www.2viaboleto.com.br Open in urlscan Pro
178.63.88.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://2viaboleto.com.br/
Effective URL:
https://www.2viaboleto.com.br/
Submission: On April 11 via automatic, source certstream-suspicious (April 11th 2023, 1:56:11 am UTC) — Scanned from DE

Summary HTTP 267 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 36 domains to perform 267 HTTP transactions. The main IP is 178.63.88.48, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.2viaboleto.com.br.
TLS certificate: Issued by R3 on April 9th 2023. Valid for: 3 months.

This is the only time www.2viaboleto.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	178.63.88.48 178.63.88.48	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
26	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
3 8	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 46	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
11	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
7 27	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 3	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	104.111.217.14 104.111.217.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:398b:a04b:d794:3da4	16509 (AMAZON-02) (AMAZON-02)
1 2	52.17.224.68 52.17.224.68	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 6	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.127.174.158 3.127.174.158	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:ea00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:1ac... 2600:1f18:1aca:4282:cd41:a734:78b:e433	14618 (AMAZON-AES) (AMAZON-AES)
267	39

34 178.63.88.48 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: brworks.com.br

2viaboleto.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.2viaboleto.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

web.webpushs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.185.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.0.66 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.14 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:398b:a04b:d794:3da4 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.224.68 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-224-68.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 4 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.217.42 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.174.158 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-174-158.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.40 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:ea00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:1aca:4282:cd41:a734:78b:e433 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	707 KB
55	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 335	312 KB
34	2viaboleto.com.br 1 redirects 2viaboleto.com.br www.2viaboleto.com.br	842 KB
29	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com	451 KB
11	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 444	35 KB
11	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 299	117 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 803 static.adsafeprotected.com — Cisco Umbrella Rank: 591 dt.adsafeprotected.com — Cisco Umbrella Rank: 548	98 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	438 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	5 KB
6	teads.tv 3 redirects sync.teads.tv — Cisco Umbrella Rank: 1320	1 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 779	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569	3 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 7832 www.google.de — Cisco Umbrella Rank: 5216	1 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 584	2 KB
3	travelaudience.com 3 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6349	931 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	3 KB
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 828	678 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 830	2 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1557	485 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1971	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 368	529 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3163	207 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 913 r.turn.com — Cisco Umbrella Rank: 3710	869 B
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 284	747 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	webpushs.com web.webpushs.com — Cisco Umbrella Rank: 45821	49 KB
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 712	463 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 340	464 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1912	173 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 652	546 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 507	876 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	715 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	608 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	44 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
267	36

	Domain	Requested by
46	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net www.2viaboleto.com.br tpc.googlesyndication.com
33	www.2viaboleto.com.br	www.2viaboleto.com.br
32	pagead2.googlesyndication.com	www.2viaboleto.com.br googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com
27	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
25	googleads.g.doubleclick.net	www.2viaboleto.com.br googleads.g.doubleclick.net pagead2.googlesyndication.com
11	js-agent.newrelic.com	www.2viaboleto.com.br
11	www.gstatic.com	googleads.g.doubleclick.net
9	s0.2mdn.net	www.2viaboleto.com.br s0.2mdn.net googleads.g.doubleclick.net
9	www.googletagservices.com	googleads.g.doubleclick.net
8	www.google.com	3 redirects www.2viaboleto.com.br googleads.g.doubleclick.net
7	fonts.googleapis.com	googleads.g.doubleclick.net
6	sync.teads.tv	3 redirects googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	dt.adsafeprotected.com	googleads.g.doubleclick.net
4	image6.pubmatic.com	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
3	ads.travelaudience.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	www.2viaboleto.com.br
3	adservice.google.de	www.2viaboleto.com.br
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.2viaboleto.com.br
2	onetag-sys.com	2 redirects
2	pm.w55c.net	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects www.2viaboleto.com.br
2	e.dlx.addthis.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	bam.nr-data.net	www.2viaboleto.com.br
2	www.google-analytics.com	www.2viaboleto.com.br
2	web.webpushs.com	www.2viaboleto.com.br
1	cms.quantserve.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	www.google.de	www.2viaboleto.com.br
1	stats.g.doubleclick.net	www.2viaboleto.com.br
1	partner.googleadservices.com	www.2viaboleto.com.br
1	www.googletagmanager.com	www.2viaboleto.com.br
1	2viaboleto.com.br	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
267	51

This site contains links to these domains. Also see Links.

Domain
www.fabiolobo.com.br

Subject Issuer	Validity	Valid
2viaboleto.com.br R3	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
web.webpushs.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-06` - `2024-01-16`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-01` - `2023-05-08`	2 months	crt.sh

This page contains 35 frames:

Primary Page: https://www.2viaboleto.com.br/
Frame ID: A1FDBE84C9003E33872F76CB457FCD3A
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html
Frame ID: AD5C4CE9C7A89263F3FE11A7C55AF77C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&adk=1812271804&adf=3025194257&lmt=1681134255&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178166078&bpp=10&bdt=131&idt=132&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4008029446492&frm=20&pv=2&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=167
Frame ID: 98F6B15953AC51C7AAD4FAA5EDFB1AA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1200x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178166089&bpp=2&bdt=142&idt=180&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=a4U5QoGRUE&p=https%3A//www.2viaboleto.com.br&dtd=185
Frame ID: 55C60308B772995B1464CF8A490A9E8E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3F21948A394E8AA4400E1A730647F3E2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: 223CCDFE8A4E3F56F0F9727E642F0807
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XJphJo3bn3&p=https%3A//www.2viaboleto.com.br&dtd=28
Frame ID: A86EF0391E2F90621A978904835E9127
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1456288602&adf=2222756707&pi=t.aa~a.631950499~rp.3&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9Ocb91VE0I&p=https%3A//www.2viaboleto.com.br&dtd=32
Frame ID: 2358B26B27D85DE60012D30599739BEB
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3759&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=QuPeA6Oap2&p=https%3A//www.2viaboleto.com.br&dtd=35
Frame ID: 11491EB274790C9346C3562D15222BF8
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38
Frame ID: 862893865CA4144C670169B0972E05C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: 59023DD5C6EC182C66022E2469E5EB8B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: C82D70147C0B0426DAD9CA093376C0D4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: 18039D1B73BF89EB43C6D8A0CD86C41A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: FA9B1DD403492D0E90148965796C81E3
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F54306B20861037C874133BE4B819AC8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A3D5F12BFB1AA083B258416DBAF37E8
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C3C92F48F5E5A6D4E470E22D4C3177F7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A12B94AC6D85B4F7A320C059979323A1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B91D350C3E43042BEF1672D6022841DA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: 8AABD60D79B4CCF7FB6777A5D1FC82DC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: 672D56324D22F4C4295369162E1A9A6B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: E20205BDD7661401CB11E063093351E4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: 0D2E9BC8E3DE8B82E173D7C0DA446D68
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWhTENlRYVlMsIw3PYkUXpfSpREypB0ecau8nT_xeXHhhCnKQ7jxd0gw58IpYLBWG_6WIUY_pAydU-u__kahSCm5wO7cxGnQDzI8e6p7h16tViKqkUUWIfeVXXqwrxsNNrWzGXz7cUsyVTbnYwbc0TfIOSDjEV1bNJfZJqB-Wxzoz1ucMc
Frame ID: B2FFE7986EA877702087085D3CC1C818
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: F8F544210CF7625CB70F3C6F8D566690
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 70CD6FB42C7E17C99F0EB45DAFE27BE2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C84E8552DBBB609182D7775BEF99D8B1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 278A34BDBEF6A6F47DE937C121BD2F04
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: C77F5BC6295F305F7A36755060BE9E5C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: 91E3DC24F37BB63FD99B5A1D9CA12345
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: F2170B4AE90990910922E041E9E4444D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 161D7E4E0F41232E3FD51C0E671D537F
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
Frame ID: A9EA473A5A357D59A9B2F193FEB087B8
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1571AE60BC8E4508A27C6653BED8E6CB
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2BF81756B06B2835E8D53BCADB58C3FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2ª VIA BOLETO - Coelba - Sabesp - Vivo - Oi - CAIXA - CELPA - CPF - CELESC - BV - FIES - CONTA TELEFONICABuscaBuscaFechar buscaMenuFechar menu

Page URL History Show full URLs

https://2viaboleto.com.br/ HTTP 301
https://www.2viaboleto.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

267
Requests

90 %
HTTPS

54 %
IPv6

36
Domains

51
Subdomains

39
IPs

8
Countries

3126 kB
Transfer

6983 kB
Size

37
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fabiolobo.com.br/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://2viaboleto.com.br/ HTTP 301
https://www.2viaboleto.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 164

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 187

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCqpu7PvwEQ9AMY9AMyCKQ-VZyV5NRd HTTP 301
https://tpc.googlesyndication.com/simgad/13077851810460907941

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAI1zBWR1Hrn9uEe_B9RSOM&google_cver=1

Request Chain 199

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZDS.OOWZkqxWQCoKvuV0.gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAI1zBWR1Hrn9uEe_B9RSOM&google_cver=1&google_hm=2

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGXljsZMEW7ZTl9zWMyV6ak&google_cver=1

Request Chain 201

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxMzk5NDYxMTA4Nzg1MDgxNw%3D%3D

Request Chain 210

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJHMfgyCeKH55MTPnLdKkj4&google_cver=1&google_push=Aer7DvLj4LahcHjzeXPgi74cxeqV9V1OXRrLJYBYA_aMbEaywdRu009I5IlnVeknOtVCk7dVTyxH80vFzTaJH7iXrT0HWtb-zBQwU24A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc0NDYyMjc2MTE5Mjc4NTg4Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJHMfgyCeKH55MTPnLdKkj4&google_cver=1

Request Chain 213

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPbryxPEppcDjxLskrRu-b4&google_cver=1&google_push=Aer7DvIuxKLqVpdhtbSVYV8k4PRM4g-34__FI6CXTQyRDzHYELKLx9JyhTU_pn7c99fyZS9dkxKoSorajfULEdrH7F0T8aaJYmkZZtsV HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4iqgeYdDSb61KgCX7kvJNQ2&google_push=Aer7DvIuxKLqVpdhtbSVYV8k4PRM4g-34__FI6CXTQyRDzHYELKLx9JyhTU_pn7c99fyZS9dkxKoSorajfULEdrH7F0T8aaJYmkZZtsV

Request Chain 214

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAer7DvIHkK-yHUvMkP7o3j2SJ4EOy_bBMpUghBeWRoDhip4kaaqaa-YT7loReNIIW3gZ1ycMx3WyB2aN_k_VIRVU2kXoT-sCCm4-jyl0&google_gid=CAESEI8H-fax3uPxjD_C274TK4I&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAer7DvIHkK-yHUvMkP7o3j2SJ4EOy_bBMpUghBeWRoDhip4kaaqaa-YT7loReNIIW3gZ1ycMx3WyB2aN_k_VIRVU2kXoT-sCCm4-jyl0&google_gid=CAESEI8H-fax3uPxjD_C274TK4I&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA0MTEwMTU2MDgwMDAxMjMyNzc5NTI1Nw%3D%3D&google_push=Aer7DvIHkK-yHUvMkP7o3j2SJ4EOy_bBMpUghBeWRoDhip4kaaqaa-YT7loReNIIW3gZ1ycMx3WyB2aN_k_VIRVU2kXoT-sCCm4-jyl0

Request Chain 215

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEItjBxEMOC_pst1sOw-Aa8E&google_cver=1&google_push=Aer7DvKjxIRebn_dZ1enBNx_36FtS3nCo0x5mwL6-ygAWphcs8pCfRV54EGBvTeHiolmtvstrZZZUNKpT0xDGJWALjxOr3tAM3PydAl0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKjxIRebn_dZ1enBNx_36FtS3nCo0x5mwL6-ygAWphcs8pCfRV54EGBvTeHiolmtvstrZZZUNKpT0xDGJWALjxOr3tAM3PydAl0&google_hm=eS0xM3JDbVVsRTJwRjllWXBVRjl1dkhXSEl0TFY0NnRaSX5B

Request Chain 230

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELR129Fw50kP0WkWcP5JuHE&google_cver=1&google_push=Aer7DvJ0GDfHSYvuawlX_PcMhswej7But89jofyyEiGS5JBfAChUfCJyRXOuX9WIkv0iTCVJR-Osup-awB1xTJlb_K3eoTu2Ef-nU9o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJ0GDfHSYvuawlX_PcMhswej7But89jofyyEiGS5JBfAChUfCJyRXOuX9WIkv0iTCVJR-Osup-awB1xTJlb_K3eoTu2Ef-nU9o

Request Chain 231

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJYL0gMbUQCTEnomk8GgXaE&google_cver=1&google_push=Aer7DvKiDzPq481A552rcj4GpgnxQEAK9bQHufTCZDrZIAgq6Jju4w-mKFTas5SDdYNN6NWB61gsgWOyU6g5XdGRfwg2PjSZviYJ8Z0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJYL0gMbUQCTEnomk8GgXaE&google_push=Aer7DvKiDzPq481A552rcj4GpgnxQEAK9bQHufTCZDrZIAgq6Jju4w-mKFTas5SDdYNN6NWB61gsgWOyU6g5XdGRfwg2PjSZviYJ8Z0

Request Chain 233

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPbryxPEppcDjxLskrRu-b4&google_cver=1&google_push=Aer7DvJRktiEFCCznxc6FvjUwxPhqRKgihJC8K4Z2cw0jNPoU-lmJ1XPpRMwXlJeO54ur7CJrbzTAfmMVok1UCsd3GyCyEZF5jX5C7k HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4iqgeYdDSb61KgCX7kvJNQ2&google_push=Aer7DvJRktiEFCCznxc6FvjUwxPhqRKgihJC8K4Z2cw0jNPoU-lmJ1XPpRMwXlJeO54ur7CJrbzTAfmMVok1UCsd3GyCyEZF5jX5C7k

Request Chain 235

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAGJndU7jHasqIP42K81q8I&google_cver=1&google_push=Aer7DvKU-DonBl6nxYW-kTcSUHEeQg4AsT1aL2Z4I2_HuKIXho_hWliCr1GbOxsTeO6JMJU7d1M8Po1e4f0lN1r2nXsrpNySV0up9Z0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAGJndU7jHasqIP42K81q8I&google_cver=1&google_push=Aer7DvKU-DonBl6nxYW-kTcSUHEeQg4AsT1aL2Z4I2_HuKIXho_hWliCr1GbOxsTeO6JMJU7d1M8Po1e4f0lN1r2nXsrpNySV0up9Z0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oSUvma06R_aS-cp8pytcUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKU-DonBl6nxYW-kTcSUHEeQg4AsT1aL2Z4I2_HuKIXho_hWliCr1GbOxsTeO6JMJU7d1M8Po1e4f0lN1r2nXsrpNySV0up9Z0

Request Chain 236

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKQBHqnAuwvSQrpEOGsF_BA&google_cver=1&google_push=Aer7DvKUmfnavxzz7WeCFJI-U6Vr8HtGzNE3l1W_8T1jV791KSBFpNCq-XdsxBw2JFRtKInNB-4URcakXMHgfFACwA9cbni_9xu9Xt8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvKUmfnavxzz7WeCFJI-U6Vr8HtGzNE3l1W_8T1jV791KSBFpNCq-XdsxBw2JFRtKInNB-4URcakXMHgfFACwA9cbni_9xu9Xt8 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 239

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKQ708IP3FcGra_Viwws9v8&google_cver=1&google_push=Aer7DvJTVm2SjZKTqAvMuY4dc1rhrUwJVmnzMWO2MHWAReDQZfYffRah_LpM9hPCgkYolHngb2I5tO6TiyDcOrsedDf9m2fG2uYlaGA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKQ708IP3FcGra_Viwws9v8&google_cver=1&google_push=Aer7DvJTVm2SjZKTqAvMuY4dc1rhrUwJVmnzMWO2MHWAReDQZfYffRah_LpM9hPCgkYolHngb2I5tO6TiyDcOrsedDf9m2fG2uYlaGA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eTFnbnJ4bmcxUE0zZVU1&google_gid=CAESEKQ708IP3FcGra_Viwws9v8&google_cver=1&google_push=Aer7DvJTVm2SjZKTqAvMuY4dc1rhrUwJVmnzMWO2MHWAReDQZfYffRah_LpM9hPCgkYolHngb2I5tO6TiyDcOrsedDf9m2fG2uYlaGA

Request Chain 240

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAU4qyoVmo3gen3t9VgwhR4&google_cver=1&google_push=Aer7DvLEgOuLiq4_CWRPcJOwzCx_RL36tRMfkBFXtrKHuekxgjgmEFj88jj7wxs7jG3rG_xFpGPyvvmQKkio4_tCpAo0Y1EwU1e62w HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAU4qyoVmo3gen3t9VgwhR4&google_cver=1&google_push=Aer7DvLEgOuLiq4_CWRPcJOwzCx_RL36tRMfkBFXtrKHuekxgjgmEFj88jj7wxs7jG3rG_xFpGPyvvmQKkio4_tCpAo0Y1EwU1e62w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQzMDAyNDExODI0Mzg4MTQx&google_push=Aer7DvLEgOuLiq4_CWRPcJOwzCx_RL36tRMfkBFXtrKHuekxgjgmEFj88jj7wxs7jG3rG_xFpGPyvvmQKkio4_tCpAo0Y1EwU1e62w

Request Chain 241

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAGJndU7jHasqIP42K81q8I&google_cver=1&google_push=Aer7DvLRtj2fvw_KKdQGxJUIQejhNNVEA3urD-klLoP6-W71HfPXchEtKzodScA0iqzy4pTMCLH6SSrfGvr4iqf2TA1XXLtIiN6dZrI HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAGJndU7jHasqIP42K81q8I&google_cver=1&google_push=Aer7DvLRtj2fvw_KKdQGxJUIQejhNNVEA3urD-klLoP6-W71HfPXchEtKzodScA0iqzy4pTMCLH6SSrfGvr4iqf2TA1XXLtIiN6dZrI&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V0nvPR8RTaqIRoALSDxwuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLRtj2fvw_KKdQGxJUIQejhNNVEA3urD-klLoP6-W71HfPXchEtKzodScA0iqzy4pTMCLH6SSrfGvr4iqf2TA1XXLtIiN6dZrI

Request Chain 242

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK2nJnY5MO_gwkdunY29280&google_cver=1&google_push=Aer7DvJiqPM6Gx0j0HWDvNlOD2K6RO0dj2Mj18GSKUDzH-FQdX7li2H_cQqJRThFtQ7tdmWgZ0NhSECenr1YT7MJMd3XgbXhhMlTi4g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdCTTJPWFMtMU8tSk45WA==&google_push=Aer7DvJiqPM6Gx0j0HWDvNlOD2K6RO0dj2Mj18GSKUDzH-FQdX7li2H_cQqJRThFtQ7tdmWgZ0NhSECenr1YT7MJMd3XgbXhhMlTi4g

Request Chain 243

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECAx0lQ36uRfXLFPKxfge0Q&google_cver=1&google_push=Aer7DvKoR0LTA9QBIweMF8zJxvB25LFBT4gUfKBG0LyORArWwXhm_u1H9to8VlIlYWf6Ozx7pc2Khtwpfo4Z98NH8BiVY4_lQRpxY_Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKoR0LTA9QBIweMF8zJxvB25LFBT4gUfKBG0LyORArWwXhm_u1H9to8VlIlYWf6Ozx7pc2Khtwpfo4Z98NH8BiVY4_lQRpxY_Y

Request Chain 244

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKQBHqnAuwvSQrpEOGsF_BA&google_cver=1&google_push=Aer7DvJqjWH4oSZr5PhvaouxwS6rZ8ltk2fuNFxudbXkZ5hgjQWJByHg8WKXO9K19QtOrhwonSoR3wKgKFR_gCPSM5WZ2ZDEKHlDOlrP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvJqjWH4oSZr5PhvaouxwS6rZ8ltk2fuNFxudbXkZ5hgjQWJByHg8WKXO9K19QtOrhwonSoR3wKgKFR_gCPSM5WZ2ZDEKHlDOlrP HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 254

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-1114895170912147&ias_chanId=1&ias_placementId=19422215943&bidurl=https://www.2viaboleto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ga0RyAOKJIDoNOHJ-LL7BN&adContainerId=brand_safety_OL40ZMm3DY_Lx_AP54iakA8&cbFunctionName=goog_wrapCb_OL40ZMm3DY_Lx_AP54iakA8&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.2viaboleto.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1114895170912147%26output%3Dhtml%26h%3D280%26adk%3D3172338258%26adf%3D1031923888%26pi%3Dt.aa~a.3912855863~rp.1%26w%3D350%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1681134255%26rafmt%3D1%26to%3Dqs%26pwprc%3D4327041981%26format%3D350x280%26url%3Dhttps%253A%252F%252Fwww.2viaboleto.com.br%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1681178167297%26bpp%3D1%26bdt%3D1350%26idt%3D1%26shv%3Dr20230405%26mjsv%3Dm202304040101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D65b6a6f296f1ffe5-227175598ddd005f%253AT%253D1681178166%253ART%253D1681178166%253AS%253DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw%26gpic%3DUID%253D00000bd3c6c87543%253AT%253D1681178166%253ART%253D1681178166%253AS%253DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ%26prev_fmts%3D0x0%252C1200x280%252C1110x280%252C1110x280%252C1110x280%26nras%3D6%26correlator%3D4008029446492%26frm%3D20%26pv%3D1%26ga_vid%3D786532526.1681178166%26ga_sid%3D1681178166%26ga_hid%3D2098980033%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1005%26ady%3D4721%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C31073487%26oid%3D2%26psts%3DAHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1%26pvsid%3D2363830916624219%26tmod%3D1320913893%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D6%26uci%3Da!6%26btvi%3D4%26fsb%3D1%26xpc%3DAO6m8SvKzn%26p%3Dhttps%253A%2F%2Fwww.2viaboleto.com.br%26dtd%3D38&adsafe_type=bed&adsafe_jsinfo=,id:1f2a65a7-ed55-969a-ef79-2162fe172517,c:9rbNzR,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-ggl2t,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tB52gyR+11%7C12%7C131%7C132%7C141%7C142%7C151%7C152%7C161%7C162%7C171*.990511-61634100%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C191%7C192%7C1a1%7C1b1%7C1c%7C1d,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:27,oid:06e6cf0d-d80c-11ed-bad6-1230aaeccde5,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 258

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPbryxPEppcDjxLskrRu-b4&google_cver=1&google_push=Aer7DvKOU246Ye4EbuphTC_a5cAtlE5g40ba_Pv6OVUfpPcqfikbtSejJnGKEmypx8HyibNQ9CQQ30EbNodZUOfg0zmU30RTeD5ZNux5 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4iqgeYdDSb61KgCX7kvJNQ2&google_push=Aer7DvKOU246Ye4EbuphTC_a5cAtlE5g40ba_Pv6OVUfpPcqfikbtSejJnGKEmypx8HyibNQ9CQQ30EbNodZUOfg0zmU30RTeD5ZNux5

Request Chain 259

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAU4qyoVmo3gen3t9VgwhR4&google_cver=1&google_push=Aer7DvImnfVEj8qqIoOYLSZ0BPAZb8E4uJIBdNWdu-eZEXdYt6HQAsH57hDsWnyhDxiztkYHOz1WNzKAxLxEf9_Yxs8RS8ieKOOcbQkY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQzMDAyNDExODI0Mzg4MTQx&google_push=Aer7DvImnfVEj8qqIoOYLSZ0BPAZb8E4uJIBdNWdu-eZEXdYt6HQAsH57hDsWnyhDxiztkYHOz1WNzKAxLxEf9_Yxs8RS8ieKOOcbQkY

Request Chain 261

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECAx0lQ36uRfXLFPKxfge0Q&google_cver=1&google_push=Aer7DvIUKCWfD5ZGVYeKOgRE8Ooek6VK5E6V-RgOJeF5DH-ZKhM6SP-iIu9lcAgqDIUDl0Bh0MyAq-416jlaI7tAxafhptLN4RchdMPK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIUKCWfD5ZGVYeKOgRE8Ooek6VK5E6V-RgOJeF5DH-ZKhM6SP-iIu9lcAgqDIUDl0Bh0MyAq-416jlaI7tAxafhptLN4RchdMPK

Request Chain 262

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKQBHqnAuwvSQrpEOGsF_BA&google_cver=1&google_push=Aer7DvLYHBtF_XK5dyWZB2-BU4mshF-rPgN58yx4az59zi8lPeH4IINrjxau5NxzLmzsgaa-Kp8IZ0vnqIhvtE8YWxwMR_BIzteylc_urQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLYHBtF_XK5dyWZB2-BU4mshF-rPgN58yx4az59zi8lPeH4IINrjxau5NxzLmzsgaa-Kp8IZ0vnqIhvtE8YWxwMR_BIzteylc_urQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

267 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.2viaboleto.com.br/
Redirect Chain

https://2viaboleto.com.br/
https://www.2viaboleto.com.br/

136 KB
29 KB

308ms
42ms

Document
text/html

178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

fbb97be144b418f5406cf04c9c39058299b24a00cc2b81d897c23c5e0151e8a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 11 Apr 2023 01:56:05 GMT
last-modified: Mon, 10 Apr 2023 13:44:15 GMT
server: nginx-rc
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 174
content-type: text/html
date: Tue, 11 Apr 2023 01:56:05 GMT
location: https://www.2viaboleto.com.br/
server: nginx-rc/1.21.4.1

GET
H2 200 ibmplexsans-bold-webfont.woff2
www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ 26 KB
26 KB 15ms
14ms Font
font/woff2 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ibmplexsans-bold-webfont.woff2

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

2197d977fd86c0ce36c2db29da04a3e9bb4dbc64ddac67519f379dbd37fd0fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.2viaboleto.com.br/
Origin: https://www.2viaboleto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-6724"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:05 GMT

GET
H2 200 ibmplexsans-bold-webfont.woff
www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ 33 KB
34 KB 15ms
15ms Font
font/woff 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ibmplexsans-bold-webfont.woff

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

9eef1086914a261727440b5426f1a4422e0ede94cde641136286bd25d8d49e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.2viaboleto.com.br/
Origin: https://www.2viaboleto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-84f0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:05 GMT

GET
H2 200 ibmplexsans-regular-webfont.woff2
www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ 26 KB
26 KB 15ms
15ms Font
font/woff2 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ibmplexsans-regular-webfont.woff2

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

c8dfbbfebd0fa034a8bc6731e0ca1a4e96ad040cc4954fcedf0e78cc33568833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.2viaboleto.com.br/
Origin: https://www.2viaboleto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-67a0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:05 GMT

GET
H2 200 ibmplexsans-regular-webfont.woff
www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ 33 KB
33 KB 16ms
15ms Font
font/woff 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/fonts/ibmplexsans-regular-webfont.woff

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

4bcde2058847d8c4fe4fb2ba5b0bb8c48eadf51c371e4e3bbce3c1bb09808063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.2viaboleto.com.br/
Origin: https://www.2viaboleto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-8474"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 43ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-53198037-1

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb3ed37d3cbb3b8fb1304e96aeadfa575bde07a59c32634598123fb477319db0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44638
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Apr 2023 01:56:06 GMT

GET
H2 200 classic-themes.min.css
www.2viaboleto.com.br/wp-includes/css/ 217 B
400 B 24ms
24ms Stylesheet
text/css 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-includes/css/classic-themes.min.css

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 19 Dec 2022 18:59:13 GMT
server: nginx-rc
etag: W/"63a0b481-d9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:05 GMT

GET
H2 200 theme-structure.min.css
www.2viaboleto.com.br/wp-content/cache/min/1/wp-content/themes/brw/assets/styles/ 28 KB
6 KB 23ms
23ms Stylesheet
text/css 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/cache/min/1/wp-content/themes/brw/assets/styles/theme-structure.min.css?ver=1653932839

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

6e51b1506ae8b2c4acec4dfc6aa5e5ff817462d3a67e2bfdf0a5f633b6b7d379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 May 2022 17:47:19 GMT
server: nginx-rc
etag: "62950327-1578"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
content-length: 5496
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:05 GMT

GET
H2 200 theme-home.min.css
www.2viaboleto.com.br/wp-content/themes/brw/assets/styles/ 1 KB
626 B 24ms
23ms Stylesheet
text/css 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/styles/theme-home.min.css

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

2b7857735f209a7446ddba4f53920335b47b2862486f4cb53346fb89f608b1db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-590"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:05 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 50ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1114895170912147

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05532314e093de631b97da67a88020feb8e029aa169103bb0fc95853a39a6ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Origin: https://www.2viaboleto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48195
x-xss-protection: 0
server: cafe
etag: 4399815842877547088
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:06 GMT

GET
H2 200 caa4874afbd217c7e7faff3d407ec9cc_1.js Show response
web.webpushs.com/js/push/ 116 KB
37 KB 155ms
38ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/js/push/caa4874afbd217c7e7faff3d407ec9cc_1.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

5c7fe66186bd39c8189568917d9a4e849f4dc404e39def5278606f35ed35e6a2

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 wss://ws.binotel.com:9002 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng sendpul.se .sendpul.se trckln.com .loginsrc.com .routee.net .routee.net:444 .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com revisionme.pages.dev .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com s3.eu-central-1.amazonaws.com .googleoptimize.com .privatbank.ua .cardinalcommerce.com viacep.com.br 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 11 Apr 2023 01:56:06 GMT
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options: nosniff
content-encoding: gzip
x-cache: MISS
x-77-cache: MISS
x-xss-protection: 1; mode=block
x-77-nzt: AZySIRD9JG6h
x-sp-ma: sp-ma-0
last-modified: Tue, 23 Nov 2021 20:42:06 GMT
server: CDN77-Turbo
etag: W/"1d021-5d17ac64285e8"
x-77-nzt-ray: f6587a1da6e482f936be34647703ba06
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
x-sp-pr: lpr-02
cache-control: max-age=604800
expires: Tue, 18 Apr 2023 01:56:06 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c40ed179b696f5690385254e6d461ae5e8396729af33955e70dfb2482ce00d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03037ab6da2abbc92f5a9d15b9a26aa4c99c428fd944c350b3a09b71d8754845

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f35f122e6ce4a1a7716ec5195343a95677ce8b6499637d3dac5388c178883d7e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72957e5c2b234ae7cde201e06138eb4d692d5508d4e21a7d27cc7074813c4832

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34e0bb5c5ed1184e6452cf7562faf332af1a26e95e50e035ff0a9f7065e6df9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bbc1ede5c163301e776b1bd1307275e343af6a94e38e470a3530dbc78bf0959

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2de5dbb6c7491affb6ca7b92ba29bb712bfd7e73ad36786c3fb0ba57c86e73d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7386aad4c22ce930ab59252ee045f6f9f0ebc86899b3f9b50b7cc9a4179b98b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bbcf1b601485bcd74630815ea6180a77c56c6bfe481b36b00240a76211cfb18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c8aee8e0b70fff05f1923310674a6b79d401e65f642d291e15ba779dd1035df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 997c2317aa5c7a37d5fad9bfbf40c4a78227ebf8036edf76c0083eb77bff479f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 frontend-gtag.min.js Show response
www.2viaboleto.com.br/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 12 KB
3 KB 16ms
15ms Script
application/javascript 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

23eb134e746f1e5c265c5d33d045af48c444617adaa281fb993d6070bdc04c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 01 Apr 2023 07:29:50 GMT
server: nginx-rc
etag: W/"6427dd6e-2e3b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 lazysizes.min.js Show response
www.2viaboleto.com.br/wp-content/themes/brw/assets/scripts/ 7 KB
3 KB 12ms
11ms Script
application/javascript 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/scripts/lazysizes.min.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

aa51c452743520d3d7be8569341b9c4b6e2174975e6f4e30cb74d93d27f38349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-1bee"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 scripts.min.js Show response
www.2viaboleto.com.br/wp-content/themes/brw/assets/scripts/ 2 KB
794 B 12ms
11ms Script
application/javascript 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/themes/brw/assets/scripts/scripts.min.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

3d8aff3488c1f0cf82473f1d958bd176e445282c3caaeb32a4f1c09c427e9be1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 12:44:31 GMT
server: nginx-rc
etag: W/"628b81af-79a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 lazyload.min.js Show response
www.2viaboleto.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 12ms
12ms Script
application/javascript 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 09 Apr 2023 14:51:39 GMT
server: nginx-rc
etag: W/"6432d0fb-22bc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 Roraima-Energia-Segunda-via-Aprenda-a-emitir-a-sua-fatura.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/04/ 86 KB
87 KB 14ms
12ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/04/Roraima-Energia-Segunda-via-Aprenda-a-emitir-a-sua-fatura.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

46eb2c7fbf538502ff94d1a49d8333ee9e396ab5610ba8f0fe86dcdfc2125d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 18 Apr 2022 13:26:21 GMT
server: nginx-rc
etag: W/"625d66fd-159da"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 Agespisa-Segunda-Via-Saiba-mais-.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/02/ 84 KB
84 KB 15ms
12ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/02/Agespisa-Segunda-Via-Saiba-mais-.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

430d75720cc107e64de05d74d3897a0eba22fd689403322361a221d68d8052a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 17:15:27 GMT
server: nginx-rc
etag: W/"62151a2f-14f65"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 celglogo.jpg
www.2viaboleto.com.br/wp-content/uploads/2014/10/ 2 KB
2 KB 15ms
12ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2014/10/celglogo.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

e3c8d6cda903250d395120bb2b795693ad41cd75ef06e02bcae47967dc73cf86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Nov 2018 08:35:36 GMT
server: nginx-rc
etag: W/"5bf66a58-96e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 Veja-como-emitir-sua-segunda-via-Celpe-300x300.jpg
www.2viaboleto.com.br/wp-content/uploads/2023/03/ 16 KB
16 KB 15ms
13ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2023/03/Veja-como-emitir-sua-segunda-via-Celpe-300x300.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

50ebc61ff97ce47c96a59ac77aeeea0207caca52a385123bd199ade1c25659bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 13:31:16 GMT
server: nginx-rc
etag: W/"64186024-408f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 Caesa-Segunda-via-Onde-emitir-sua-fatura.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/02/ 84 KB
85 KB 15ms
13ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/02/Caesa-Segunda-via-Onde-emitir-sua-fatura.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

bffd80deea687f8822206b43bcc0394257127b2033e436ca61f48d3198454927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 21 Feb 2022 17:15:14 GMT
server: nginx-rc
etag: W/"6213c8a2-151b3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 Sanesul-Segunda-via-Solicite-a-sua-fatura.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/02/ 86 KB
87 KB 15ms
14ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/02/Sanesul-Segunda-via-Solicite-a-sua-fatura.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

b9d5533c89e4e80205362af5dd446c0d6656dd80ca4bc55022786918e5858781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 21 Feb 2022 13:51:33 GMT
server: nginx-rc
etag: W/"621398e5-159a4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 Compesa-Segunda-via-Veja-como-solicitar.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/02/ 87 KB
88 KB 22ms
22ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/02/Compesa-Segunda-via-Veja-como-solicitar.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

20e4f92000fdd6db3859e5a887e00f3eda04a89c231ec8270dec5200fa46d2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 16:31:34 GMT
server: nginx-rc
etag: W/"62150fe6-15dd8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 embasalogo.jpg
www.2viaboleto.com.br/wp-content/uploads/2014/10/ 44 KB
43 KB 23ms
22ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2014/10/embasalogo.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

6fc0db464c7c0a52b9fbb64825882ff81273f56319fb6376a4e4738f04fc2758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Nov 2018 08:36:10 GMT
server: nginx-rc
etag: W/"5bf66a7a-b1c4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/ 348 KB
116 KB 67ms
54ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1114895170912147&plah=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd51b9d043f9401e4790ae8dd0656afdf70136eee3b8dbc6c1864c64b282ede1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119044
x-xss-protection: 0
server: cafe
etag: 9252653836508099040
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/ Frame AD5C 10 KB
5 KB 55ms
9ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 10:05:41 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 10:05:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 43ms
9ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Apr 2023 00:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6655
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 11 Apr 2023 02:05:11 GMT

GET
H2 200 2viaboleto-novo.png
www.2viaboleto.com.br/wp-content/uploads/2022/05/ 3 KB
3 KB 16ms
0ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/05/2viaboleto-novo.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

3fcc65363965765df778ba971639d84376f09dc17e9769b5a26895d7344e2bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 18:17:44 GMT
server: nginx-rc
etag: W/"628bcfc8-c15"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 menu-01.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 975 B
1 KB 37ms
12ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-01.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

2ff0ff037fc73d5bbea051dc0575e0c2d4a8d93dedb2715b00a126b0a7006d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:18 GMT
server: nginx-rc
etag: W/"5bf59f12-3cf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 menu-02.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 1 KB
1 KB 37ms
12ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-02.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

4759a5cbbaf2b48c7ab2ed5eb46b93e12fda0964ac3278ef367d8e7660ca5b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:16 GMT
server: nginx-rc
etag: W/"5bf59f10-46f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 menu-03.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 984 B
1 KB 38ms
13ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-03.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

93326eb41a20db97ca003b220ef4ddb2c3bd07bbed23ef5031cbd78972b502ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:16 GMT
server: nginx-rc
etag: W/"5bf59f10-3d8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 menu-04.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 721 B
923 B 38ms
13ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-04.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

a650c814d488eae07920ba06e2725bb96d96292b417ae35024f8445ce2fd7afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:14 GMT
server: nginx-rc
etag: W/"5bf59f0e-2d1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 menu-05.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 771 B
966 B 38ms
14ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-05.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

0a81c51fdca70a0e0cb72e27e1ab7e32decf2c10c7cd5469cd5f4afc55e0d47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:20 GMT
server: nginx-rc
etag: W/"5bf59f14-303"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 menu-06.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 869 B
1 KB 16ms
15ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-06.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

5cb8afa23d794598d2e509f33f56bad58616cc0fb9c9aa75380e1b4a16390554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:18 GMT
server: nginx-rc
etag: W/"5bf59f12-365"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 menu-07.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 864 B
1 KB 14ms
12ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-07.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

7e2d9dc11c42c4c70b2edab9599a14a1401ac0effc16729a5cee66d57fa1d56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:18 GMT
server: nginx-rc
etag: W/"5bf59f12-360"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 menu-08.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 968 B
1 KB 14ms
13ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-08.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

7117fc3005bd535577a248feda72de2f33d09b8a5d4ee5f344e08f7a9c90cbb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:18 GMT
server: nginx-rc
etag: W/"5bf59f12-3c8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 menu-09.png
www.2viaboleto.com.br/wp-content/uploads/2018/11/ 935 B
1 KB 17ms
16ms Image
image/png 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2018/11/menu-09.png

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

e0b7c636c8756825c0652b5d3decf36bbcb6ea03eb8fce82e2dc10e8dc0bb622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 18:08:18 GMT
server: nginx-rc
etag: W/"5bf59f12-3a7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
608 B 36ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.2viaboleto.com.br&callback=_gfp_s_&client=ca-pub-1114895170912147

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43492c07e95e2c985a90ec9593ab142a392e3f4f26c324a30413c084d8a779cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 55ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 46ms
18ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98F6 490 KB
94 KB 926ms
924ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&adk=1812271804&adf=3025194257&lmt=1681134255&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178166078&bpp=10&bdt=131&idt=132&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4008029446492&frm=20&pv=2&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=167

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b003ca6b0369a697390a185a57b1ef4cb7b131a6c537547167261b48131fdb0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 96123
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
expires: Tue, 11 Apr 2023 01:56:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 15ms
14ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2098980033&t=pageview&_s=1&dl=https%3A%2F%2Fwww.2viaboleto.com.br%2F&ul=en-us&de=UTF-8&dt=2%C2%AA%20VIA%20BOLETO%20-%20Coelba%20-%20Sabesp%20-%20Vivo%20-%20Oi%20-%20CAIXA%20-%20CELPA%20-%20CPF%20-%20CELESC%20-%20BV%20-%20FIES%20-%20CONTA%20TELEFONICA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1195942088&gjid=352647179&cid=786532526.1681178166&tid=UA-53198037-1&_gid=1607044175.1681178166&_r=1&gtm=457e34a0&did=dNDMyYj&gdid=dNDMyYj&jsscut=1&z=791246825

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.2viaboleto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.2viaboleto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55C6 101 KB
35 KB 733ms
731ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1200x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178166089&bpp=2&bdt=142&idt=180&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=a4U5QoGRUE&p=https%3A//www.2viaboleto.com.br&dtd=185

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b1f40eb112341ce51ccef7c35ef1df769deb65ad07788373fdde97b8c7d856d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35548
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
expires: Tue, 11 Apr 2023 01:56:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 66ms
21ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-53198037-1&cid=786532526.1681178166&jid=1195942088&gjid=352647179&_gid=1607044175.1681178166&_u=YAhAAUAAAAAAACAAI~&z=329205635

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.2viaboleto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 11 Apr 2023 01:56:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.2viaboleto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 41ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-53198037-1&cid=786532526.1681178166&jid=1195942088&_u=YAhAAUAAAAAAACAAI~&z=873321061

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 39ms
17ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-53198037-1&cid=786532526.1681178166&jid=1195942088&_u=YAhAAUAAAAAAACAAI~&z=873321061

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Segunda-via-Banco-do-Brasil-Veja-como-emitir-sua-fatura.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/05/ 84 KB
84 KB 11ms
11ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/05/Segunda-via-Banco-do-Brasil-Veja-como-emitir-sua-fatura.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

a2c76a8c7d7cf47648a58b719c72bb1bc97e116771e9905af1201e3afce69c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 17 May 2022 17:51:56 GMT
server: nginx-rc
etag: W/"6283e0bc-14e72"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 Segunda-via-Mastercard.jpg
www.2viaboleto.com.br/wp-content/uploads/2022/05/ 86 KB
86 KB 11ms
11ms Image
image/jpeg 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.2viaboleto.com.br/wp-content/uploads/2022/05/Segunda-via-Mastercard.jpg

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

de056cc0817b044826f00bb07b1766c1f4574adcb411a9fc8a3d21ce501a31b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 17 May 2022 13:38:07 GMT
server: nginx-rc
etag: W/"6283a53f-157c2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:06 GMT

GET
H2 200 0b76a40db5a0e4006fbd6687403ecdcc.js Show response
www.gstatic.com/mysidia/ Frame 55C6 9 KB
4 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0b76a40db5a0e4006fbd6687403ecdcc.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1200x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178166089&bpp=2&bdt=142&idt=180&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=a4U5QoGRUE&p=https%3A//www.2viaboleto.com.br&dtd=185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 12:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 12:08:23 GMT

GET
H2 200 bb820f1d3ec38733e71139b08ea14877.js Show response
www.gstatic.com/mysidia/ Frame 55C6 10 KB
4 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bb820f1d3ec38733e71139b08ea14877.js?tag=text/vanilla_ctc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

553f422c552045cd5cd522471f4d89f35fbfd7f61bfdd8b8af8f081e7add699e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 13:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4289
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 13:26:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 55C6 8 KB
1 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 00:42:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 55C6 2 KB
846 B 11ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 55C6 22 KB
9 KB 44ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 55C6 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 55C6 20 KB
8 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55C6 159 KB
49 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 55C6 33 KB
14 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 55C6 0
0 53ms
51ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGxxkNr40ZOHjEoqegQfy_oPwC_ua0tlvyf601d8Q2tkeEAEgwtuPImC7BqABh-qnpCnIAQGpAjTRnLQvxrQ-qAMByAPLBKoE8gFP0Dp1SD78AfZ20vt-jH0HRwglvI-Z_cnCUVAcOX-TQciIY9CcvkArtdbbVhM6Ba2rTzzt4yufwNxXMAE-foDr6z4OHZnNnWHz8zOPDfccwVRhR05FW9Rk0vL4awNG2yQc13Xv2B4RF_6fQZD6CCFtTarZHK2p_zvbWcAhFhmNTJyGY2Ae5RpDNIffkY2CN9TEV9nLqWqA91kuTs6H3IBiPgXB0W0j-llX3gdxJOgvmXF9lpWFPtmpPtxzOnV2j3ZFWch6BsLaRkVsoT5RxTMSKGaBZIX3A_75w7hOTzgMWjLyvdXCw3ZiFsSt57WbyaA_0MAEgdTt9KMEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB4ei-IMEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQlPIl0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwKIFALQFQGAFwGyFxwKGggAEhRwdWItMTExNDg5NTE3MDkxMjE0NxgA&sigh=5QdBfubJM_k&uach_m=[UACH]&cid=CAQSGwDUE5ymUiJB-2yrD9d5kFjBkpJcehX8OMvRbRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1200x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178166089&bpp=2&bdt=142&idt=180&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=a4U5QoGRUE&p=https%3A//www.2viaboleto.com.br&dtd=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 01:56:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F21 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1200x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178166089&bpp=2&bdt=142&idt=180&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=a4U5QoGRUE&p=https%3A//www.2viaboleto.com.br&dtd=185
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:33:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 55C6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd18fddb561eeb8e89ba23dc6eed679eb25035dd27b94e573653b5cbd5bd4972

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 55C6 29 KB
30 KB 29ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 14474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 21:54:53 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F21
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
15ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
expires: Tue, 11 Apr 2023 01:56:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 async-api.71768fc8-1.229.0.min.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 28ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.71768fc8-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 743f55303d7eab3ed0aa287fa248124f833da6f085a1d9a56eeeae00e109b441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: e8rpyKr3cY5QVrf3oxuX1AUTh5lETeQ7
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Apr 2023 01:56:07 GMT
x-amz-request-id: MP5J9HVAQGBTGWZE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1185
x-amz-id-2: cHx/mlyL35eR9xbq2125shd/Fyti/l1i2KdQK7m8a0qCwbnN7xdTzvmk03Wg8yaQocqYVRJ4ucY=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681178167.244006,VS0,VE0
etag: "ff2c4ad370325d458bbf2815873747cb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 201

GET
H2 200 lazy-loader.ff971c03-1.229.0.min.js Show response
js-agent.newrelic.com/ 928 B
620 B 28ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.ff971c03-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: C26LEymLTjV1dauBWZq7rhioGnm96EaK
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Apr 2023 01:56:07 GMT
x-amz-request-id: FC12BJNJF3W7GKCP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 414
x-amz-id-2: jbGdejari8vf+p939B9JW/YiFTEZzHlFMEEj+EQUS5onS+A84Svr1lsu1vypvGaX96v0WZMtLCg=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681178167.244111,VS0,VE0
etag: "5c71e603fdc4b5e7eb31a10d4bf90768"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 44

GET
H2 200 sp-push-worker-fb.js Show response
www.2viaboleto.com.br/ 65 B
320 B 11ms
11ms XHR
application/javascript 178.63.88.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2viaboleto.com.br/sp-push-worker-fb.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.88.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

brworks.com.br

Software

nginx-rc /

Resource Hash

2a810283ef3a450039039318677538039c2adadfe2703a12f98b07735ba15290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VwMHUV9UDBABVFdVAgYEUVUH
Referer: https://www.2viaboleto.com.br/
tracestate: 3500974@nr=0-1-3500974-1120076439-e8940b6fc1949a05----1681178167223
traceparent: 00-050be517f5c17a9d830655729f92f5d0-e8940b6fc1949a05-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM1MDA5NzQiLCJhcCI6IjExMjAwNzY0MzkiLCJpZCI6ImU4OTQwYjZmYzE5NDlhMDUiLCJ0ciI6IjA1MGJlNTE3ZjVjMTdhOWQ4MzA2NTU3MjlmOTJmNWQwIiwidGkiOjE2ODExNzgxNjcyMjN9fQ==

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 19:24:41 GMT
server: nginx-rc
etag: "5eea6df9-41"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 65
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 01:56:07 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 57ms
56ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230405&st=env

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81b8b92887ff8aa7d4b2b98b7d02176daa99666bd1101d3bdb4f1ecdb260977d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11374
x-xss-protection: 0

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 223C 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/ 149 KB
51 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/reactive_library_fy2021.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcef7b0dd8b0fd2a119139c00fc3c74b8a2b7b721bbf7a53bf53ba6a87e60c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51881
x-xss-protection: 0
server: cafe
etag: 8734830274560901168
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A86E 93 KB
33 KB 420ms
420ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XJphJo3bn3&p=https%3A//www.2viaboleto.com.br&dtd=28

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74740bb41fcf440207553eef9a58a2c9e977ebf60141f2acebe0bdf9e3ec5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 34264
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2358 129 KB
38 KB 563ms
562ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1456288602&adf=2222756707&pi=t.aa~a.631950499~rp.3&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9Ocb91VE0I&p=https%3A//www.2viaboleto.com.br&dtd=32

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b17219a493d3808809672892fe23a7e4b89a01fa959b7e804a286534d4fe974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 39134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1149 123 KB
38 KB 532ms
531ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3759&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=QuPeA6Oap2&p=https%3A//www.2viaboleto.com.br&dtd=35

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b8d31787e466c93761443e64b3dfe468f2077867c57902670c7fe43a5782c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 38634
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8628 20 KB
9 KB 539ms
538ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

388c81fdec18192374d32c8d6b49242a3f3abd9e672e4a50e86de801b6d47c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 8691
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H2 200 862.5040a0e9-1.229.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 7ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/862.5040a0e9-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46f4baefb952425144ddecbc344eefd3e8474120d0a905197ceca703773a0af6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: MmrDfYLvfemW_C2Le7BEaPC6eRPP2SUA
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Apr 2023 01:56:07 GMT
x-amz-request-id: JCYQFPRVDEXE8331
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3555
x-amz-id-2: m6eDOdUghBrk+5+bmwDX6eY1lWK7QHjzoiQuhVhTZQahMW6TB0sXYwSyTMJq+waoaGuL2ouR6Cs=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681178167.421490,VS0,VE0
etag: "82638c97ed5b8ac50e187350d21318e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1829

GET
H2 200 page_view_event-aggregate.a968183b-1.229.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 8ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.a968183b-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f7c2c31ea859cfc1d95cb315d2f2a36e7c34dc815ad25fc3d851b771ca580e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: SFzPPcdnTVHQTcD9hCRgHiiAXXxPSYYj
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Apr 2023 01:56:07 GMT
x-amz-request-id: JCYXK4XEQYW747A6
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4139
x-amz-id-2: XdIBoDMIW5STW13JxSFF5LrMEJRgbgNl80yqXL9rQ1FSM3ny4DUqsKEwK/ItfyyIZQCengeSssI=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681178167.421735,VS0,VE0
etag: "365ec56e709c5cda59caead206bd8a90"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2247

GET
H2 200 page_view_timing-aggregate.92e7c907-1.229.0.min.js Show response
js-agent.newrelic.com/ 13 KB
5 KB 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.92e7c907-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7df1f1e0416d3774b6c4db6c9bd0c3d57ff62ffda8ac4fb42187a2120edec163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: .6v4LQjyJ30j79.vmD38H.SGYD4l823I
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Apr 2023 01:56:07 GMT
x-amz-request-id: JCYPDX9A13Z4HM3Y
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4828
x-amz-id-2: CcDrV7e+x06DJNX2jp56U8v+h6O4O9r0iV5V7nwOLGLwSs81qRnXDSJ1SMcZMpnG37SQih2K5zc=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681178167.421790,VS0,VE0
etag: "9a1883d2c0f4c6e4d887e9b04d87aa23"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2218

GET
H2 200 metrics-aggregate.fde0a6c6-1.229.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 8ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.fde0a6c6-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1d8656eab6c03d6ac0205611e249a38fd3a719cd51aed01130dbab1e6b7ecee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: RgWkOhsMW9AOu0Hy3o60cL2Urkt6D6V0
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Apr 2023 01:56:07 GMT
x-amz-request-id: JCYMXJF7J8W8H22T
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1720
x-amz-id-2: FttM5djkXvv5/D+8FDeUh6kXhCUAj+LiB92SDSvkTrrKJqAyEWYklmywwXm6Q3WFRTdzUQgDd64=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681178167.422298,VS0,VE0
etag: "e203af23d49efdd7eb02d1237809add6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1941

GET
H2 200 jserrors-aggregate.265ba41e-1.229.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 8ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/jserrors-aggregate.265ba41e-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 110b95da6e397f48c09a27114251fd4157f473f66013e6ba78e0a78b310ada58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: yUWRJUnruZ6di8bLW6bbReM.qJ8Dtffi
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Apr 2023 01:56:07 GMT
x-amz-request-id: MP5PC7ZBHSPPTM1Q
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2932
x-amz-id-2: 2RhtOcySzBzHiOgVFCFNhI7Udc3FNHBf1gRLzz8qlK/0Kj+fWOxwDjmHtEeuLWMesJK5LGKelAY=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681178167.422287,VS0,VE0
etag: "cfda02bbbc20eafb5a6352a132f4b6f7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 145

GET
H2 200 ajax-aggregate.ebcbd305-1.229.0.min.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 8ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/ajax-aggregate.ebcbd305-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: _SW2GtnjspGrmWeYaU.3TPXeANAUVC2X
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Apr 2023 01:56:07 GMT
x-amz-request-id: JCYY0X5Z1G9DJJWP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2365
x-amz-id-2: uo8ExcdKXD4FF3eDHU5cDOnKWsjOtICrUuusF4k82zXcU2d8s5ekbK5hDkGxrgAdK3uQDRJnUMk=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681178167.422603,VS0,VE0
etag: "61554094cde63c6eec39f630c32a828f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1212

GET
H2 200 session_trace-aggregate.afe7d95b-1.229.0.min.js Show response
js-agent.newrelic.com/ 10 KB
4 KB 8ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/session_trace-aggregate.afe7d95b-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: Om93DsRmumibDAdPESd8Hx4qXtDeSTbH
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Apr 2023 01:56:07 GMT
x-amz-request-id: JCYW4R01AASCD7MW
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3732
x-amz-id-2: 5pCBwF8pkjRXy8q4qIoOPj3lKSjJBnNIQDt7kvO4Hfr/oVVHqDp7z6/yQ0bDSYyqkIgDFT48cmc=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681178167.423021,VS0,VE0
etag: "69d309900c2caeef33af662ddf91affc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1535

GET
H2 200 page_action-aggregate.8658345c-1.229.0.min.js Show response
js-agent.newrelic.com/ 3 KB
1 KB 8ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_action-aggregate.8658345c-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: cQcJBGyVGuOv7irc289FG0t2KdiVdpIY
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Apr 2023 01:56:07 GMT
x-amz-request-id: JCYSKS3QMBFBCBDB
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1202
x-amz-id-2: RqskkBLjTzb3NmHH1JSFWmU1k4fJnlA5VDK6/dVrdsqYWqUhljgG6yfsVOA1mf0QTIaRmDCWUNI=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681178167.423158,VS0,VE0
etag: "9c1563b1437a04e5cd75285b2f4bffb0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1517

GET
H2 200 spa-aggregate.6a952689-1.229.0.min.js Show response
js-agent.newrelic.com/ 18 KB
7 KB 9ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/spa-aggregate.6a952689-1.229.0.min.js
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09ff63be86efff337442534f9a041582520c6c97be4eabeaffd443d857ac24d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: NAwV87sFR62h0vPV.AvGqaC58CMysnl6
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Apr 2023 01:56:07 GMT
x-amz-request-id: JCYWR0YY5GPNNYCA
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6657
x-amz-id-2: Xsmhp4owoCWHeqJlgBHcc2l+Km9RnmNJ3Rana2Fs3TFiovAGIa34Ffa6jdGVx3cxqRqFN99WK+o=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 30 Mar 2023 18:00:05 GMT
server: AmazonS3
x-timer: S1681178167.423505,VS0,VE0
etag: "1af4661ae2a4aae0f16c12b5725d376c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1281

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.2viaboleto.com.br

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame 5902 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 02:22:48 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 02:22:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame C82D 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 02:22:48 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 02:22:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame 1803 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 02:22:48 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 02:22:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame FA9B 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 02:22:48 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 02:22:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F543 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 20:19:36 GMT
expires: Tue, 09 Apr 2024 20:19:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1A3D 783 B
535 B 17ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47b366a3f57739e8df246b8a262e5fa15a085bda68ebacf4c7a2bb6107ca918b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KMIr36RItBrKmU8qgCeYTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.2viaboleto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-KMIr36RItBrKmU8qgCeYTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
expires: Tue, 11 Apr 2023 01:56:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ Frame 5902 4 KB
705 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 01:04:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5902 205 B
229 B 8ms
7ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:54:54 GMT
x-content-type-options: nosniff
age: 39673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 09 Apr 2024 14:54:54 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5902 604 B
628 B 8ms
8ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:49:38 GMT
x-content-type-options: nosniff
age: 389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 10 Apr 2024 01:49:38 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame 5902 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame C82D 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:13 GMT

GET
H3 200 8483558508003008137
tpc.googlesyndication.com/simgad/ Frame C82D 23 KB
23 KB 9ms
9ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8483558508003008137?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qktsPmaR7oODpPNcgs3Y0JpzAfN5g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

206a274a6344284e521406627218ba8be9b04508cdcd5e83b16d108ba4dd99cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 23:44:17 GMT
x-content-type-options: nosniff
age: 267110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23556
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 16:03:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 23:44:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame C82D 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame C82D 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C82D 159 KB
49 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame C82D 32 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0efe39b232b9983e90455adf6ca9ff935b132a6790459ee8db071a05a6f86564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13331
x-xss-protection: 0
server: cafe
etag: 1527815087941412852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:36:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 1803 2 KB
765 B 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 1803 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 1803 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 1803 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1803 159 KB
49 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 1803 33 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FA9B 4 KB
618 B 58ms
58ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f0d14e678c7dd5f443e5810048090a0a12ac42e474c478b948a8d44c7f6a4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 01:47:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame FA9B 2 KB
765 B 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FA9B 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIJwyNr40ZOW6EJPj7gO3nYHYBtj599FvmeLhragRps7mrYkCEAEgwtuPImCV4pCCoAegAa2uhrkpyAEJqQIA-GJqZjmyPqgDAcgDywSqBPIBT9DaU-Ip0O6TCuxAGAOx4S9f-vgQa5tldgotav_TLoCNOqG1x_wt1eURNe_4oR6SqJYgWGEohzmhp951_JedzmPCnTav-Z78Itu2vMjeWuf6giaGWP-2YJNp1w3L6OQbrp8uTZ42cTj9BdYLkyS5T-d_G5TtPrClfOVQy4fArZee-A0zh4_MKivn12PoMnjUqGpe07kQ3qoxHHc1KL-SHBUbAJG9FlqcwGDuqbkwAO9NASU3mkvnwVN6hPs58AwSjmxbjWQ_7sPN8ilVTpe_xyyXcOlGtxMVM3YzHk0DrGKw_mM9qMONNxe75DsLu-HEs-fABLTDv9q3BJIFBAgEGAGSBQQIBRgEoAYugAet5taYBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKS_GNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi0xMTE0ODk1MTcwOTEyMTQ3GAA&sigh=wewY-Wxhc3A&uach_m=[UACH]&cid=CAQSGwDUE5ymgSgXDTU66CPBG58GZCTdN7UwWAnLhRgB&template_id=484

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 01:56:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame FA9B 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame FA9B 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame FA9B 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA9B 159 KB
49 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame FA9B 33 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/16572271447551119352/ Frame FA9B 41 KB
41 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16572271447551119352/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ebad31b7d93b8c8f601cf4c2b91b208b60557230f120e7396fff044894d5da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 22:06:07 GMT
x-content-type-options: nosniff
age: 186600
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41841
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 17:50:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Apr 2024 22:06:07 GMT

GET
H/1.1 200
OK NRJS-c1fa2eb36da78a45176 Show response
bam.nr-data.net/1/ 49 B
397 B 246ms
217ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-c1fa2eb36da78a45176?a=1067573716&v=1.229.0&to=M1cAYkACCBBQAUVZVwodN0RbTA8NVQdJHkgMQg%3D%3D&rst=2082&ck=0&s=98b887b6851036ad&ref=https://www.2viaboleto.com.br/&ap=19&be=427&fe=1280&dc=119&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1681178165518,%22n%22:0,%22f%22:119,%22dn%22:119,%22dne%22:119,%22c%22:119,%22ce%22:119,%22rq%22:385,%22rp%22:427,%22rpe%22:432,%22dl%22:429,%22di%22:546,%22ds%22:546,%22de%22:546,%22dc%22:1701,%22l%22:1701,%22le%22:1706%7D,%22navigation%22:%7B%7D%7D&fp=543&fcp=543&at=HxADFAgYGx4%3D&jsonp=NREUM.setToken
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-fra-eddf8230123-FRA

GET
H3 200 css
fonts.googleapis.com/ Frame C3C9 8 KB
893 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 00:36:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame C3C9 2 KB
765 B 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame C3C9 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame C3C9 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame C3C9 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3C9 159 KB
49 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame C3C9 33 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A12B 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:33:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1A3D 0
0 42ms
40ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230405&jk=2363830916624219&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame F543 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
DATA 200
OK truncated
/ Frame FA9B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0807949de193e177adf265102c982c1abb7fa820248975775e1444c09b9d1d65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C82D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59496a52eddfd9721cb19b4d067c905c58bd705aeadc60dd5771942a72fab68a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B91D 143 B
166 B 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:33:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8AAB 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A12B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
18ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
expires: Tue, 11 Apr 2023 01:56:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame A86E 6 KB
669 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XJphJo3bn3&p=https%3A//www.2viaboleto.com.br&dtd=28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 00:47:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame A86E 2 KB
765 B 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame A86E 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame A86E 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame A86E 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A86E 0
0 15ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyfxr9QXuw4kml6vwUdiY3Ier4hTxWEQEa-031uUiOdhQahBnza3GlC-GZsM8OQt0KpB0VTFQHLVhNv4PZhjgy3N1oqw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XJphJo3bn3&p=https%3A//www.2viaboleto.com.br&dtd=28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A86E 159 KB
49 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame A86E 33 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 672D 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame E202 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C82D 0
19 B 50ms
50ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxRbzNr40ZOO6EJPj7gO3nYHYBoPj9uFvmc-C1qUR5-jD5tE6EAEgwtuPImCV4pCCoAegAe7XxZMoyAECqQJax73hMsW0PqgDAcgDyQSqBOEBT9D_c6pfu1RO8gDTEjWriSpF82KnGT1ySzbDyx3Hz2FF_FyMVHKzJ1R9mg6FHe6bGNi5X1z2Y7gK04MqrufsPs8bQKLf4_Q63S-ZB2l_py9p4UeavQHPfD8_znzmu6AVI7s8yMO6TIJmTxiJ-qhT1rzXmreRmCoqoDcLYnjKFnKc8D_Qc1njBjo1AkToaHEXKbhVvWw7TE0Sxg4KdrXb6zF0_-1bHhsdd3qebs-XRKhSZHY45a8ykVRagu14Y5ME-_ITrmZjk7pJpUYyQIYke0TdPQr8S8SR1dWvXp6uk0QVwATA-6HQogSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH7o-W8wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCszwvSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMTE0ODk1MTcwOTEyMTQ3GAA&sigh=RcU9MP1Bjpc&uach_m=[UACH]&cid=CAQSGwDUE5ymgSgXDTU66CPBG58GZCTdN7UwWAnLhRgB&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 01:56:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A86E 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CH_PBN740ZKGjFb7Hx_APj8KEkAjF15u5bZChmqW7EcCNtwEQASDC248iYO0EoAGxmtOyKMgBCakCPEgEGL1-gz6oAwHIA8sEqgTqAU_QymYgpDTehI60kdfhVZ9hNPJ4t9DwRxN88NaqbUAs5ksaQ4ZniulOv9d0HN7OhczwGp1bW0YMyjXqFHXbvnrkYcGNT4u_NlSz9tO9JpoiHVlsxOAX6gCRpsrkWLPiUsmmjQgkhFSS5Gh6n9UTzhmnGd4DTzziuA92M5_zxjGyG4fGHcm53X7Mrp8pCbl-7Y8YpdP1xZEfcGQKCWY3qzkQa3p3M8BB-3Omel0fD-Hi1xM5Zw84DEbaerMcHb8WuVNK_QlT3HNNBVDAKsWlTG_vrMiC78gk1MG23P1e8ZfQTZEVZkg4CT4M8cAEtI3yvPMDkgUECAQYAZIFBAgFGASgBi6AB7HSo5IDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQn8cC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMN0BUBgBcBshccChoIABIUcHViLTExMTQ4OTUxNzA5MTIxNDcYAA&sigh=7H4fDVgsSPI&uach_m=[UACH]&cid=CAQSOwDUE5ymvXik3KISjX6AaMAqyAS26IEJZJe9KfGmRRuWSQHN2eqZbUWbKBBnp9dAGPn3Wtb9yyJM2rqpGAE&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XJphJo3bn3&p=https%3A//www.2viaboleto.com.br&dtd=28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 01:56:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13807958870969253779/ Frame A86E 9 KB
9 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13807958870969253779/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddb4ec0393909674fbba1896132641bf46f8059ef8a1d74ec5476c2f361a973e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 16:14:28 GMT
x-content-type-options: nosniff
age: 553299
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9089
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 09:05:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 Apr 2024 16:14:28 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15258242656778817402/ Frame A86E 2 KB
2 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15258242656778817402/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c739159be62fbf19cb17260088e751fa43b936201e3b761de0ffa53a51be59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 19:45:06 GMT
x-content-type-options: nosniff
age: 195061
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2120
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 05:21:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Apr 2024 19:45:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1149 2 KB
531 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3759&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=QuPeA6Oap2&p=https%3A//www.2viaboleto.com.br&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 00:49:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 1149 2 KB
765 B 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 1149 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 1149 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 1149 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1149 0
0 15ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKKZiL42T72LHmCwkRd44eKbf15Vuw0IbIIDujGYK9p7X0iRQ-jUgTzYQlEIBhgni1sktEt_jZIbpIBUBUNXx-5go-Jg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3759&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=QuPeA6Oap2&p=https%3A//www.2viaboleto.com.br&dtd=35
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1149 159 KB
49 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:08 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 1149 33 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B91D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
22ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
expires: Tue, 11 Apr 2023 01:56:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D2E 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2358 2 KB
531 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1456288602&adf=2222756707&pi=t.aa~a.631950499~rp.3&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9Ocb91VE0I&p=https%3A//www.2viaboleto.com.br&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 01:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 00:15:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 01:56:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 2358 2 KB
767 B 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 2358 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 2358 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 2358 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2358 0
0 16ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQciRe0wwCINFs17qGeA9J87vosDubCy1bIAlpGwSXWct8z6UfzHedDuJh5yD3DQ1hfa9QrpmPmyG0OZ__H-4Z8amXIoQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1456288602&adf=2222756707&pi=t.aa~a.631950499~rp.3&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9Ocb91VE0I&p=https%3A//www.2viaboleto.com.br&dtd=32
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2358 159 KB
49 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:08 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 2358 33 KB
14 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1149 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CarwHN740ZNmGFuPYx_APtoCGgAPWsfX2bonDlK6jEd3i8ZWIGBABIMLbjyJguwagAbeZtNQDyAEJqQIA-GJqZjmyPqgDAcgDywSqBOEBT9B6jIIlNwGNK8ORY_6nYaD1MDsC8C_2mKsRU7aAsTzkF_q4yJec8rKP6jNWq_xvKW0_WS9HN59BPhBkab6K1DbXazjp3_yFSuyUD961I_6tzAUnl6ZYyRBZbLsplKfExuzJ36hvkOJQisGmf-aLRLcN_pvfwcF_bYBgm8pQ5Bhf9LvGi8KMeA21OXNT__nIA0sj6kpdL9rWY2A7DYQNqIlIyjDPOSUdHyTBWsgPzRSotKDyqROb0UtEIzcelutxtkBywuJrHB3bVoZ-PoyvEmj4xejZ-faHY9VY7l9GgYXdwATf6OKttAKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHjp_VLqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDVzQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0xMTE0ODk1MTcwOTEyMTQ3GAA&sigh=tjWL36s8vQY&uach_m=[UACH]&cid=CAQSOwDUE5ymNAJbxesIaMZpZYpOXUETpNZ9Zk4NmUaG12utMd3UoaBXmhSHgDmP6SnCC9uk27EbERJM-0C8GAE&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3759&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=QuPeA6Oap2&p=https%3A//www.2viaboleto.com.br&dtd=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 01:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B2FF 624 B
245 B 21ms
20ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWhTENlRYVlMsIw3PYkUXpfSpREypB0ecau8nT_xeXHhhCnKQ7jxd0gw58IpYLBWG_6WIUY_pAydU-u__kahSCm5wO7cxGnQDzI8e6p7h16tViKqkUUWIfeVXXqwrxsNNrWzGXz7cUsyVTbnYwbc0TfIOSDjEV1bNJfZJqB-Wxzoz1ucMc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 01:56:08 GMT
expires: Tue, 11 Apr 2023 01:56:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F8F5 78 KB
27 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame F8F5 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame F8F5 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8F5 159 KB
49 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F8F5 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BuhT6Y8rvFgYzzSgV9tSgBIp5r4zgKMbLCLJMCT3c_QnmVoW8kCMYAty7Oe7I0r6bxYA5vO-2N5GqIavooizqdhxhYEZ4_Tl67JuleR_5ZHSAkiyI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F8F5 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11296762167057450012&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 1149 18 KB
19 KB 48ms
7ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRXMlP3yBJ9EHbHMawjnUvgnZjhVVLGngTp1qMhhL9de0Hb9xiQF0nSE9sn6xs&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8dbe3e340e1af39cbc6c853241163da7ded59a8a3b692e205f45eb54922b051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:03:06 GMT
x-content-type-options: nosniff
age: 280382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18559
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 02:37:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 20:03:06 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 1149 20 KB
20 KB 48ms
7ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQAq1Zri52MLU2RKCtZmcyPyralbwsDJ6bjNj_87wYgEwi709AhpGekwwXAHw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425b523e3ab2df7ebbe311f71004fed12bf2ee5856b513afd5e8625c24d57236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 21:49:10 GMT
x-content-type-options: nosniff
age: 274018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20017
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 21:52:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 21:49:10 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1149 9 KB
10 KB 36ms
8ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRog-kRi8wTOwoxOVnkg_w9l-50OQe2qvNmL3n-KMo4PclsT9w&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2a9d76c8aec68d27900fc385fc71a529aca535d0271f7b3a8ce94c8025530ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 08:52:42 GMT
x-content-type-options: nosniff
age: 579806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9280
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 12:22:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 03 Apr 2024 08:52:42 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 1149 15 KB
15 KB 56ms
15ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTjwMi01GSh4YrhAmHta7xD2JCKPPj0G-otxs9eZXgxRPLnRK08SnY6JYHOu24&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e947d4d9bceb7c15586d6a3f510f0dd912a72158b623d9f69f13100b64f7d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:07:20 GMT
x-content-type-options: nosniff
age: 13728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15239
x-xss-protection: 0
last-modified: Sun, 16 Oct 2022 16:55:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 09 Apr 2024 22:07:20 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 1149 15 KB
16 KB 49ms
9ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTmiKPu3BkSTm9_J3EHeyH4LPParWab7kKONerhrMU3OaaiHW8ZJgOppqJc0mQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e85aee69c2e5759e4628801f2afb012c0df2d7161dbc6b9cc8b5046495ed2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:16:59 GMT
x-content-type-options: nosniff
age: 254349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15844
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 14:24:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 03:16:59 GMT

GET
H3

200

13077851810460907941
tpc.googlesyndication.com/simgad/ Frame 1149
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCqpu7PvwEQ9AMY9AMyCKQ-VZyV5NRd
https://tpc.googlesyndication.com/simgad/13077851810460907941

8 KB
8 KB

7ms
6ms

Image
image/png

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13077851810460907941

Requested by

Protocol

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7716e51e9d8d8c5598ad35c325e010ed865d607196b9362763a102c5c406ceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:09:42 GMT
x-content-type-options: nosniff
age: 13586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8377
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 08:12:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Apr 2024 22:09:42 GMT

Redirect headers

date: Mon, 10 Apr 2023 22:09:42 GMT
x-content-type-options: nosniff
server: cafe
age: 13586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/13077851810460907941
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 May 2023 22:09:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 70CD 1 KB
643 B 8ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Tue, 11 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2358 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiVTIN740ZObyFfT57gO29IHID4Gpv_Zv1ZGE4-8Q5pGVo_Y3EAEgwtuPImDVBaAB7pHTzQPIAQmpAgD4YmpmObI-qAMByAPLBKoE3AFP0C9XmE5ePISicXqwiKB-8FMtcAE9ntKgbM5hxVGrbV0FGNvT4M6SkCTWPZZfXmqBAuWaYpbScml3vkGy4YW9WcctpW5uO-LCwn33jW4r0ADeLodQcZZatWIOC7QwOylEMLzxsoI7h-sdxQhUdQqMQMp6uLbWkI0TN7HHyyNgiVhIOv8KOs47GPi8sWjyrk21LXI0Wr-_oSHu_S7vEebcHAcLneP15rdUJBxNpjztC5T7W5WH3yzOggfoZo5GH9sXuhnZt4KiD6PvUcMqIP5ZojJd5DaXRXCkYzigwATj7vCxowSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHiq7OzgOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQrN8D0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMTExNDg5NTE3MDkxMjE0NxgA&sigh=VWwP2z1ybaE&uach_m=[UACH]&cid=CAQSOwDUE5ymOwKfch6PoGKR4ZTwqrlSjykNJJrCbNK_NAJ1KV2FuDZ4gTqvLEjWxqTQiZHH1Ha5ILaid0NCGAE&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1456288602&adf=2222756707&pi=t.aa~a.631950499~rp.3&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9Ocb91VE0I&p=https%3A//www.2viaboleto.com.br&dtd=32
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 01:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A86E 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 989f74cc212948ce4284fb7cbba65c429cf7f30a069f94a9a5f285fb58ec81e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 2358 47 KB
47 KB 13ms
6ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSxKB7ZReECM6GY4JiPXNYwx17K437YrHeCZuT9YZ82HpSDyQG7f4ewOVgrHA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a07fa124c3982c252b2b8a8a79a0ee6597b05b85fab36f98c134f75dfe5ecf04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:28:02 GMT
x-content-type-options: nosniff
age: 12486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48044
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 03:13:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 09 Apr 2024 22:28:02 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 2358 17 KB
17 KB 55ms
13ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS0X_Xo--60frS0Opn_WjHlLabJ82Ld3A0YZFRqGzJtTLMDw_1Rip4_t_a-Uw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d05bcc7d441f25fdf1756878b6775cb1673f6e7815f8379fc9b06f1df974bb2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:11:34 GMT
x-content-type-options: nosniff
age: 287074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17021
x-xss-protection: 0
last-modified: Thu, 05 May 2022 06:03:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 18:11:34 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 2358 18 KB
19 KB 49ms
7ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQnOQXZMi3GHGUXDNJ2vM5cupz6oOo5DCubQ5qUnWDElrZFWsXnqjp8ZEmSVyw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cad892a9f2f38b7765a14fe0a35893396b83dc82f7590632ba09008718a9d088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:11:04 GMT
x-content-type-options: nosniff
age: 233104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18520
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 08:07:02 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 09:11:04 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 2358 11 KB
11 KB 19ms
14ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTpEcRfuwP-KeI8JyAzvt6vueY4WzsgnVwH7CA2VxGZDUY60zCfr1e_O6ActA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4c708a96d6756d87f718c8c917709afb4b0551bbdc71967eaea4cd6dbe30f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:10:54 GMT
x-content-type-options: nosniff
age: 287114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10823
x-xss-protection: 0
last-modified: Wed, 27 Jul 2022 18:40:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 18:10:54 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2358 21 KB
21 KB 20ms
17ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTuS2mfalemNMfP0Ff4q4e6EL9qzTXfNWecgE0Z-59jw1oLdgXseyw2jDb3RyU&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

064c6909d3b2c82789c1129afd965405ddcec553f65a34f6b2fd0ecae2d9eac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:30:09 GMT
x-content-type-options: nosniff
age: 231959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21631
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 23:17:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 09:30:09 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2358 31 KB
31 KB 12ms
9ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQR6-2WYvvLdwvdeM-_LSVUhiIt_1Lf-GEpIxQ4Y6X2YHCZUB9QsT7l7yfNOQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88bb7274e7a4b86ba227e0d69a16bf1f3f7650f0897f8bcc2b00b61dd4a7d8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 10:06:23 GMT
x-content-type-options: nosniff
age: 316185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31237
x-xss-protection: 0
last-modified: Sat, 28 Jan 2023 10:15:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 10:06:23 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 2358 4 KB
4 KB 49ms
9ms Image
image/png 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQiToqqAir250p3R1RziKceZvb_ZgGlzYYsUXSz5QKC0LGi4oW6&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07ea9ff2314298989a32ad696ce6c1a839a1e3f149ab0811b94d234c5f6127dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 287456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4150
x-xss-protection: 0
last-modified: Mon, 27 Aug 2018 03:29:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 18:05:12 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B2FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAI1zBWR1Hrn9uEe_B9RSOM&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAI1zBWR1Hrn9uEe_B9RSOM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWhTENlRYVlMsIw3PYkUXpfSpREypB0ecau8nT_xeXHhhCnKQ7jxd0gw58IpYLBWG_6WIUY_pAydU-u__kahSCm5wO7cxGnQDzI8e6p7h16tViKqkUUWIfeVXXqwrxsNNrWzGXz7cUsyVTbnYwbc0TfIOSDjEV1bNJfZJqB-Wxzoz1ucMc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 01:56:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAI1zBWR1Hrn9uEe_B9RSOM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B2FF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZDS.OOWZkqxWQCoKvuV0.gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAI1zBWR1Hrn9uEe_B9RSOM&google_cver=1&google_hm=2

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAI1zBWR1Hrn9uEe_B9RSOM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWhTENlRYVlMsIw3PYkUXpfSpREypB0ecau8nT_xeXHhhCnKQ7jxd0gw58IpYLBWG_6WIUY_pAydU-u__kahSCm5wO7cxGnQDzI8e6p7h16tViKqkUUWIfeVXXqwrxsNNrWzGXz7cUsyVTbnYwbc0TfIOSDjEV1bNJfZJqB-Wxzoz1ucMc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 01:56:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAI1zBWR1Hrn9uEe_B9RSOM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B2FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGXljsZMEW7ZTl9zWMyV6ak&google_cver=1

43 B
1 KB

39ms
13ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGXljsZMEW7ZTl9zWMyV6ak&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWhTENlRYVlMsIw3PYkUXpfSpREypB0ecau8nT_xeXHhhCnKQ7jxd0gw58IpYLBWG_6WIUY_pAydU-u__kahSCm5wO7cxGnQDzI8e6p7h16tViKqkUUWIfeVXXqwrxsNNrWzGXz7cUsyVTbnYwbc0TfIOSDjEV1bNJfZJqB-Wxzoz1ucMc

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 01:56:08 GMT
AN-X-Request-Uuid: 1afa6d30-7fe5-4bc4-93f2-cb4aadcbd721
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGXljsZMEW7ZTl9zWMyV6ak&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B2FF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxMzk5NDYxMTA4Nzg1MDgxNw%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxMzk5NDYxMTA4Nzg1MDgxNw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 11 Apr 2023 01:56:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 762a39bb-5be5-478f-8ac2-71fac540aafa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxMzk5NDYxMTA4Nzg1MDgxNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F543 0
12 B 6ms
6ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6Tl3kA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F8F5 0
20 B 40ms
39ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=675051310163&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F8F5 0
20 B 40ms
39ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=675051310163&version=m202301230201&ct=76&x=1&cor=11296762167057450000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F8F5 96 KB
38 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtDZ5OZIGExWZvGp7jtyIHMj5b-chvjMimcy9VmPWba7qoOUdtAHj9NS1ZaXPsqyXNuW8MAJK2FT7WsgB9YN60UJC_98FK04GB9BvRl5HqtH5-YAk3MbIxjYQsGyA3FoUcYmch3oLGA5cn_HtHJweicZmiTDkrLyT5Y_OEU2HnSyogVPo&dbm_d=AKAmf-Condq9ht5suFel4yUgkCD3wD1_9pLGiRyPGA9jEb7CNN0GFRtcSxX9Jb8RChn2G3AS4EeIAbSc8yNPU14hzG9vKsY-rKqWbZqZzCSO-nesRsQvzXP1o6EELTnD6PoOaR-D9DylW7W3PXXGCbKQ7bav_7V7YP5Lq6xFYudwMruVU4EccmroI8JfF3xrnyQoBkUGKMFme-MkjUTuYBmbLKML7A1HrsKrzreByGdNnui2rPwAjmdLtOxfni6_WcdyeLiG780nhhDfJDtHHSJVEIRc1PiYYnj9fhTCUdGnPxqivTkzTR2LTSSJQf7pJombhfpDAvxusz0YDZTMA_nRa-UkE0N_ZGR6Xeruby2OumyKMzISopr6Ptu5hkAS7JV9YMZLQ5NoJZDZ1oA0_VfrNq1pT3KKZPDn5fiLgidzSUx4qhY-MKKQbLPCjpmB5x4XphVJ5j1jKUmJepJM_9a-9Jb9iTFpPgjuVTGaEIhgC6Wp0RENskrijZ368DUm2-2IA7U2KYaCMcxoeBJQ-y10qYC2hPOibEA3Vb7OreR5KTmYT4gDlSzostZ8cj01-qmYupt7LfjYrOLN7cGPFWNagUiiXvAAZcwt-nx0tNuHZma3QPG0OtGrLYa8jbNlTyvBx8U7UVhgsUenGJ0UeXWZImikL0fLZHJdo7bgaFPOt-hU9-xysnevacmlEAal_t8QaO2mdQSohqe2Q1gvcku1KENXD2Hr8kDHHpY-MXUcwBs31CCQobtpEtzP951GduD4onm-cfufmpiEXjGgpkQd4ewX3EBqFcDiF4pmOy0iNgDN1emjXQ5JNg_wle0T0xiIclCEFBEF5ngoQGAv9lKgSEkb_q9FZX5p4PdAAVAMkaI4iUoPcQGGa59oqPje_SB95bnvnh5WTfamp8dO8QxNnr6NgbxK3h1611kVjYDdqDGh1oGu5epoNEvBW_V94q1Wa_-jC_FCrs42HuMemVad6eyx5pYlIy66kdvpO2iFDtaV266XLGYYvdRBmp5PN7jKUXGODhAUf0q3ViSpItFthUgFg1rCoWfi3s_UUn4R0ZHv33OIbkgnZKD3CoX9gejeOnBsDY8Smjp5LM9GnfxsX6SbsqK2O_EVZpXU5klZ9crn7T_-UteEaj9d_blN2XtiTVCP5inJwIq_N-c-h4G0PVYEQBetNiEzvpdZEk8c6S7mXIofAoafYPo5lY6FiReUyc_fxz2gfRj1UOHxFw4kTA4HiBm-7hrUqRkVzsdz664PaMIE8aEGDMtMIxH1kcjG_JYktKBcL3DeOY7xj-elJPit-ofwOEWFfxfdk0q-xi2m0ditn-42-2ZaSeqTpv42kyFFdVP0ULxpk7aNSvjmQHbjS6Y2in8BbOmx5_M6BkoPG-Z3cP8ziik4_qVfmwhuB4dC1GO8n38sB8IH3B37VklRlPQpYejD_rrBsM52NTaEd2fCaRZrc68XArVzguM9JyIjo-BvvSgo4snbPKFGxVwdd9Qk8gkCGxeBReeDzmcb_3Nsv9Ir8hHF_lho0v3XY6kD_xm-wXEStRRqnOPXHFOot-IkYhzynqmYKyGTHs0GPPY7nCtfDEX65-fbIA4jUAYFeMhGo_euzSP4uWEHjWkNlDUWHcetY7lytikhsA3IkajbweZWO7H7yInKiUNy-ODn7C5qqdI-VG5V-hAJiu7ZVnfLfJDKDab7WwE1AkT5kX2Jg_FByR6KMoer0JYSzxGOibxrP3VQvZpIgCriZvPAM2soeVcMI6Ro3ksCncdLTrEiaPuuj7DtbpdvCvJ6HjSMda7y4MK0S9TK98Rx-aNMrwIxwPvPBftVuR4PayLPkbTP5KndK9TG3g0WRApAeGgBhx6CdNoMpaPqxOSf_MC8xFTgGp49jQpnV-3oPxelGZ2eskuFmFZVCuRmM4nwTu72BnanOgfb1oGUR2VbZhQVtE-CVdY90JXc_KNqb7fJ40tdekYpjl_Lpq_K573m9xNfm2ZOp8Gbn_zVEkq_RDkA5291vKLAtkF6Khwxc3AupkzEdNhRCck-OxNtF2mWHYNVJGZS6woOoDEGzmOCMD8wNbIDT47j9rzdXsvIFROVFV1r3lGJ5g5PqqMFpgclOrhSUeiLAqlhVY13B0P3GgrKq9Cxld-3A7-0RLj413Fw1HcbxGtmc-tH1c5xzDNi_wq9cmaZt4IH9VVkv20ZKlTbo9s71HzC-fzl_rKYAXWXJgK8WYdEsPshTfbHsBUvYTFDLAMsBNALl-2LugNM-nQA7uRj1zUr0uHZQmfoEbPXq5xXDCqe9Kn67vHOJj5ncRNTohSC4SgfD501yCZ32wJ4Mk_9Es3-BjH17pI9mfTe5JpcEI3cBbFIOSEQGNu1TtGJMMeaxOoui--pyMtGj24oY7T6kMBaj3acv_wwA9mvBeb0bbwMOs0zvJsG-A_g0NN46K9Un3-47aVO9madsTS76pJfgrNFrK5xri2R2s1__HHEJK2Ngxgo00jgRO0gFZnvD4GHmNqA4eo5FrDAT0dwsErbazutWn5R-uK0jbjhi56WwLnzwnRmpYp7fKOjOgQ_x1Sk7TIG73GVTZsN15Shq_iZIzFACXoGKJSrIneSEDw790e8S2viorcjlEEYwJtUKxWvH1VdPODLrFWqsP4izaEZujkbsPLDSrbspCV-zn2Ig9J8Ac7hZyDKVY--6ozy5tiY0GTlPwb3CxMFtMVanlQcyhxPBY0DpXTkQJmZvY0DuwTTvoGu8kW8RxLue8fAEhATcXm_mahrAtaeAsCMu8k3LAuxiJnLlCgXpeJ0_GfN5fTrJSM3RpckNOGVvRoSKoPYQd_wO1Ot2tByYfETtAhwNayqKENsVFJdUiEKO5lnRGv56Yu1WX6MN0QOmnr6Lvtv4SHJSdcmBsz7Qh6JiwWpBH6_86zj_atIGiVFTILkXbQp7-H9U-zsVMrRjHjAS826GxoXYy03MeuWJkQ86ng6jMP9V2hoFbEg-OPwLwZ6KvlvPqCI68ifbK4WjhOTn6Ezvq3Bfmo7kW9jQIt1J0s19qLiStuG_NR0lytEyhWhI4aGs7FMGV1ZpGmwaJu1y1GUNBcCjFDjOwrKg055Z03kCRSA7cRjnhFBRBAiQUUthy4I32TfllavQf81lmY4M9yNErMBrkejjGtUj-iCW0_eBwFIqt1C_-hCGbdzbORA78RbhcBx6c7lWu_WceIwjebCmXvNJgdFDTmqdTxIAHOK2xJD5qJYx3MqY1RRK3C88KldRNOVONgwtR4pVhPerz7sk7VByqrdH8NqNos8zzi8afWibzwSmg-6I3xUsLOoyMe2GMhIx6cteVv-HpFAZBc3Nb7tuWjaocY-2vLcvAn7xKKEI3ByzbcAU8WBqdF0MUc&cid=CAQSOwDUE5ymksVUy5U7JybR_V_Q9StEQdD3iUBPZQy0j_Pu4_yAk_or4h7LpLt4a3T1dUvDo_aS0EjvFWghGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.2viaboleto.com.br%2F&ds=l&xdt=1&iif=1&cor=11296762167057450000&adk=521587874&idt=25&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5310f6e0ea6667279bb043392fbe167a6b236e52537674ae813fea6288eecfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38526
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK NRJS-c1fa2eb36da78a45176 Show response
bam.nr-data.net/events/1/ 24 B
350 B 217ms
217ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-c1fa2eb36da78a45176?a=1067573716&v=1.229.0&to=M1cAYkACCBBQAUVZVwodN0RbTA8NVQdJHkgMQg%3D%3D&rst=2692&ck=0&s=98b887b6851036ad&ref=https://www.2viaboleto.com.br/
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.2viaboleto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 11 Apr 2023 01:56:08 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.2viaboleto.com.br
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230123-FRA

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A86E 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 573900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A86E 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 573898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:10 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A86E 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 573897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:11 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 70CD
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJHMfgyCeKH55MTPnLdKkj4&google_cver=1&google_push=Aer7DvLj4LahcHjzeXPgi74cxeqV9V1OXRrLJYBYA_aMbEaywdRu009I5IlnVeknOtVCk7dVTyxH80vFzTaJH7iXrT0HWtb-zBQwU24A
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc0NDYyMjc2MTE5Mjc4NTg4Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJHMfgyCeKH55MTPnLdKkj4&google_cver=1

43 B
398 B

97ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJHMfgyCeKH55MTPnLdKkj4&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJHMfgyCeKH55MTPnLdKkj4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 70CD 0
104 B 76ms
23ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEt8nmzPiKZ7jDiDgtxXwOA&google_cver=1&google_push=Aer7DvKmvgrzUMbfW7wfJT5wjjdQB2nTjAnjx3gyKjpbZNkKZP7r65-KznSV1lEWVUUIPFN8QGwZGBvzPPQpaRMmw_iVmpjob-droC85
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XJphJo3bn3&p=https%3A//www.2viaboleto.com.br&dtd=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 70CD 70 B
265 B 108ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB9NKyLlth-nWSG8txztvzg&google_cver=1&google_push=Aer7DvI3J8eizofYQECiVh2SmHkov8cUQIt00N8uBcTUvgfxzOPf5SjQqo5xz5rePdVwKtI4emGnmE5AWtl9k44MQW4ymRCWEieR1Jo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1690945614&adf=1579477568&pi=t.aa~a.1432402503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XJphJo3bn3&p=https%3A//www.2viaboleto.com.br&dtd=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 70CD
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPbryxPEppcDjxLskrRu-b4&google_cver=1&google_push=Aer7DvIuxKLqVpdhtbSVYV8k4PRM4g-34__FI6CXTQyRDzHYELKLx9JyhTU_pn7c99fyZS9dkxKoSorajfULEdrH...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4iqgeYdDSb61KgCX7kvJNQ2&google_push=Aer7DvIuxKLqVpdhtbSVYV8k4PRM4g-34__FI6CXTQyRDzHYELKLx9JyhTU_pn7c99fyZS9dkxKoSorajfULEdrH7F0T8aaJYmkZZtsV

170 B
243 B

16ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4iqgeYdDSb61KgCX7kvJNQ2&google_push=Aer7DvIuxKLqVpdhtbSVYV8k4PRM4g-34__FI6CXTQyRDzHYELKLx9JyhTU_pn7c99fyZS9dkxKoSorajfULEdrH7F0T8aaJYmkZZtsV

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 11 Apr 2023 01:56:08 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4iqgeYdDSb61KgCX7kvJNQ2&google_push=Aer7DvIuxKLqVpdhtbSVYV8k4PRM4g-34__FI6CXTQyRDzHYELKLx9JyhTU_pn7c99fyZS9dkxKoSorajfULEdrH7F0T8aaJYmkZZtsV
x-host: tde-deliveryengine-production-86c874c4d8-l5lnm
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 70CD
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAer7DvIHkK-y...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAer7DvIHkK-y...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA0MTEwMTU2MDgwMDAxMjMyNzc5NTI1Nw%3D%3D&google_push=Aer7DvIHkK-yHUvMkP7o3j2SJ4EOy_bBMpUghBeWRoDhip4kaaqaa-YT7loReNIIW3gZ1y...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA0MTEwMTU2MDgwMDAxMjMyNzc5NTI1Nw%3D%3D&google_push=Aer7DvIHkK-yHUvMkP7o3j2SJ4EOy_bBMpUghBeWRoDhip4kaaqaa-YT7loReNIIW3gZ1ycMx3WyB2aN_k_VIRVU2kXoT-sCCm4-jyl0

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA0MTEwMTU2MDgwMDAxMjMyNzc5NTI1Nw%3D%3D&google_push=Aer7DvIHkK-yHUvMkP7o3j2SJ4EOy_bBMpUghBeWRoDhip4kaaqaa-YT7loReNIIW3gZ1ycMx3WyB2aN_k_VIRVU2kXoT-sCCm4-jyl0
pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 11 Apr 2023 01:56:08 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 70CD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEItjBxEMOC_pst1sOw-Aa8E&google_cver=1&google_push=Aer7DvKjxIRebn_dZ1enBNx_36FtS3nCo0x5mwL6-ygAWphcs8pCfRV54EGBvTeHiolmtvstrZZZUNKpT0xDGJWALjxOr3t...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKjxIRebn_dZ1enBNx_36FtS3nCo0x5mwL6-ygAWphcs8pCfRV54EGBvTeHiolmtvstrZZZUNKpT0xDGJWALjxOr3tAM3PydAl0&google_hm=eS0xM3JDbVVsRTJwRj...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKjxIRebn_dZ1enBNx_36FtS3nCo0x5mwL6-ygAWphcs8pCfRV54EGBvTeHiolmtvstrZZZUNKpT0xDGJWALjxOr3tAM3PydAl0&google_hm=eS0xM3JDbVVsRTJwRjllWXBVRjl1dkhXSEl0TFY0NnRaSX5B

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 11 Apr 2023 01:56:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKjxIRebn_dZ1enBNx_36FtS3nCo0x5mwL6-ygAWphcs8pCfRV54EGBvTeHiolmtvstrZZZUNKpT0xDGJWALjxOr3tAM3PydAl0&google_hm=eS0xM3JDbVVsRTJwRjllWXBVRjl1dkhXSEl0TFY0NnRaSX5B
content-length: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 70CD 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 70CD 0
59 B 14ms
13ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LycDUcsJUB033RcwnIxcZJ4Muf8LUPZHOzWvN_MXaPoOD8hdksgz9q50Ja7fZG7a9UwzToMw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C84E 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Tue, 11 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1149 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 017769b0d8d2565b1765b01aad4068f63bc9f4e2b63e8ee36094ef26092948e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 55C6 42 B
64 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskqVvmvWDaQNA2sSx0_xCH1yYy-9LFVmD46jcOYHzv6PZkFTP2b187Ur2jA5OpDOAQPRN8Bp4GeNnahbx77Fl-jKfWVmUIc9C0SNaw3l_-UWglphGrRbifN8V08cbXn3JUW8kLHA&sai=AMfl-YQt4kDqNLteOicAcXMlyIXuOBHNtBeDGJHlWUF1GlD-RORexIqq4r1q9PUboEfIkOK7fQduPhmHFYBe&sig=Cg0ArKJSzK4U78AQhEXREAE&cid=CAQSGwDUE5ymUiJB-2yrD9d5kFjBkpJcehX8OMvRbRgB&id=lidar2&mcvt=1124&p=0,0,280,1200&mtos=1124,1124,1124,1124,1124&tos=1124,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3809598800&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681178166275&rpt=923&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 278A 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Tue, 11 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2358 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f5f845112853498920f6dee40ee5a5ce91192a06583bda06a126148c0093d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 1149 20 KB
20 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 573904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:04 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame C77F 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 2358 20 KB
20 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 573904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:04 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame F8F5 243 KB
73 KB 119ms
33ms Script
application/javascript 52.17.224.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-1114895170912147&ias_chanId=1&ias_placementId=19422215943&bidurl=https://www.2viaboleto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ga0RyAOKJIDoNOHJ-LL7BN
Requested by: Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.224.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-224-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2eaa194a9dce817baa37085d756bef20fa9220da8db464bb2d35866ed775ef83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F8F5 106 KB
37 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 11:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 11:11:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame F8F5 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtDZ5OZIGExWZvGp7jtyIHMj5b-chvjMimcy9VmPWba7qoOUdtAHj9NS1ZaXPsqyXNuW8MAJK2FT7WsgB9YN60UJC_98FK04GB9BvRl5HqtH5-YAk3MbIxjYQsGyA3FoUcYmch3oLGA5cn_HtHJweicZmiTDkrLyT5Y_OEU2HnSyogVPo&dbm_d=AKAmf-Condq9ht5suFel4yUgkCD3wD1_9pLGiRyPGA9jEb7CNN0GFRtcSxX9Jb8RChn2G3AS4EeIAbSc8yNPU14hzG9vKsY-rKqWbZqZzCSO-nesRsQvzXP1o6EELTnD6PoOaR-D9DylW7W3PXXGCbKQ7bav_7V7YP5Lq6xFYudwMruVU4EccmroI8JfF3xrnyQoBkUGKMFme-MkjUTuYBmbLKML7A1HrsKrzreByGdNnui2rPwAjmdLtOxfni6_WcdyeLiG780nhhDfJDtHHSJVEIRc1PiYYnj9fhTCUdGnPxqivTkzTR2LTSSJQf7pJombhfpDAvxusz0YDZTMA_nRa-UkE0N_ZGR6Xeruby2OumyKMzISopr6Ptu5hkAS7JV9YMZLQ5NoJZDZ1oA0_VfrNq1pT3KKZPDn5fiLgidzSUx4qhY-MKKQbLPCjpmB5x4XphVJ5j1jKUmJepJM_9a-9Jb9iTFpPgjuVTGaEIhgC6Wp0RENskrijZ368DUm2-2IA7U2KYaCMcxoeBJQ-y10qYC2hPOibEA3Vb7OreR5KTmYT4gDlSzostZ8cj01-qmYupt7LfjYrOLN7cGPFWNagUiiXvAAZcwt-nx0tNuHZma3QPG0OtGrLYa8jbNlTyvBx8U7UVhgsUenGJ0UeXWZImikL0fLZHJdo7bgaFPOt-hU9-xysnevacmlEAal_t8QaO2mdQSohqe2Q1gvcku1KENXD2Hr8kDHHpY-MXUcwBs31CCQobtpEtzP951GduD4onm-cfufmpiEXjGgpkQd4ewX3EBqFcDiF4pmOy0iNgDN1emjXQ5JNg_wle0T0xiIclCEFBEF5ngoQGAv9lKgSEkb_q9FZX5p4PdAAVAMkaI4iUoPcQGGa59oqPje_SB95bnvnh5WTfamp8dO8QxNnr6NgbxK3h1611kVjYDdqDGh1oGu5epoNEvBW_V94q1Wa_-jC_FCrs42HuMemVad6eyx5pYlIy66kdvpO2iFDtaV266XLGYYvdRBmp5PN7jKUXGODhAUf0q3ViSpItFthUgFg1rCoWfi3s_UUn4R0ZHv33OIbkgnZKD3CoX9gejeOnBsDY8Smjp5LM9GnfxsX6SbsqK2O_EVZpXU5klZ9crn7T_-UteEaj9d_blN2XtiTVCP5inJwIq_N-c-h4G0PVYEQBetNiEzvpdZEk8c6S7mXIofAoafYPo5lY6FiReUyc_fxz2gfRj1UOHxFw4kTA4HiBm-7hrUqRkVzsdz664PaMIE8aEGDMtMIxH1kcjG_JYktKBcL3DeOY7xj-elJPit-ofwOEWFfxfdk0q-xi2m0ditn-42-2ZaSeqTpv42kyFFdVP0ULxpk7aNSvjmQHbjS6Y2in8BbOmx5_M6BkoPG-Z3cP8ziik4_qVfmwhuB4dC1GO8n38sB8IH3B37VklRlPQpYejD_rrBsM52NTaEd2fCaRZrc68XArVzguM9JyIjo-BvvSgo4snbPKFGxVwdd9Qk8gkCGxeBReeDzmcb_3Nsv9Ir8hHF_lho0v3XY6kD_xm-wXEStRRqnOPXHFOot-IkYhzynqmYKyGTHs0GPPY7nCtfDEX65-fbIA4jUAYFeMhGo_euzSP4uWEHjWkNlDUWHcetY7lytikhsA3IkajbweZWO7H7yInKiUNy-ODn7C5qqdI-VG5V-hAJiu7ZVnfLfJDKDab7WwE1AkT5kX2Jg_FByR6KMoer0JYSzxGOibxrP3VQvZpIgCriZvPAM2soeVcMI6Ro3ksCncdLTrEiaPuuj7DtbpdvCvJ6HjSMda7y4MK0S9TK98Rx-aNMrwIxwPvPBftVuR4PayLPkbTP5KndK9TG3g0WRApAeGgBhx6CdNoMpaPqxOSf_MC8xFTgGp49jQpnV-3oPxelGZ2eskuFmFZVCuRmM4nwTu72BnanOgfb1oGUR2VbZhQVtE-CVdY90JXc_KNqb7fJ40tdekYpjl_Lpq_K573m9xNfm2ZOp8Gbn_zVEkq_RDkA5291vKLAtkF6Khwxc3AupkzEdNhRCck-OxNtF2mWHYNVJGZS6woOoDEGzmOCMD8wNbIDT47j9rzdXsvIFROVFV1r3lGJ5g5PqqMFpgclOrhSUeiLAqlhVY13B0P3GgrKq9Cxld-3A7-0RLj413Fw1HcbxGtmc-tH1c5xzDNi_wq9cmaZt4IH9VVkv20ZKlTbo9s71HzC-fzl_rKYAXWXJgK8WYdEsPshTfbHsBUvYTFDLAMsBNALl-2LugNM-nQA7uRj1zUr0uHZQmfoEbPXq5xXDCqe9Kn67vHOJj5ncRNTohSC4SgfD501yCZ32wJ4Mk_9Es3-BjH17pI9mfTe5JpcEI3cBbFIOSEQGNu1TtGJMMeaxOoui--pyMtGj24oY7T6kMBaj3acv_wwA9mvBeb0bbwMOs0zvJsG-A_g0NN46K9Un3-47aVO9madsTS76pJfgrNFrK5xri2R2s1__HHEJK2Ngxgo00jgRO0gFZnvD4GHmNqA4eo5FrDAT0dwsErbazutWn5R-uK0jbjhi56WwLnzwnRmpYp7fKOjOgQ_x1Sk7TIG73GVTZsN15Shq_iZIzFACXoGKJSrIneSEDw790e8S2viorcjlEEYwJtUKxWvH1VdPODLrFWqsP4izaEZujkbsPLDSrbspCV-zn2Ig9J8Ac7hZyDKVY--6ozy5tiY0GTlPwb3CxMFtMVanlQcyhxPBY0DpXTkQJmZvY0DuwTTvoGu8kW8RxLue8fAEhATcXm_mahrAtaeAsCMu8k3LAuxiJnLlCgXpeJ0_GfN5fTrJSM3RpckNOGVvRoSKoPYQd_wO1Ot2tByYfETtAhwNayqKENsVFJdUiEKO5lnRGv56Yu1WX6MN0QOmnr6Lvtv4SHJSdcmBsz7Qh6JiwWpBH6_86zj_atIGiVFTILkXbQp7-H9U-zsVMrRjHjAS826GxoXYy03MeuWJkQ86ng6jMP9V2hoFbEg-OPwLwZ6KvlvPqCI68ifbK4WjhOTn6Ezvq3Bfmo7kW9jQIt1J0s19qLiStuG_NR0lytEyhWhI4aGs7FMGV1ZpGmwaJu1y1GUNBcCjFDjOwrKg055Z03kCRSA7cRjnhFBRBAiQUUthy4I32TfllavQf81lmY4M9yNErMBrkejjGtUj-iCW0_eBwFIqt1C_-hCGbdzbORA78RbhcBx6c7lWu_WceIwjebCmXvNJgdFDTmqdTxIAHOK2xJD5qJYx3MqY1RRK3C88KldRNOVONgwtR4pVhPerz7sk7VByqrdH8NqNos8zzi8afWibzwSmg-6I3xUsLOoyMe2GMhIx6cteVv-HpFAZBc3Nb7tuWjaocY-2vLcvAn7xKKEI3ByzbcAU8WBqdF0MUc&cid=CAQSOwDUE5ymksVUy5U7JybR_V_Q9StEQdD3iUBPZQy0j_Pu4_yAk_or4h7LpLt4a3T1dUvDo_aS0EjvFWghGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.2viaboleto.com.br%2F&ds=l&xdt=1&iif=1&cor=11296762167057450000&adk=521587874&idt=25&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:30:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame F8F5 28 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11009
x-xss-protection: 0
server: cafe
etag: 12368014760096651300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:31:32 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C84E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELR129Fw50kP0WkWcP5JuHE&google_cver=1&google_push=Aer7DvJ0GDfHSYvuawlX_PcMhswej7But89jofyyEiGS5JBfAChUfCJyRXOuX9WIkv0iTCVJR-Osup-awB1xTJlb...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJ0GDfHSYvuawlX_PcMhswej7But89jofyyEiGS5JBfAChUfCJyRXOuX9WIkv0iTCVJR-Osup-awB1xTJlb_K3eoTu2Ef-nU9o

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJ0GDfHSYvuawlX_PcMhswej7But89jofyyEiGS5JBfAChUfCJyRXOuX9WIkv0iTCVJR-Osup-awB1xTJlb_K3eoTu2Ef-nU9o

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 11 Apr 2023 01:56:08 GMT
Server: MT3 776 936c8db master zrh-pixel-x11 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJ0GDfHSYvuawlX_PcMhswej7But89jofyyEiGS5JBfAChUfCJyRXOuX9WIkv0iTCVJR-Osup-awB1xTJlb_K3eoTu2Ef-nU9o
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 11 Apr 2023 01:56:07 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C84E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJYL0gMbUQCTEnomk8GgXaE&google_push=Aer7DvKiDzPq481A552rcj4GpgnxQEAK9bQHufTCZDrZIAgq6Jju4w-mKF...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJYL0gMbUQCTEnomk8GgXaE&google_push=Aer7DvKiDzPq481A552rcj4GpgnxQEAK9bQHufTCZDrZIAgq6Jju4w-mKFTas5SDdYNN6NWB61gsgWOyU6g5XdGRfwg2PjSZviYJ8Z0

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230070-FRA
pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1681178168.486469,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJYL0gMbUQCTEnomk8GgXaE&google_push=Aer7DvKiDzPq481A552rcj4GpgnxQEAK9bQHufTCZDrZIAgq6Jju4w-mKFTas5SDdYNN6NWB61gsgWOyU6g5XdGRfwg2PjSZviYJ8Z0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame C84E 0
173 B 36ms
14ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKF1uL_QAPT4jP4obLK9smo&google_cver=1&google_push=Aer7DvLRaQ2-FzOQzg2fhbORNNCq_rMRQf0Ir3YLvnQhuU4dyXzbwv7XPJQbjZhvJnwi1SvmP-H4uns3MBXLImkCYmXwXikgM9ovSSY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3759&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=QuPeA6Oap2&p=https%3A//www.2viaboleto.com.br&dtd=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C84E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPbryxPEppcDjxLskrRu-b4&google_cver=1&google_push=Aer7DvJRktiEFCCznxc6FvjUwxPhqRKgihJC8K4Z2cw0jNPoU-lmJ1XPpRMwXlJeO54ur7CJrbzTAfmMVok1UCsd...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4iqgeYdDSb61KgCX7kvJNQ2&google_push=Aer7DvJRktiEFCCznxc6FvjUwxPhqRKgihJC8K4Z2cw0jNPoU-lmJ1XPpRMwXlJeO54ur7CJrbzTAfmMVok1UCsd3GyCyEZF5jX5C7k

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4iqgeYdDSb61KgCX7kvJNQ2&google_push=Aer7DvJRktiEFCCznxc6FvjUwxPhqRKgihJC8K4Z2cw0jNPoU-lmJ1XPpRMwXlJeO54ur7CJrbzTAfmMVok1UCsd3GyCyEZF5jX5C7k

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 11 Apr 2023 01:56:08 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4iqgeYdDSb61KgCX7kvJNQ2&google_push=Aer7DvJRktiEFCCznxc6FvjUwxPhqRKgihJC8K4Z2cw0jNPoU-lmJ1XPpRMwXlJeO54ur7CJrbzTAfmMVok1UCsd3GyCyEZF5jX5C7k
x-host: tde-deliveryengine-production-86c874c4d8-8db69
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame C84E 43 B
351 B 38ms
15ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEO3tEv1o75usHOUYYJdbHew&google_cver=1&google_push=Aer7DvLInV2VWmCfEJzGR5PyLnAC26_IIL5Z3e2r5oSlShAMDm0hxAEAynBWJ5RoDv5seExnMDFrjApD62-__heMwcBwBNnaU-Yvq1g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=4214047519&adf=2056746596&pi=t.aa~a.1432403486~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3759&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=QuPeA6Oap2&p=https%3A//www.2viaboleto.com.br&dtd=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: l46pqprtq3uooqdk80aovmthnm4dpm5p

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C84E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oSUvma06R_aS-cp8pytcUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oSUvma06R_aS-cp8pytcUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKU-DonBl6nxYW-kTcSUHEeQg4AsT1aL2Z4I2_HuKIXho_hWliCr1GbOxsTeO6JMJU7d1M8Po1e4f0lN1r2nXsrpNySV0up9Z0

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oSUvma06R_aS-cp8pytcUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKU-DonBl6nxYW-kTcSUHEeQg4AsT1aL2Z4I2_HuKIXho_hWliCr1GbOxsTeO6JMJU7d1M8Po1e4f0lN1r2nXsrpNySV0up9Z0
date: Tue, 11 Apr 2023 01:56:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

report
sync.teads.tv/um/ Frame C84E
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKQBHqnAuwvSQrpEOGsF_BA&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvKUmfnavxzz7WeCFJI-U6Vr8HtGzNE3l1W_8T1jV791KSBFpNCq-XdsxBw2JFRtKInNB-4URcakXMHgfFACwA9cbni_9xu9Xt8
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

49ms
49ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Tue, 11 Apr 2023 01:56:08 GMT
pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C84E 0
12 B 15ms
14ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KcKJvfNlJ0StW9TQ9cZ04XhnWBqqV2_ZkJKZVFBLHSq1BvsGfu5g47bOsO0iS0MUo9aKylRA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 278A 0
103 B 13ms
11ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEt8nmzPiKZ7jDiDgtxXwOA&google_cver=1&google_push=Aer7DvIz5PrNITUgCQEHpeC-QAeyNTlc3myugPv6h8-GZvN3TBWq356W9MprFozJcJfO1j33CWX7wieq0YQx9PXX_BBqjmqsyblh6fA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=1456288602&adf=2222756707&pi=t.aa~a.631950499~rp.3&w=1110&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=1110x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=-M&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9Ocb91VE0I&p=https%3A//www.2viaboleto.com.br&dtd=32
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 278A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKQ708IP3FcGra_Viwws9v8&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKQ708IP3FcGra_Viwws9v8&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eTFnbnJ4bmcxUE0zZVU1&google_gid=CAESEKQ708IP3FcGra_Viwws9v8&google_cver=1&google_push=Aer7DvJTVm2SjZKTqAvMuY4dc1rhrUwJVmnzMWO2MHWAReD...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eTFnbnJ4bmcxUE0zZVU1&google_gid=CAESEKQ708IP3FcGra_Viwws9v8&google_cver=1&google_push=Aer7DvJTVm2SjZKTqAvMuY4dc1rhrUwJVmnzMWO2MHWAReDQZfYffRah_LpM9hPCgkYolHngb2I5tO6TiyDcOrsedDf9m2fG2uYlaGA

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 01:56:08 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-00cce439c1d70db9e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eTFnbnJ4bmcxUE0zZVU1&google_gid=CAESEKQ708IP3FcGra_Viwws9v8&google_cver=1&google_push=Aer7DvJTVm2SjZKTqAvMuY4dc1rhrUwJVmnzMWO2MHWAReDQZfYffRah_LpM9hPCgkYolHngb2I5tO6TiyDcOrsedDf9m2fG2uYlaGA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 278A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAU4qyoVmo3gen3t9VgwhR4&google_cver=1&google_push=Aer7DvLEgOuLiq4_CWRPcJOwzCx_RL36tRMfkBFXtrKHuekxgjgmEFj88jj7wxs7jG3rG_xFpGPyvvmQ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAU4qyoVmo3gen3t9VgwhR4&google_cver=1&google_push=Aer7DvLEgOuLiq4_CWRPcJOwzCx_RL36tRMfkBFXtrKHuekxgjgmEFj88jj7wxs7jG3rG_xFpGP...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQzMDAyNDExODI0Mzg4MTQx&google_push=Aer7DvLEgOuLiq4_CWRPcJOwzCx_RL36tRMfkBFXtrKHuekxgjgmEFj88jj7wxs7jG3rG_xFpGPyvvmQ...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQzMDAyNDExODI0Mzg4MTQx&google_push=Aer7DvLEgOuLiq4_CWRPcJOwzCx_RL36tRMfkBFXtrKHuekxgjgmEFj88jj7wxs7jG3rG_xFpGPyvvmQKkio4_tCpAo0Y1EwU1e62w

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQzMDAyNDExODI0Mzg4MTQx&google_push=Aer7DvLEgOuLiq4_CWRPcJOwzCx_RL36tRMfkBFXtrKHuekxgjgmEFj88jj7wxs7jG3rG_xFpGPyvvmQKkio4_tCpAo0Y1EwU1e62w
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 278A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V0nvPR8RTaqIRoALSDxwuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V0nvPR8RTaqIRoALSDxwuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLRtj2fvw_KKdQGxJUIQejhNNVEA3urD-klLoP6-W71HfPXchEtKzodScA0iqzy4pTMCLH6SSrfGvr4iqf2TA1XXLtIiN6dZrI

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V0nvPR8RTaqIRoALSDxwuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLRtj2fvw_KKdQGxJUIQejhNNVEA3urD-klLoP6-W71HfPXchEtKzodScA0iqzy4pTMCLH6SSrfGvr4iqf2TA1XXLtIiN6dZrI
date: Tue, 11 Apr 2023 01:56:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 278A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK2nJnY5MO_gwkdunY29280&google_cver=1&google_push=Aer7DvJiqPM6Gx0j0HWDvNlOD2K6RO0dj2Mj18GSKUDzH-FQdX7li2H_cQqJRThFtQ7tdmWgZ0N...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdCTTJPWFMtMU8tSk45WA==&google_push=Aer7DvJiqPM6Gx0j0HWDvNlOD2K6RO0dj2Mj18GSKUDzH-FQdX7li2H_cQqJRThFtQ7tdmWgZ0NhSECenr1YT7MJMd3XgbXhhMlTi4g

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdCTTJPWFMtMU8tSk45WA==&google_push=Aer7DvJiqPM6Gx0j0HWDvNlOD2K6RO0dj2Mj18GSKUDzH-FQdX7li2H_cQqJRThFtQ7tdmWgZ0NhSECenr1YT7MJMd3XgbXhhMlTi4g

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdCTTJPWFMtMU8tSk45WA==&google_push=Aer7DvJiqPM6Gx0j0HWDvNlOD2K6RO0dj2Mj18GSKUDzH-FQdX7li2H_cQqJRThFtQ7tdmWgZ0NhSECenr1YT7MJMd3XgbXhhMlTi4g
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 278A
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECAx0lQ36uRfXLFPKxfge0Q&google_cver=1&google_push=Aer7DvKoR0LTA9QBIweMF8zJxvB25LFBT4gUfKBG0LyORArWwXhm_u1H9to8VlIlYWf6Ozx7pc2Khtwpfo4Z...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKoR0LTA9QBIweMF8zJxvB25LFBT4gUfKBG0LyORArWwXhm_u1H9to8VlIlYWf6Ozx7pc2Khtwpfo4Z98NH8BiVY4_lQRpxY_Y

170 B
188 B

20ms
19ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKoR0LTA9QBIweMF8zJxvB25LFBT4gUfKBG0LyORArWwXhm_u1H9to8VlIlYWf6Ozx7pc2Khtwpfo4Z98NH8BiVY4_lQRpxY_Y

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKoR0LTA9QBIweMF8zJxvB25LFBT4gUfKBG0LyORArWwXhm_u1H9to8VlIlYWf6Ozx7pc2Khtwpfo4Z98NH8BiVY4_lQRpxY_Y
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 278A
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKQBHqnAuwvSQrpEOGsF_BA&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvJqjWH4oSZr5PhvaouxwS6rZ8ltk2fuNFxudbXkZ5hgjQWJByHg8WKXO9K19QtOrhwonSoR3wKgKFR_gCPSM5WZ2ZDEKHlDOlrP
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

50ms
50ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Tue, 11 Apr 2023 01:56:08 GMT
pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 278A 0
12 B 14ms
13ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jro5knBwzSfrWWX4X4k3SdilSBYi67Tj4L1kKY5XL9lm9q0fdZJzugUQL0iV5Ghd-NmZhAjw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 91E3 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame F217 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F8F5 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 07:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Apr 2024 07:04:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 161D 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Tue, 11 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F8F5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dcbb78a05e462b534e31a507aa34e0a236da728215014ecea80568e1d9ed585

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8545329873006492075/ Frame A9EA 142 KB
22 KB 168ms
8ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 316207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22810
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Apr 2023 10:06:01 GMT
expires: Sat, 06 Apr 2024 10:06:01 GMT
last-modified: Wed, 09 Feb 2022 10:36:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F8F5 0
0 226ms
54ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWtCBjPjEszLqlrV0wKr-Vkc6jva8UQ0hpIZqpGQVpkusX2Axkfim-0GPL6NI6dkMYB8UpTqpEx-bVi6EnznJ_nVsI3N_S4QtC9dEbZUSuJ-6316En4jZs84nxFbNRMtfGqAKjwH_R36ShmEqb0v8QoPWnRejZep3TW90dVFIefir51cguAqj4h49YGq7FV7ELkK43AIrt7etpqCF5q2YmwXYA2WSDpkuFJQYG0IPHzwAw24BeFY-W3mmCP1kWN_RSMJTfQbGFLwOSbImGGYE9qNsWuSWP8P51PV-zs0wf6OXQtRkL2xlmdJHBdEgqzb2oFk7ZdYmb-9NR-rqcw4UyythCc9ANyG5mTZOodpCD6icT5nb9GyN2hf_mpHzFyhTwQSqJfwzTIqq0A1kOAp3VsK9YqwCczqcbzjw53W_fw_03DMSbdPdzOzPGmWG2Wag-bVcNwo2kUbdyZUsIbsn0T8uNeDi_n8z1B3bLFYf_PXGAeIA0S6LVFmKqclxVESgN-wBslE_Er4nytOTAmvunlhTpAWXTzLhnyOhm2ltglwUdGDscxRG9pOvigtliQavq-bdx9v1k7060fy3EPBaMzliurId-csQHBJxlBR4-vRUueek3x2rJmITPInUCGOfVySKqT0WQjQbY-IWegQpKHXi6tWGflKN0G0Sj_O43Qy93u1dwdlxbxNdtLaKt93Vjn1z30QwQkhDXTMZBmh8trPyhyKVTyxssyzFiycCTdwsBAT3Km0PAR1BqjP1YAkHUPpO3VTjsSvfHf1jPoFNSFSEDbkult_jm_b3WEVFvFGi80FwX-uK7Mnfg1mAbbZCVRQZ4WDATMr7mnxQqGnrA4WqxvMgyOGy95DAtvMONKg-8PDiGgrhVWy6sk_ejwmCIGBfGPifm39Csb3QjGqWeEa355u8ibQ-5QVmD-_jzUnWTP8MqQk_gocPediroHz5ltYxXFwcMVKluHqLYbjsV2nE1Y7yZzBgI8oq-zL00fLGzUM-l95Nr3eNZoybMvsnDj0YiURgDMUfL4N1ArJDTrEpbteVoiTG5AIAy1rcmE1zlorbCB0Ku47wd-9V_nGMt6-XswPngy0k3Wtxk0SX69K6A2qg-3VSi16NBu5_il1DW4DHArm-l_r4itykkrySs3CWetcZXsOJSMb6A5kY9_jWGcjNAEcPttnyQ-QdgL7IiEaupnHRd-OyIll0wa38iDGEYmaKHOdnctx_Ax5N6v17O4dldNNRtwxlZulvQqwYGcKuummwzygi8bLMGl5kNr_zhP8F1KG2GOhVvvdG3C6ppKG1jniJqV0vCqerjoPm8cGk&sai=AMfl-YRAezVd216gOL7v62S2W9-oNhSxAMCf_TEJ98sM0tVbBfN73oCFByhqBOP33QmPUkwEF2mWRRl-h9sUGrVwiP-Sfq_oObN3V03XV326dWAn2JYkrsdGzr72lGbfcdSjZPig4y3dlKb6AOkVZxx4UKxW3yP3KYw1heNcEdCmwUFsjxyeUhGwttnhcLvl_vbt4IOj7QxBhLV4M3JhBlpbHJbCFE2Yr95Zu4nlb9fv4cfGiW7DRl-p2y4yNq-nO_FEo6CA&sig=Cg0ArKJSzDIzql72p5n-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&cbvp=1&cstd=203&cisv=r20230405.91715&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 01:56:08 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 11 Apr 2023 01:56:08 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1571 22 KB
8 KB 14ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 154285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 07:04:43 GMT
expires: Mon, 08 Apr 2024 07:04:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame F8F5
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-1114895170912147&ias_chanId=1&ias_placementId=19422215943&bidurl=https://www.2viaboleto.co...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

13ms
9ms

Script
application/javascript

2600:9000:223f:ea00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38
Protocol: H2
Server: 2600:9000:223f:ea00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: ml8sLXd95uD59cm.BnrTx99uclgxfFZ2
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
date: Thu, 06 Apr 2023 04:40:57 GMT
x-amz-cf-pop: FRA56-P5
age: 422112
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 21 Mar 2023 18:43:33 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: ntzHXRJr7c_aR0RulvOzJRftJmZteLkz3vB6QcdzRJf85ut9xGYsTA==

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: nginx
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2BF8 91 KB
23 KB 48ms
6ms Script
application/javascript 2600:9000:223f:ea00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ea00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17403592
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: CRYJjLvyORACoHYoUGQ_R2vxyNTcrloWACFe6tZspXBpA9ZvFuB85g==

GET
H2 200 dpixel
cms.quantserve.com/ Frame 161D 35 B
463 B 46ms
7ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIxfWi1qxeDlWpyu3JR2SJY&google_cver=1&google_push=Aer7DvL5HGcMZ4DKRC-0iCCceXU9ocNiMQdZ3bR2N04jFYoNSrOgAtjsSPEwkwTIsn4p-lb91g3co_mCzas8vSPf9be07gm0mnRTHyzP

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 161D 70 B
264 B 32ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB9NKyLlth-nWSG8txztvzg&google_cver=1&google_push=Aer7DvIlqUA73VIwODS1ZKynYWbggTD5dV09ssTqaDrQfNJdVCNPhEtV7LOw9QHg2T75krK0Q_pqeFkRSLvX9ZHacw7WXgY3iqFaLgT5
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 161D
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPbryxPEppcDjxLskrRu-b4&google_cver=1&google_push=Aer7DvKOU246Ye4EbuphTC_a5cAtlE5g40ba_Pv6OVUfpPcqfikbtSejJnGKEmypx8HyibNQ9CQQ30EbNodZUOfg...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4iqgeYdDSb61KgCX7kvJNQ2&google_push=Aer7DvKOU246Ye4EbuphTC_a5cAtlE5g40ba_Pv6OVUfpPcqfikbtSejJnGKEmypx8HyibNQ9CQQ30EbNodZUOfg0zmU30RTeD5ZNux5

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4iqgeYdDSb61KgCX7kvJNQ2&google_push=Aer7DvKOU246Ye4EbuphTC_a5cAtlE5g40ba_Pv6OVUfpPcqfikbtSejJnGKEmypx8HyibNQ9CQQ30EbNodZUOfg0zmU30RTeD5ZNux5

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 11 Apr 2023 01:56:08 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4iqgeYdDSb61KgCX7kvJNQ2&google_push=Aer7DvKOU246Ye4EbuphTC_a5cAtlE5g40ba_Pv6OVUfpPcqfikbtSejJnGKEmypx8HyibNQ9CQQ30EbNodZUOfg0zmU30RTeD5ZNux5
x-host: tde-deliveryengine-production-86c874c4d8-l5lnm
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 161D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAU4qyoVmo3gen3t9VgwhR4&google_cver=1&google_push=Aer7DvImnfVEj8qqIoOYLSZ0BPAZb8E4uJIBdNWdu-eZEXdYt6HQAsH57hDsWnyhDxiztkYHOz1WNzKA...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQzMDAyNDExODI0Mzg4MTQx&google_push=Aer7DvImnfVEj8qqIoOYLSZ0BPAZb8E4uJIBdNWdu-eZEXdYt6HQAsH57hDsWnyhDxiztkYHOz1WNzKA...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQzMDAyNDExODI0Mzg4MTQx&google_push=Aer7DvImnfVEj8qqIoOYLSZ0BPAZb8E4uJIBdNWdu-eZEXdYt6HQAsH57hDsWnyhDxiztkYHOz1WNzKAxLxEf9_Yxs8RS8ieKOOcbQkY

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQzMDAyNDExODI0Mzg4MTQx&google_push=Aer7DvImnfVEj8qqIoOYLSZ0BPAZb8E4uJIBdNWdu-eZEXdYt6HQAsH57hDsWnyhDxiztkYHOz1WNzKAxLxEf9_Yxs8RS8ieKOOcbQkY
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 161D 43 B
134 B 16ms
15ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEO3tEv1o75usHOUYYJdbHew&google_cver=1&google_push=Aer7DvIPC3Gt66uzSoqMSxQZTm1pJ-O6Hu88NLUQ8rGVSjaIydb8bkQYm6Ixk-eYVlLYPiSRIPJQdkCwVIju-fV8krc2CMmawwuubBMw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 6rsf7gosc4ak8i1hcncsuu4e31f362gg

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 161D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECAx0lQ36uRfXLFPKxfge0Q&google_cver=1&google_push=Aer7DvIUKCWfD5ZGVYeKOgRE8Ooek6VK5E6V-RgOJeF5DH-ZKhM6SP-iIu9lcAgqDIUDl0Bh0MyAq-416jla...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIUKCWfD5ZGVYeKOgRE8Ooek6VK5E6V-RgOJeF5DH-ZKhM6SP-iIu9lcAgqDIUDl0Bh0MyAq-416jlaI7tAxafhptLN4RchdMPK

170 B
188 B

20ms
19ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIUKCWfD5ZGVYeKOgRE8Ooek6VK5E6V-RgOJeF5DH-ZKhM6SP-iIu9lcAgqDIUDl0Bh0MyAq-416jlaI7tAxafhptLN4RchdMPK

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIUKCWfD5ZGVYeKOgRE8Ooek6VK5E6V-RgOJeF5DH-ZKhM6SP-iIu9lcAgqDIUDl0Bh0MyAq-416jlaI7tAxafhptLN4RchdMPK
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 161D
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKQBHqnAuwvSQrpEOGsF_BA&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLYHBtF_XK5dyWZB2-BU4mshF-rPgN58yx4az59zi8lPeH4IINrjxau5NxzLmzsgaa-Kp8IZ0vnqIhvtE8YWxwMR_BIzteylc_urQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

49ms
49ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Tue, 11 Apr 2023 01:56:08 GMT
pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 161D 0
12 B 15ms
14ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IpivjGjGNHjqzXTa74kpyVnFdIKH_TpGxAWaqgQLp84gEXM2NWEzOL4qEwga72_rHxdvN7FA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F8F5 43 B
215 B 314ms
98ms Image
image/gif 2600:1f18:1aca:4282:cd41:a734:78b:e433
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f2a65a7-ed55-969a-ef79-2162fe172517&tv=%7Bc:9rbNAw,pingTime:-3,time:67,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:67,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tB52gyR+11%7C12%7C131%7C132%7C141%7C142%7C151%7C152%7C161%7C162%7C171*.990511-61634100%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C191%7C192%7C1a1%7C1b1%7C1c%7C1d,idMap:171*,rmeas:1,rend:0,renddet:DIV,siq:27%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:cd41:a734:78b:e433 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:09 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F8F5 43 B
216 B 311ms
98ms Image
image/gif 2600:1f18:1aca:4282:cd41:a734:78b:e433
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f2a65a7-ed55-969a-ef79-2162fe172517&tv=%7Bc:9rbNAx,pingTime:-6,time:68,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:68,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tB52gyR+11%7C12%7C131%7C132%7C141%7C142%7C151%7C152%7C161%7C162%7C171*.990511-61634100%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C191%7C192%7C1a1%7C1b1%7C1c%7C1d,idMap:171*,rmeas:1,rend:0,renddet:DIV,siq:27%7D&tpiLookup=ao:www.2viaboleto.com.br*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:cd41:a734:78b:e433 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:09 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F8F5 43 B
215 B 308ms
99ms Image
image/gif 2600:1f18:1aca:4282:cd41:a734:78b:e433
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f2a65a7-ed55-969a-ef79-2162fe172517&tv=%7Bc:9rbNAD,pingTime:-2,time:74,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:662,beZ:663,mfA:665,cmA:667,inA:667,inZ:672,prA:672,prZ:682,si:689,poA:690,poZ:716,cmZ:716,mfZ:716,loA:730,loZ:732,ltA:735,ltZ:736%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:74,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B67~0%5D,as:%5B67~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tB52gyR+11%7C12%7C131%7C132%7C141%7C142%7C151%7C152%7C161%7C162%7C171*.990511-61634100%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C191%7C192%7C1a1%7C1b1%7C1c%7C1d,idMap:171*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:27,sinceFw:46,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114895170912147&output=html&h=280&adk=3172338258&adf=1031923888&pi=t.aa~a.3912855863~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1681134255&rafmt=1&to=qs&pwprc=4327041981&format=350x280&url=https%3A%2F%2Fwww.2viaboleto.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681178167297&bpp=1&bdt=1350&idt=1&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D65b6a6f296f1ffe5-227175598ddd005f%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw&gpic=UID%3D00000bd3c6c87543%3AT%3D1681178166%3ART%3D1681178166%3AS%3DALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=4008029446492&frm=20&pv=1&ga_vid=786532526.1681178166&ga_sid=1681178166&ga_hid=2098980033&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073487&oid=2&psts=AHQMDFfB4EDS1inhAe10mT8EpMcB8i4o8hFsNvORcmCW6lUTyX4M98xFNGKHpIy6AFJGoPHiBCnxRIA6tO6cG27cXUjzXLQ1&pvsid=2363830916624219&tmod=1320913893&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=AO6m8SvKzn&p=https%3A//www.2viaboleto.com.br&dtd=38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:cd41:a734:78b:e433 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:09 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A9EA 29 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 16:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 16:23:00 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1571 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F8F5 0
0 46ms
45ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWtCBjPjEszLqlrV0wKr-Vkc6jva8UQ0hpIZqpGQVpkusX2Axkfim-0GPL6NI6dkMYB8UpTqpEx-bVi6EnznJ_nVsI3N_S4QtC9dEbZUSuJ-6316En4jZs84nxFbNRMtfGqAKjwH_R36ShmEqb0v8QoPWnRejZep3TW90dVFIefir51cguAqj4h49YGq7FV7ELkK43AIrt7etpqCF5q2YmwXYA2WSDpkuFJQYG0IPHzwAw24BeFY-W3mmCP1kWN_RSMJTfQbGFLwOSbImGGYE9qNsWuSWP8P51PV-zs0wf6OXQtRkL2xlmdJHBdEgqzb2oFk7ZdYmb-9NR-rqcw4UyythCc9ANyG5mTZOodpCD6icT5nb9GyN2hf_mpHzFyhTwQSqJfwzTIqq0A1kOAp3VsK9YqwCczqcbzjw53W_fw_03DMSbdPdzOzPGmWG2Wag-bVcNwo2kUbdyZUsIbsn0T8uNeDi_n8z1B3bLFYf_PXGAeIA0S6LVFmKqclxVESgN-wBslE_Er4nytOTAmvunlhTpAWXTzLhnyOhm2ltglwUdGDscxRG9pOvigtliQavq-bdx9v1k7060fy3EPBaMzliurId-csQHBJxlBR4-vRUueek3x2rJmITPInUCGOfVySKqT0WQjQbY-IWegQpKHXi6tWGflKN0G0Sj_O43Qy93u1dwdlxbxNdtLaKt93Vjn1z30QwQkhDXTMZBmh8trPyhyKVTyxssyzFiycCTdwsBAT3Km0PAR1BqjP1YAkHUPpO3VTjsSvfHf1jPoFNSFSEDbkult_jm_b3WEVFvFGi80FwX-uK7Mnfg1mAbbZCVRQZ4WDATMr7mnxQqGnrA4WqxvMgyOGy95DAtvMONKg-8PDiGgrhVWy6sk_ejwmCIGBfGPifm39Csb3QjGqWeEa355u8ibQ-5QVmD-_jzUnWTP8MqQk_gocPediroHz5ltYxXFwcMVKluHqLYbjsV2nE1Y7yZzBgI8oq-zL00fLGzUM-l95Nr3eNZoybMvsnDj0YiURgDMUfL4N1ArJDTrEpbteVoiTG5AIAy1rcmE1zlorbCB0Ku47wd-9V_nGMt6-XswPngy0k3Wtxk0SX69K6A2qg-3VSi16NBu5_il1DW4DHArm-l_r4itykkrySs3CWetcZXsOJSMb6A5kY9_jWGcjNAEcPttnyQ-QdgL7IiEaupnHRd-OyIll0wa38iDGEYmaKHOdnctx_Ax5N6v17O4dldNNRtwxlZulvQqwYGcKuummwzygi8bLMGl5kNr_zhP8F1KG2GOhVvvdG3C6ppKG1jniJqV0vCqerjoPm8cGk&sai=AMfl-YRAezVd216gOL7v62S2W9-oNhSxAMCf_TEJ98sM0tVbBfN73oCFByhqBOP33QmPUkwEF2mWRRl-h9sUGrVwiP-Sfq_oObN3V03XV326dWAn2JYkrsdGzr72lGbfcdSjZPig4y3dlKb6AOkVZxx4UKxW3yP3KYw1heNcEdCmwUFsjxyeUhGwttnhcLvl_vbt4IOj7QxBhLV4M3JhBlpbHJbCFE2Yr95Zu4nlb9fv4cfGiW7DRl-p2y4yNq-nO_FEo6CA&sig=Cg0ArKJSzDIzql72p5n-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=413&vt=11&dtpt=207&dett=3&cstd=203&cisv=r20230405.91715&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 01:56:08 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FA9B 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdT6L30_o5j6inq7VIL6aDXBiRzzBlb5ZUiAaE2YoRLTai83OQBv5sJPAoZvkTQybcMGbiHNrCUrGrVkM4t6NtiLCaweGXk3JUXIjQyzHNnAT4jUgXLXVPFDaXVtNbdXE1iH7xSQ&sai=AMfl-YS7fyrWj7mWJaLvZ5GKqILGX2ebWS9Y-tz_SRFVcSViVU3mFYO-R1uSlBO7wjNP2fidaF0ahPB4ja1d&sig=Cg0ArKJSzG6-d2aMLb-ZEAE&cid=CAQSGwDUE5ymgSgXDTU66CPBG58GZCTdN7UwWAnLhRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=63,736,1000,1061,1061&tos=63,673,264,61,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681178167452&rpt=334&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame A9EA 2 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 02:07:47 GMT

GET
H3 200 flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame A9EA 4 KB
2 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 02:08:21 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame A9EA 11 KB
3 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 02:10:38 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame A9EA 4 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 01:58:30 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame A9EA 6 KB
2 KB 10ms
10ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 02:00:12 GMT

GET
H3 200 300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame A9EA 38 KB
38 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:48:29 GMT
x-content-type-options: nosniff
age: 459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38528
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 02:03:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C82D 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsse2torW17R5yYUl3VVUtNOC4WNyECOePh18N_m1F7xXUHhfLg1lvXjfadJ7CYWRkZ3z3bb3BcjPQpDgwUEMgAMLWmkC-CtB37noY9pkgg3obc_Kxl66tqy_w-0dhA6wR7WO0AYOg&sai=AMfl-YT1ZpmYd4YIK_2DzCejsTS_JMqjMrbpHXRyrJl3wQ7qLiYJfyY3ztuEdgg0cYfug8NFsHVDUS_Eyb0T&sig=Cg0ArKJSzNYtQqHawglqEAE&cid=CAQSGwDUE5ymgSgXDTU66CPBG58GZCTdN7UwWAnLhRgB&id=lidar2&mcvt=1003&p=0,0,600,120&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681178167446&rpt=208&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230405&jk=2363830916624219&bg=!iYqlit7NAAYIJb0jKCU7ADkAdvg8WpkkT6cVahYHaK-zTZuRgqDgfHYifTO4iqnyarqwEWt7AonP-ncz48UXqB3P20xGIdV1dyQCAAACElIAAAADaAEHCgBLy8rknbzOTjfuuNwKEk-_oPLDHwU2YjV_YocwKnLDqi_vyM2fwf39HDiA6Xl0i6EHx_qCfA_jGWJW3dgQ10Bp9nT-0AK0M_HwbhJRmQKixa1wOvu7utgVJ4haxkYOhffJgQLLJIsQPu3viMJqabzlB6Y2juT9KUXVrkMtEPGZIvdQN8wJchJH3vSBM_AnFaUT61UvGGUzZYqDXkm4jTSlh3VTybUEZOBgWYjOswCHh1m92moAyKvtiyEXLzAcIG6Am-IAt-eculC6MpFQyJMuPrTNernGlVf0j6ixB3GN5E3HHafulLDQb5iYSMqemDYFHVNfpV_3Yb1iXm0NTeI3KZzEjTfQOeLfmGW8E9dNlmTficHi4Ujmbo7JlQ23ytk-LQz2dDIZ0M_4CGbunuTujPKqIcI9-zaBY54G3-uudAN46dOnOMelMQ7kUQfcAsdyC745EHTJKjQT9jhn3P5FjVFFlfTWv9OKAmGPp6jUCghCRoLnxN-usibGoBGNzPkNHvI5clNe0mcW-NJ5VRqcJlrgD8MW0Ue8VOvvkkTQtgKbKwCdUrr47BNca6fivnj2H6Jgf54bguEYoAvPP8Ms1ei5a8LwqELoWLPMhvR4JExqnH5hW6BAM24kiIAX4cuV7NHMGIkURrBo0p9BPte3ohCiUWzRTrZMa-AiteU3uAKcXPopIdylh3FhYa58M-Zg7f2oMIKqhsMDY9Pd8hJ000cc71qX1DwSGniqJroD0AA_wBiTN4S5SPw6x6NVGzwsiFarl-P9JmwxXUGiSqh57800pk_sGW90Mfubhv5tN_Vu-aD3sdZ02ItX7p4deOyO1MuoUVN6wVQoIqjYQr9TTh1vy-5RlWd565qccsMKYgOnADbZ5wyvDmnhlq-IfQh0sNTP64kLUftFAizk-GGc-pt5O0PDT_JPsxCqmWsm-fGnQ5y_98RFqnRNrLkA-3KxeiJGxH9iSERus4Qn40p3a5_wLggYLSSUronsy8Fktq0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1571 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLNphOL40ZMm3DY_Lx_AP54iakA8AAAAAOAHgBAI&bg=!cnGlcSXNAAYIJb0jKCU7ADkAdvg8WvSiQ3tPDcQbM6m8E2Rft0QDeStXP4NFWibV5UHklVM5qICJajvuooG_4jjv8_kMHg_OI2ICAAAAaVIAAAADaAEHCgBcKBqx5YJpmirqyBKyDYEu5o3v2HzWtH-0OX7D4ZJDtahlEJnQSg011Nbnaole-6qmpr1cbJ7jqx7WCBi2riQ3M2IT2F_9fLR7vZEyQuJL7M-CZRUFS5kiTsEAqnCZAwW17c3KuDlJFOMUZU2avCHwaG3I8_NKlwTPdl5Ms-lfyCz5z3_bekLcmg5swE6amVN3T7_MVJyT0Q3NNYSvz-ztC3eMiyzx-gXLntDQ-ODZTNh1g-EMYrFI9phRIDhrjG2Zc9GvSJ1yrF9oX8ke66EAGGiM87E6-P1vQbhhrtEEQdUBogvC6uZ_jjxn5ymRdZoGGqx-WsIKXZTCyCU8gWqaNDbd2F6ytqrafkWJVJsnMHVaZ3cET5nqEQt1YyygXToXQp7mq0Bd1AJSk-KwrKZmfXzY_d6dlga50whWb31UfsFeJrh6kT3jAXeKbfOQZUz0E8EwoXhDcZw55ZbQI1mrNn2b_k9KKdMvc8q1mCirnP-iEWqSMcORbkAwj8rjNCGuZCopLjASL9OxnbDKTBFT_vLAZ9enoRicT8Www_QjDoguDFf10WKRBZTmyD3nu_dJV9pyoUyF23cxvZiuWzhfwyT29APyJ5GUYf0pFVRGLaBxNX_b2srZofDyo1llZrZTfqd2bBI-adf5xrO6FbNObq5_70xHOOSYbwP1-lV-l_loVPz6pe38zLczxDJnRvlRVzc2N2MuDW0qT9QBQ8SyNBVC9l7vGrtBU-BvUgYJurdzFLUssubATjnbS_VlYSWT2FAdaXp81s4jLWJRAkwj3pwW-OwdyFeIn_clZSfTNdDy4joQcSwZ0TqWAWGVDclfF16_Wqw9y3sjw_49OuZ9bWOa07qvgr3YHmLEK5lrOp8N1U6wWyKRyfn9mKeuxaeHMJ7lWIfxWFBgaoxkJqyRurRN9tGDGbsVLQMvR2FLzHkxCACAuCv4WwB0lAO3IvQwQFeE8fNA4Z4R4j7zFkInVPBGXqDz1ZAxM1pSkZb4UA7Oz3Eb5Mv5sHNBC0XQQUfNZ1gfls38Uy20fSZ9sFhFCq8EL8AxPvnWWMo33Gi4GL6JhdXhEqoxUGDzAExqpjqZxS__uUBmpIgo6RQauPbcnSnZbR_iJ9ejAknyOMLXzkRhR-MWlXj9T57nduVT5VbtJ_SpXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F8F5 43 B
215 B 98ms
98ms Image
image/gif 2600:1f18:1aca:4282:cd41:a734:78b:e433
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f2a65a7-ed55-969a-ef79-2162fe172517&tv=%7Bc:9rbNGe,pingTime:-10,time:421,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTExLjAuNTU2My4xNDYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1681178169141%7C%7Ce746c13906351436983de9d1556c3095%7C%7C54018389c7a32a8d685baa10091bc39c%7C%7C24237b460c9ecceda3a4da047faef3e6%7C%7C7ccfd8e59ec5676f11f72eb5b2837afa%7C%7Ce9ba158985035e98f714a54029e4acca%7C%7C274af44a774c61822453c41c7dd3d5c7%7C%7Cb970636c5afa3cc0ab5a6a3e58ae000a%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:cd41:a734:78b:e433 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:09 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F8F5 43 B
215 B 97ms
97ms Image
image/gif 2600:1f18:1aca:4282:cd41:a734:78b:e433
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f2a65a7-ed55-969a-ef79-2162fe172517&tv=%7Bc:9rbNQw,time:1059,type:e,im:%7Bpci:%7Btdr:1006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1059,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1052~0%5D,as:%5B1052~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:101,fm:tB52gyR+11%7C12%7C131%7C132%7C141%7C142%7C151%7C152%7C161%7C162%7C171*.990511-61634100%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C191%7C192%7C1a1%7C1b1%7C1c%7C1d,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:27,sis:123%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:cd41:a734:78b:e433 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:09 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sendpulse-prompt.min.css
web.webpushs.com/dist/css/push/ 48 KB
12 KB 15ms
15ms Stylesheet
text/css 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/dist/css/push/sendpulse-prompt.min.css?v=111683763200000

Requested by

Host: www.2viaboleto.com.br
URL: https://www.2viaboleto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

d4a0898a56136b0fe4168208742796e34e77586bf905974c04a58c91a4de6434

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 wss://ws.binotel.com:9002 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng sendpul.se .sendpul.se trckln.com .loginsrc.com .routee.net .routee.net:444 .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com revisionme.pages.dev .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com s3.eu-central-1.amazonaws.com .googleoptimize.com .privatbank.ua .cardinalcommerce.com viacep.com.br 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.2viaboleto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 11 Apr 2023 01:56:10 GMT
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options: nosniff
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 6811
x-xss-protection: 1; mode=block
x-77-nzt: AZySIRDSSx3/mxoAAA
x-accel-expires: @1682208159
x-sp-ma: sp-ma-0
last-modified: Tue, 08 Feb 2022 10:04:43 GMT
server: CDN77-Turbo
etag: W/"be70-5d77ed8a3199f"
x-77-nzt-ray: f6587a1da6e482f93abe34644bdd0f08
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
x-sp-pr: lpr-02

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5daa91a81734f9df8e725f502513bfbff7cd2432a439e19a033d7e2426706d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F8F5 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=675051310163&version=m202301230201&ct=76&x=1&cor=11296762167057450000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 01:56:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAvZilp-mICKio3SLv3o7nE&google_cver=1&google_push=Aer7DvK_5UPnzx5BFhh_9BpnV5gNu0EpTVA6NgYMTdkqgIYGfN5mmkcQpPs_6Vd4E4n7YXIJG-VKxNRPHaYZudwj5CYUk3UDY0-bw0OFMg

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.2viaboleto.com.br/	1970-01-20 20:35:38	Name: _ga Value: GA1.3.786532526.1681178166
.2viaboleto.com.br/	1970-01-20 11:01:04	Name: _gid Value: GA1.3.1607044175.1681178166
.2viaboleto.com.br/	1970-01-20 10:59:38	Name: _gat_gtag_UA_53198037_1 Value: 1
.2viaboleto.com.br/	1970-01-20 20:21:14	Name: __gads Value: ID=65b6a6f296f1ffe5-227175598ddd005f:T=1681178166:RT=1681178166:S=ALNI_MbIX0nVFEAcNY_iWLn42eMZBkyLSw
.2viaboleto.com.br/	1970-01-20 20:21:14	Name: __gpi Value: UID=00000bd3c6c87543:T=1681178166:RT=1681178166:S=ALNI_MYy7YDXbX60Nd5ocR16fmR5S9tzBQ
.doubleclick.net/	1970-01-20 20:21:14	Name: IDE Value: AHWqTUm3elm1WEObdho8pNxRVg9MbbmE_nf2Z8NKxzPkwhg61ehWM1odPv0TCVCcF-M
.doubleclick.net/	1970-01-20 10:59:41	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 19:45:14	Name: CMID Value: ZDS.OOWZkqxWQCoKvuV0.gAA
.casalemedia.com/	1970-01-20 13:09:14	Name: CMPS Value: 2160
.casalemedia.com/	1970-01-20 13:09:14	Name: CMPRO Value: 2160
.adnxs.com/	1970-01-20 13:09:14	Name: uuid2 Value: 8813994611087850817
.travelaudience.com/	1970-01-20 20:29:52	Name: _tracker Value: %7B%22UUID%22%3A%22E22AA079-8743-49BE-B52A-0097EE4BC935%22%7D
.yahoo.com/	1970-01-20 19:45:35	Name: A3 Value: d=AQABBDi-NGQCEB3e8GFPrMd79Y_8il7BpJUFEgEBAQEPNmQ-ZAAAAAAA_eMAAA&S=AQAAAlZECvC29bRT-Z8mffxBqLk
.adnxs.com/	1970-01-20 13:09:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In2f6vok!]tbPl1M>e)ZlrFUfJ+tGXxoi9w%i(Thsq7KzVAuEUC9^E]LZ3`dVskUTUpz3If)y3KL9D3I?+xXgnSh
ads.travelaudience.com/	1970-01-20 20:29:52	Name: _tracker Value: %7B%22UUID%22%3A%22E22AA079-8743-49BE-B52A-0097EE4BC935%22%7D
.blismedia.com/	1970-01-20 19:45:18	Name: b Value: 6434BE3874EE766242AFC7FABLIS
.pubmatic.com/	1970-01-20 11:01:04	Name: KTPCACOOKIE Value: YES
.w55c.net/	1970-01-20 20:29:52	Name: wfivefivec Value: y1gnrxng1PM3eU5
.mathtag.com/	1970-01-20 20:25:33	Name: uuid Value: 8b276434-be39-4500-a6e7-b4503b743e85
.mathtag.com/	1970-01-20 11:42:50	Name: mt_mop Value: 4:1681178169
.w55c.net/	1970-01-20 11:42:50	Name: matchgoogle Value: 5
.pubmatic.com/	1970-01-20 19:45:14	Name: KADUSERCOOKIE Value: A1252F99-AD3A-47F6-92F9-CA7CA72B5C53
.everesttech.net/	1970-01-20 19:45:14	Name: everest_g_v2 Value: g_surferid~ZDS_OAAAAIZXXwAn
.adform.net/	1970-01-20 11:42:50	Name: C Value: 1
.adform.net/	1970-01-20 12:26:02	Name: uid Value: 843002411824388141
.e.dlx.addthis.com/	1970-01-20 20:29:52	Name: na_tc Value: Y
.quantserve.com/	1970-01-20 13:09:14	Name: d Value: EG0BCQHdKIEA
.quantserve.com/	1970-01-20 20:29:52	Name: mc Value: 6434be38-c810d-e18ba-6285e
.turn.com/	1970-01-20 15:18:50	Name: uid Value: 2744622761192785886
.addthis.com/	1970-01-20 20:29:52	Name: na_id Value: 2023041101560800012327795257
.addthis.com/	1970-01-20 20:29:52	Name: na_tc Value: Y
.addthis.com/	1970-01-20 20:29:52	Name: uid Value: 6434be38d8183229
.addthis.com/	1970-01-20 20:29:52	Name: ouid Value: 6434be3800019652fde7ed919e5af14ba1febe630ee1b588f170
.dlx.addthis.com/	1970-01-20 11:42:50	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 11:42:50	Name: na_sr Value: 20230411
.dlx.addthis.com/	1970-01-20 10:59:38	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 11:42:50	Name: na_sc_e Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAvZilp-mICKio3SLv3o7nE&google_cver=1&google_push=Aer7DvK_5UPnzx5BFhh_9BpnV5gNu0EpTVA6NgYMTdkqgIYGfN5mmkcQpPs_6Vd4E4n7YXIJG-VKxNRPHaYZudwj5CYUk3UDY0-bw0OFMg Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2viaboleto.com.br
ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
bam.nr-data.net
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
image6.pubmatic.com
js-agent.newrelic.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
s0.2mdn.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
web.webpushs.com
www.2viaboleto.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.111.217.14
104.111.217.42
142.250.185.162
142.250.186.162
151.101.66.137
151.101.66.49
162.247.243.29
178.63.88.48
185.29.132.241
185.80.39.216
185.89.210.153
198.47.127.19
2001:4860:4802:34::178
2600:1f18:1aca:4282:cd41:a734:78b:e433
2600:9000:223f:ea00:8:48e:53c0:93a1
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9a
2a02:6ea0:c700::17
2a02:fa8:8806:13::1400
2a05:d018:d29:3605:398b:a04b:d794:3da4
3.127.174.158
34.96.105.8
35.190.0.66
35.227.252.103
37.157.4.40
46.228.164.11
51.89.9.253
52.17.224.68
52.223.40.198
69.173.144.138
017769b0d8d2565b1765b01aad4068f63bc9f4e2b63e8ee36094ef26092948e7
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
03037ab6da2abbc92f5a9d15b9a26aa4c99c428fd944c350b3a09b71d8754845
05532314e093de631b97da67a88020feb8e029aa169103bb0fc95853a39a6ccb
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
064c6909d3b2c82789c1129afd965405ddcec553f65a34f6b2fd0ecae2d9eac7
07ea9ff2314298989a32ad696ce6c1a839a1e3f149ab0811b94d234c5f6127dd
0807949de193e177adf265102c982c1abb7fa820248975775e1444c09b9d1d65
09ff63be86efff337442534f9a041582520c6c97be4eabeaffd443d857ac24d2
0a81c51fdca70a0e0cb72e27e1ab7e32decf2c10c7cd5469cd5f4afc55e0d47e
0b1f40eb112341ce51ccef7c35ef1df769deb65ad07788373fdde97b8c7d856d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbcf1b601485bcd74630815ea6180a77c56c6bfe481b36b00240a76211cfb18
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0dcbb78a05e462b534e31a507aa34e0a236da728215014ecea80568e1d9ed585
0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8
0efe39b232b9983e90455adf6ca9ff935b132a6790459ee8db071a05a6f86564
0f0d14e678c7dd5f443e5810048090a0a12ac42e474c478b948a8d44c7f6a4d1
110b95da6e397f48c09a27114251fd4157f473f66013e6ba78e0a78b310ada58
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e85aee69c2e5759e4628801f2afb012c0df2d7161dbc6b9cc8b5046495ed2d
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1b8d31787e466c93761443e64b3dfe468f2077867c57902670c7fe43a5782c58
206a274a6344284e521406627218ba8be9b04508cdcd5e83b16d108ba4dd99cf
20e4f92000fdd6db3859e5a887e00f3eda04a89c231ec8270dec5200fa46d2f5
2197d977fd86c0ce36c2db29da04a3e9bb4dbc64ddac67519f379dbd37fd0fe8
23eb134e746f1e5c265c5d33d045af48c444617adaa281fb993d6070bdc04c9f
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
2a810283ef3a450039039318677538039c2adadfe2703a12f98b07735ba15290
2b7857735f209a7446ddba4f53920335b47b2862486f4cb53346fb89f608b1db
2c40ed179b696f5690385254e6d461ae5e8396729af33955e70dfb2482ce00d8
2de5dbb6c7491affb6ca7b92ba29bb712bfd7e73ad36786c3fb0ba57c86e73d0
2eaa194a9dce817baa37085d756bef20fa9220da8db464bb2d35866ed775ef83
2ff0ff037fc73d5bbea051dc0575e0c2d4a8d93dedb2715b00a126b0a7006d0d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34e0bb5c5ed1184e6452cf7562faf332af1a26e95e50e035ff0a9f7065e6df9e
35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce
388c81fdec18192374d32c8d6b49242a3f3abd9e672e4a50e86de801b6d47c0b
3b17219a493d3808809672892fe23a7e4b89a01fa959b7e804a286534d4fe974
3d8aff3488c1f0cf82473f1d958bd176e445282c3caaeb32a4f1c09c427e9be1
3fcc65363965765df778ba971639d84376f09dc17e9769b5a26895d7344e2bef
425b523e3ab2df7ebbe311f71004fed12bf2ee5856b513afd5e8625c24d57236
430d75720cc107e64de05d74d3897a0eba22fd689403322361a221d68d8052a8
43492c07e95e2c985a90ec9593ab142a392e3f4f26c324a30413c084d8a779cb
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
46eb2c7fbf538502ff94d1a49d8333ee9e396ab5610ba8f0fe86dcdfc2125d8f
46f4baefb952425144ddecbc344eefd3e8474120d0a905197ceca703773a0af6
4759a5cbbaf2b48c7ab2ed5eb46b93e12fda0964ac3278ef367d8e7660ca5b0b
47b366a3f57739e8df246b8a262e5fa15a085bda68ebacf4c7a2bb6107ca918b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcde2058847d8c4fe4fb2ba5b0bb8c48eadf51c371e4e3bbce3c1bb09808063
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ebc61ff97ce47c96a59ac77aeeea0207caca52a385123bd199ade1c25659bb
531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6
553f422c552045cd5cd522471f4d89f35fbfd7f61bfdd8b8af8f081e7add699e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
59496a52eddfd9721cb19b4d067c905c58bd705aeadc60dd5771942a72fab68a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7fe66186bd39c8189568917d9a4e849f4dc404e39def5278606f35ed35e6a2
5c8aee8e0b70fff05f1923310674a6b79d401e65f642d291e15ba779dd1035df
5cb8afa23d794598d2e509f33f56bad58616cc0fb9c9aa75380e1b4a16390554
5daa91a81734f9df8e725f502513bfbff7cd2432a439e19a033d7e2426706d1a
5f5f845112853498920f6dee40ee5a5ce91192a06583bda06a126148c0093d9f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6e51b1506ae8b2c4acec4dfc6aa5e5ff817462d3a67e2bfdf0a5f633b6b7d379
6fc0db464c7c0a52b9fbb64825882ff81273f56319fb6376a4e4738f04fc2758
7117fc3005bd535577a248feda72de2f33d09b8a5d4ee5f344e08f7a9c90cbb7
72957e5c2b234ae7cde201e06138eb4d692d5508d4e21a7d27cc7074813c4832
7386aad4c22ce930ab59252ee045f6f9f0ebc86899b3f9b50b7cc9a4179b98b7
743f55303d7eab3ed0aa287fa248124f833da6f085a1d9a56eeeae00e109b441
74740bb41fcf440207553eef9a58a2c9e977ebf60141f2acebe0bdf9e3ec5c4b
786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db
7df1f1e0416d3774b6c4db6c9bd0c3d57ff62ffda8ac4fb42187a2120edec163
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
7e2d9dc11c42c4c70b2edab9599a14a1401ac0effc16729a5cee66d57fa1d56d
81b8b92887ff8aa7d4b2b98b7d02176daa99666bd1101d3bdb4f1ecdb260977d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
88bb7274e7a4b86ba227e0d69a16bf1f3f7650f0897f8bcc2b00b61dd4a7d8fa
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f7c2c31ea859cfc1d95cb315d2f2a36e7c34dc815ad25fc3d851b771ca580e3
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
91c739159be62fbf19cb17260088e751fa43b936201e3b761de0ffa53a51be59
93326eb41a20db97ca003b220ef4ddb2c3bd07bbed23ef5031cbd78972b502ab
989f74cc212948ce4284fb7cbba65c429cf7f30a069f94a9a5f285fb58ec81e2
997c2317aa5c7a37d5fad9bfbf40c4a78227ebf8036edf76c0083eb77bff479f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bbc1ede5c163301e776b1bd1307275e343af6a94e38e470a3530dbc78bf0959
9ebad31b7d93b8c8f601cf4c2b91b208b60557230f120e7396fff044894d5da7
9eef1086914a261727440b5426f1a4422e0ede94cde641136286bd25d8d49e2f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a07fa124c3982c252b2b8a8a79a0ee6597b05b85fab36f98c134f75dfe5ecf04
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2c76a8c7d7cf47648a58b719c72bb1bc97e116771e9905af1201e3afce69c23
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a650c814d488eae07920ba06e2725bb96d96292b417ae35024f8445ce2fd7afc
a7716e51e9d8d8c5598ad35c325e010ed865d607196b9362763a102c5c406ceb
a8dbe3e340e1af39cbc6c853241163da7ded59a8a3b692e205f45eb54922b051
aa51c452743520d3d7be8569341b9c4b6e2174975e6f4e30cb74d93d27f38349
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b003ca6b0369a697390a185a57b1ef4cb7b131a6c537547167261b48131fdb0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e947d4d9bceb7c15586d6a3f510f0dd912a72158b623d9f69f13100b64f7d0
b5310f6e0ea6667279bb043392fbe167a6b236e52537674ae813fea6288eecfc
b9d5533c89e4e80205362af5dd446c0d6656dd80ca4bc55022786918e5858781
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
bffd80deea687f8822206b43bcc0394257127b2033e436ca61f48d3198454927
c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14
c2a9d76c8aec68d27900fc385fc71a529aca535d0271f7b3a8ce94c8025530ee
c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9
c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff
c8dfbbfebd0fa034a8bc6731e0ca1a4e96ad040cc4954fcedf0e78cc33568833
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cad892a9f2f38b7765a14fe0a35893396b83dc82f7590632ba09008718a9d088
cb3ed37d3cbb3b8fb1304e96aeadfa575bde07a59c32634598123fb477319db0
d05bcc7d441f25fdf1756878b6775cb1673f6e7815f8379fc9b06f1df974bb2e
d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375
d4a0898a56136b0fe4168208742796e34e77586bf905974c04a58c91a4de6434
d4c708a96d6756d87f718c8c917709afb4b0551bbdc71967eaea4cd6dbe30f41
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd51b9d043f9401e4790ae8dd0656afdf70136eee3b8dbc6c1864c64b282ede1
ddb4ec0393909674fbba1896132641bf46f8059ef8a1d74ec5476c2f361a973e
de056cc0817b044826f00bb07b1766c1f4574adcb411a9fc8a3d21ce501a31b6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e0b7c636c8756825c0652b5d3decf36bbcb6ea03eb8fce82e2dc10e8dc0bb622
e1d8656eab6c03d6ac0205611e249a38fd3a719cd51aed01130dbab1e6b7ecee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c8d6cda903250d395120bb2b795693ad41cd75ef06e02bcae47967dc73cf86
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35f122e6ce4a1a7716ec5195343a95677ce8b6499637d3dac5388c178883d7e
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fbb97be144b418f5406cf04c9c39058299b24a00cc2b81d897c23c5e0151e8a4
fcef7b0dd8b0fd2a119139c00fc3c74b8a2b7b721bbf7a53bf53ba6a87e60c78
fd18fddb561eeb8e89ba23dc6eed679eb25035dd27b94e573653b5cbd5bd4972

www.2viaboleto.com.br Open in urlscan Pro 178.63.88.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

267 Requests

90 %HTTPS

54 %IPv6

36 Domains

51 Subdomains

39 IPs

8 Countries

3126 kBTransfer

6983 kBSize

37 Cookies

1 Outgoing links

Page URL History

Redirected requests

267 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.2viaboleto.com.br Open in urlscan Pro
178.63.88.48 Public Scan

Screenshot
Live screenshot

Full Image

267
Requests

90 %
HTTPS

54 %
IPv6

36
Domains

51
Subdomains

39
IPs

8
Countries

3126 kB
Transfer

6983 kB
Size

37
Cookies

267 HTTP transactions
19 data transactions