d829f0cd20ea297e6ac9dd54f4483e71c37ed31eb9cda02b9599c246d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11625
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 203ms
60ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 11:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5976
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 30 Aug 2023 13:49:43 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4360 42 B
64 B 166ms
166ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYCvEpXsnRRmQ6hYk4kngW_6DJgw9spbfc_n98JfCE4SCwbAM84AXlBjJJerZt828xJ2FKJISZpU4SIklIKtOy3gVYk1xzIji4zBKkHsu0GrnonbHr6FnmJA-66WLh&sai=AMfl-YQx0HAWk7cBxqQTZKx6EZYfPW8dqbblbcFxSnl7nicyo51qGTBqlwVsIDbd8yZzyG56y7Fqi2CMjt8IGmnEspCvLk4FQ-zhCvX9breUjwnLg94s-d7wkryo84QYQEGN-iem5KqH6sZZuJ1j&sig=Cg0ArKJSzFLbkawXf_LJEAE&cid=CAQSSwBpAlJWho0lIZXlRjGc7XaYgVF_U8X8IOYdE9zO6XOSLHp7bI9sOZTpYaZv4kGnNBic7HKLCLJMnmj6ZjdU_ruYuiaSgHDixLC0QhgB&id=lidar2&mcvt=1003&p=420,1288,1024,1588&mtos=400,1003,1003,1003,1003&tos=400,603,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=695725469&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693402157840&rpt=1021&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
205 B 90ms
79ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=941327026&t=pageview&_s=1&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&ul=en-us&de=UTF-8&dt=Solicita%20tu%20Cr%C3%A9dito%20Crediplan%20del%20Banco%20G%26T%20Continental&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=1404684040&gjid=175012386&cid=1100487925.1693402157&tid=UA-146231564-5&_gid=103927234.1693402160&_slc=1&gtm=45He38s0n81T48CH8D&z=1868774698

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 67ms
66ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146231564-5&cid=1100487925.1693402157&jid=1404684040&gjid=175012386&_gid=103927234.1693402160&_u=YCDAiEABBAAAAGAAI~&z=1726761086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Aug 2023 13:29:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 13:29:20 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
272 B 102ms
98ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146231564-5&cid=1100487925.1693402157&jid=1404684040&_u=YCDAiEABBAAAAGAAI~&z=902635186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
107 B 103ms
99ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146231564-5&cid=1100487925.1693402157&jid=1404684040&_u=YCDAiEABBAAAAGAAI~&z=902635186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4B45 13 KB
5 KB 65ms
60ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 7309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 11:27:31 GMT
expires: Thu, 29 Aug 2024 11:27:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D512 829 B
993 B 75ms
73ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7e47fca66a11e4fc01e4703ff0f58bb5a3cd56563b8333d430f5c3f264edfee4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rn_dW2nGw12-Bk6qxgTc0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-Rn_dW2nGw12-Bk6qxgTc0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 13:29:20 GMT
expires: Wed, 30 Aug 2023 13:29:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D512 0
0 158ms
158ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=2157805383288464&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 200 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B45 37 KB
14 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 282872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 06:54:48 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4B45 0
10 B 60ms
60ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8bb5pw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:29:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4360 0
20 B 159ms
158ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7336102866355&version=m202307240101&ct=76&x=1&cor=9821611651444880000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 13:29:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 165ms
164ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=2157805383288464&bg=!MDOlM3zNAAYkVgHwBFY7ADQBe5WfOJ6J_hT0fwO-_MbgduOANDtkfQD9ICSMptL0Gw3K5u7vPpz25i4ptHgizrsaEzSvAgAAAJNSAAAAHGgBB5kCweM7an9A9oO2o4D38vo1fYRYBAbXqhMJRP5WCCQd1KzlCRx1eY870q22UXlSa55Bgokf3lNhLJnV8zfVvRzSsPxxgdb-cKCN1bpNS9vR26IV5um6Wpt6ZCgJKyzPZ4RM0HOvron-hgrO__sFsjuNQQ5c92XTeeoiqFf5Xva3EdGpZ1aFLInrRd2A4S6A74zBsT6FlNSElyjDcnEnVlX9eZD05i3eelmSHc3fYpbmP4DzbhGCGs-K1zwyHfL5_0OFrQUc1_f22AfXxpJijayoRNl5LLeG1aWlrDV7WKs7YXBOTpshMt6tQYu4bWDZE36oL-vis7POXH8l6K8IZUXXw-_yaNOn3r-EXFYZx4FpYWxiD2Eu51ga3ulkajaQydb9Yyaee3vAhqZdnitnnvqUrAZnWlgp2XQ1cSb6rqhBkXQgUqFrosvgxIlxn04mQiQuinC7b61AdZ0LF4eluX80wPuyuBtxs1jvmS3GC4_g4_P8rMwR6_cadW6q_7H01z7t-BrC329ZuZe5ZUkPZYHnYjKWGA3uVXke__ozZXsDmW6GI0GdmeU2XmzgKbv_cfMIzWbtWWU0SFcsCE5z-BcLcfT0BDXV4U-noOQamoPUnRLq_Z342ymN3ukoIq-t09PHIn055XS6RkGjYBKlSZKpPpDPgq88yyEQirt8CLCoVM9VwUPoS2FUpz-donQXboqVtk50JPLpqXT37cu3WpAuINDciYM1qnNgOAkmACzyx8YszW1ezhGP3wQAohoeZtuJ-HQB1U4BTcPhWpipnigYDOt34TCl_r-1k6HaC2jxetiO4dkbgmjzdbeiiRbT71izmMgwZpLYAq9cbms-_-zM2LTRyhZeruBXr0vewrGds-M_jl13tJ7MbhhEnh39c5gKnC17TNCSvSkzzaE8ZNVSfkLN-LX1hsENpc2SDKpNV0h0bA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
utua.com.br/gt-emp-gt-crediplan-p1	1970-01-20 14:24:48	Name: bg_location Value: %7B%22location%22%3A%7B%22country%22%3A%22FI%22%2C%22city%22%3A%22Helsinki%22%2C%22continent%22%3A%22EU%22%2C%22region%22%3A%22Uusimaa%22%2C%22regionCode%22%3A%2218%22%2C%22timezone%22%3A%22Europe%2FHelsinki%22%2C%22latitude%22%3A%2260.21880%22%2C%22longitude%22%3A%2224.87080%22%7D%7D
.utua.com.br/	1970-01-20 16:32:58	Name: _gcl_au Value: 1.1.72723060.1693402157
.utua.com.br/	1970-01-20 14:23:22	Name: lotame_domain_check Value: utua.com.br
.openx.net/	1970-01-20 23:08:58	Name: i Value: 3bb564de-95ff-440f-88cf-abeb63eb5bf9\|1693402157
.criteo.com/	1970-01-20 23:44:58	Name: uid Value: ebe4b368-5e7c-46f5-b27f-2763b3c30245
.utua.com.br/	1970-01-20 23:44:58	Name: cto_bundle Value: esHEEV9ITUpIQUxlWFVJY2FCUnFncXNTeFJQc1kyNGJ5Rk8yNzdBNFpBSGJZYldOejRlZE9uS0t1RjE3aFZFN0d1Ynd5N3RwWFBFcXdadHJza1QzNDRzYm4zVkIlMkZ1UzZORDVNdiUyRlAxJTJGazNJR2phN2RIeXhTSlA2NSUyRiUyRjM1T1RROG5NckVNaVNmbkdrSGFOc01FVHJtWUoyZllnJTNEJTNE
.utua.com.br/	1970-01-20 23:44:58	Name: __gads Value: ID=2dcd7addd51c9a5e:T=1693402156:RT=1693402156:S=ALNI_MbJi3NKTpqqe4qeZ0LSQU5Ohz0uOA
.utua.com.br/	1970-01-20 23:44:58	Name: __gpi Value: UID=00000c6b7ed4a8d0:T=1693402156:RT=1693402156:S=ALNI_MZjFr09OS4WZjZU99V54Np02Srwtg
.utua.com.br/	1970-01-20 23:59:22	Name: _ga_Y1WZWFMSQF Value: GS1.1.1693402157.1.0.1693402157.60.0.0
.utua.com.br/	1970-01-20 21:35:22	Name: bg_anonymousId Value: 3478304f-58cc-48f0-861f-a9a2b5130abe
.doubleclick.net/	1970-01-20 23:59:22	Name: IDE Value: AHWqTUlMg274uwJai4AfyBYhhFGuHH2DKljMmTt0WWW60F-CPBCQRj2dTWaX_x5mkb8
.utua.com.br/	1970-01-20 14:23:23	Name: bg_sessionId Value: f25fd55d-33c7-4023-8a41-8807fe80e22a
.doubleclick.net/	1970-01-20 14:23:25	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 18:42:34	Name: APC Value: AfxxVi62Ecn6e9wCLnJFxy3omZV8Q9xGs3tSW54tjVDWrJdU1zQq3g
.adnxs.com/	1970-01-20 16:32:58	Name: uuid2 Value: 6374567090646496580
.casalemedia.com/	1970-01-20 23:08:58	Name: CMID Value: ZO9ELtx3axOV6flykU5qPwAA
.casalemedia.com/	1970-01-20 16:32:58	Name: CMPS Value: 2133
.casalemedia.com/	1970-01-20 16:32:58	Name: CMPRO Value: 2133
.adnxs.com/	1970-01-20 16:32:58	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>7dUW$G!]tbPl1M>e)ZlrFUfJ+tGXxoXHS1T^EUJEgN`+mD?3b')Cg])u_/!w5c!$WbpRzqF1`b_kU)uEYy
.utua.com.br/	1970-01-20 23:59:22	Name: _ga Value: GA1.3.1100487925.1693402157
.utua.com.br/	1970-01-20 14:24:48	Name: _gid Value: GA1.3.103927234.1693402160
.utua.com.br/	1970-01-20 14:23:22	Name: _dc_gtm_UA-146231564-5 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4dc2e06d234e5c550eb5d4de471fd1f4.safeframe.googlesyndication.com
assets.begrowth.com.br
bcp.crwdcntrl.net
bucket.utua.com.br
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
location.begrowth.com.br
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
region1.analytics.google.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
utua.com.br
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.226
162.19.138.118
178.250.1.11
185.80.39.216
2001:4860:4802:32::35
2001:4860:4802:34::36
216.58.206.34
2600:1f18:1aca:4281:2379:b3cd:dfd4:d41d
2600:9000:21f3:b200:8:48e:53c0:93a1
2600:9000:2250:3e00:a:e047:753:6381
2606:4700:10::6816:29
2606:4700:10::ac43:1b40
2606:4700:10::ac43:266a
2606:4700:20::681a:551
2606:4700::6810:5814
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:801::2006
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9b
2a02:2638:3::3
2a02:2638:d::d
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
37.252.172.123
52.19.229.56
52.222.139.100
52.31.175.73
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f4def8bcf4602930631d840367cf676aadfd92a89118222c0ef3ee2584631fe
0f76612a35f464f6e61ac7f90b1457b4da987e747053469869bcdaa7e5fc3ae3
10b5ed98c1c669333e381edd9834e3ed35c578bb0347884887526ff53d3082d6
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
16080bd80022ff137957a5360167505c841a5ad9efc36d4e909f522234351b34
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1caa8123cf928d65ed3faf9f7b2372e64f5ece0383c7a2049ed0dac82e174814
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e96fedf15d68453deaa1fb3bfdfb2849ba0b23b42f990d2b8dd8a5e35b6a229
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d99965d2b9b983514ec89785ddc6db3d33aeffc0e8c317bbd81ab6168424e3
5b542fa63865c7855e651a48910a341dfdd0508ec6f293e1253537b2778e2742
5b7b259a87df556c5752105da739eaaf0142a9b2c83fec6fd092501f90bc5817
5bbe0257e3a06cb33479f082f09548a98819e63b4d80f7857db2c17a6195729b
5be9717ba973ccaabdd9e2038a32145503c8358a01125498b8774db6354a0a40
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ab4223d5cac8387e50214f0c9529a8e00f3d77229ed3fe9a172425c7163b0cb
71ac7258a5b4c47c7dd590c016dd547d4a2792a125e367a342a2780efa30c854
75f09ebeb95359be845a9da895f4c553810aa626f7e63433d0d7f79f688ed42a
7ac85d5d829f0cd20ea297e6ac9dd54f4483e71c37ed31eb9cda02b9599c246d
7e47fca66a11e4fc01e4703ff0f58bb5a3cd56563b8333d430f5c3f264edfee4
837df75f4667bd839cb180f83343b234b0c7a4031aee92f93d8e43411e297e09
8e503fe67eef6d53b7297abd5062e4db7a6b381eaa7d4ac4f8c53a9bb08e248c
90794d79592dade01fa5cd13cf6dc2a026ff2111bdeb7d1bab27e7e81a1af33e
9aabc95877405be6d241a9c2aac270eb9f0da56062d1cbc78c922eaf9004c8b5
9b40f033d1afd3d098bdf46a434a34eab56530ffc6af093aea2e432da444774b
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab8154bbb82f41f4009ccb93d75bdda93b9feae5c9af58cf19b7f469f326e2b6
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b99e2ac0acd1e779f2db8aa9fc92e5901207ad6150689a5318163a70ee667157
baabe841a183f789441505ad8d2db2ebc7ef4327f1ed1df9b3833ce62b2288e0
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
d3a73279971409038dd7c54ee5f2240ac88afb88b833d88f7d9c47e01ef48940
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f085eacb16e19b129f0270067e1dc18499edbb2d58764be3a1da3da491c40a47
f39e493d44f1322c379953233b13fd5bafeb1445796750813f957310d567d764
f4f4f508004414e79ecdf9b7c8499941cbf3f9e6cb359395457e279e5e56fb52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fb935ba57fd223c02ca04478439b61d059a6518d1be0c13fac1d9f09029b0dee
fd0f4a91fcfd33700f0038f09a0e1999632b45a664f5134de0016fd5c6f453f1

utua.com.br Open in urlscan Pro 2606:4700:10::ac43:1b40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

94 %HTTPS

68 %IPv6

26 Domains

42 Subdomains

42 IPs

6 Countries

1424 kBTransfer

4079 kBSize

22 Cookies

0 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

utua.com.br Open in urlscan Pro
2606:4700:10::ac43:1b40 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

94 %
HTTPS

68 %
IPv6

26
Domains

42
Subdomains

42
IPs

6
Countries

1424 kB
Transfer

4079 kB
Size

22
Cookies

131 HTTP transactions
3 data transactions