utua.com.br Open in urlscan Pro
2606:4700:10::6816:29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&...
Submission Tags: https://phish.report @phish_report Search All
Submission: On July 03 via api (July 3rd 2023, 9:11:53 pm UTC) from FI — Scanned from FI

Summary HTTP 154 Redirects Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 25 domains to perform 154 HTTP transactions. The main IP is 2606:4700:10::6816:29, located in United States and belongs to CLOUDFLARENET, US. The main domain is utua.com.br. The Cisco Umbrella rank of the primary domain is 474020.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 25th 2023. Valid for: a year.

This is the only time utua.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:10:... 2606:4700:10::6816:29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:c200:a:e047:753:be1	() ()
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	104.18.35.34 104.18.35.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	54.217.8.192 54.217.8.192	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
32	2001:4860:480... 2001:4860:4802:36::35	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6812:ae65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
154	37

8 2606:4700:10::6816:29 (United States)

ASN13335 (CLOUDFLARENET, US)

utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bucket.utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:551 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.begrowth.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
location.begrowth.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:c200:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.8.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-8-192.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2001:4860:4802:36::35 (United States)

ASN15169 (GOOGLE, US)

growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:ae65 (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	183 KB
32	run.app growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app	500 B
18	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346	272 KB
14	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 8797	211 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	218 KB
8	utua.com.br utua.com.br — Cisco Umbrella Rank: 474020 bucket.utua.com.br	82 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	4 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	83 KB
5	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	5 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	81 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	3 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1385 google-bidout-d.openx.net — Cisco Umbrella Rank: 1388	810 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	113 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1531	424 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	begrowth.com.br assets.begrowth.com.br location.begrowth.com.br	20 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1953	4 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1401	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	898 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1568	8 KB
154	25

	Domain	Requested by
32	growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app	assets.begrowth.com.br
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net utua.com.br www.googletagservices.com
16	tpc.googlesyndication.com	utua.com.br securepubads.g.doubleclick.net daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com tpc.googlesyndication.com
14	c.bannerflow.net	s0.2mdn.net c.bannerflow.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
6	googleads.g.doubleclick.net	daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com utua.com.br pagead2.googlesyndication.com
6	securepubads.g.doubleclick.net	utua.com.br securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	utua.com.br	utua.com.br
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.google.com	3 redirects tpc.googlesyndication.com
4	fonts.googleapis.com	securepubads.g.doubleclick.net daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com utua.com.br
3	s0.2mdn.net	utua.com.br daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com s0.2mdn.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	utua.com.br daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
3	daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	bucket.utua.com.br	utua.com.br
2	googleads4.g.doubleclick.net	utua.com.br
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com utua.com.br
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects utua.com.br
1	location.begrowth.com.br	assets.begrowth.com.br
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	utua.com.br
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	assets.begrowth.com.br	utua.com.br
154	38

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-25` - `2024-05-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
begrowth.com.br GTS CA 1P5	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.a.run.app GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Frame ID: B0C642F721900EF2859E33049EAF397B
Requests: 46 HTTP requests in this frame

Frame: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5B15317081A0F83AB697D8E37E00C859
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=utua.com.br
Frame ID: 13DA030519657EAAD09B94805F97FC92
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 111EE09BB082C8A64ACDA06C93CE65B9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Frame ID: 8155DD499BF6E05A125A90478EF5C1BD
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Frame ID: D90BCAC7A7F228C92E96B69998FF8096
Requests: 14 HTTP requests in this frame

Frame: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D6DC75D33263F1E173B1ECF7BF18C9DD
Requests: 20 HTTP requests in this frame

Frame: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 18C32145AF7D88D828E6734035D98A91
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWFiAEQqM-KARjzjpbmATAB&v=APEucNUiXR5swlayLzbqQ9NpBpO82CrVBjFJDOsjeWaXOSCnn54vXh7DFERhZX7h4v6ov5rX4L2VrFu7Gh7kgFX3PYYbtVJ-e2MZIBAGDrnHt2nACqLSz2ivx3ggp-n1aCGj0U6ElYBLjRv1anGTi3Ko3wESc010b2lG6xWxekaUZToKXl4doh4
Frame ID: A7B50AC92EF6AFBC5223DC0186BF40FC
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 35AA642345F5F10F2AEBF817C45B0B8D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6F7306E8B292ECC7568ACC2E0B4B5BD5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 369D7441F220F30B40742E3A2CB8828A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 103C424BCF7B2855E71FFC03B674A181
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: E77E7BF71918E551ED4EF0DBF544C649
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 25075A7041C43623B1509D022A36183A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14167577535780487168/PVFR_AON_SUMMERR23_PROSPECTION_DCO_SUMMER23_v2-French-300x600-638128298762814517-a8dd878d-970d-461b-ac8a-276c33dade6b.html?ev=01_250
Frame ID: 92B3E84D642A1230C306FDBDE32E1F56
Requests: 11 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/819ff6a1-36a3-4941-b98e-4791f550a1b4
Frame ID: 716F29522F5A576D28CB618520439610
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fs3-eu-west-3.amazonaws.com%2Fchannable-pvcp-images%2Fpvcp_images%2Fmedia_PV_SUMMER_2023_14L_800x600_AAA_111329_43.jpg&w=300&h=600&q=85&f=webp&rt=cover
Frame ID: F30208C4AF5242B7C213B87ED6E9CED3
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Solicita tu Crédito Crediplan del Banco G&T Continental - Utua

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

154
Requests

94 %
HTTPS

61 %
IPv6

25
Domains

38
Subdomains

37
IPs

6
Countries

1347 kB
Transfer

3735 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&rid=esp&cc=1

Request Chain 28

https://gum.criteo.com/sid/json?origin=publishertagids&domain=utua.com.br&sn=ChromeSyncframe&so=0&topUrl=utua.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=N7ocznxSNXk4amxaYVdPV3lLSzdvMVJ0Q1ZCTzVLVEk5TmlZTkgyMW53MVZjMmsvMFM4K0tIdzdDZUMwU3pST3RYQUlKdTBHbEtNeGxOcXNJR1FVOGZhK29tUU5odCtqTGJyWkFqbEl1RmhjeFZqcCtSY1diVHVZa2VOZkZjUTI2RXhNaDdEaXF5UjVQRGZjc0t0Qm5mWFBIelVoK1EvcGd3V1hPRThScjdNc3dhUXlvTnV0eHlhcWd4bjZNUUh5Rko0YkpsNDRDV1J1eWdZeXcvTkVsK2t1U1ZvcElOWUVuc2RMcEt4VC84Z1ZMa01QWTJKZTJEVVY0Vm1oVzRBL1ZGMXBnc3pIOUFWQW9kb0JOV0hoOHcrTkQ4UT09fA&cppv=2

Request Chain 75

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkq-3SlE_sRfM7z3DpOM-0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkq-3SlE_sRfM7z3DpOM-0&google_cver=1&C=1

Request Chain 103

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKM5km1SXFm0.Uk.HZGY1QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkq-3SlE_sRfM7z3DpOM-0&google_cver=1&google_hm=2

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKN8JEa0KLmWV7-uDm-aiCU&google_cver=1

Request Chain 105

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ5Njk3ODYyMTk1MDIwNDY2Nw%3D%3D

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

154 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
utua.com.br/gt-emp-gt-crediplan-p1/ 134 KB
45 KB 435ms
131ms Document
text/html 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 99f91008e669a94bdd38ff9f2b92852dd1446c1de9e885815d239c84eaa88d85

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=300
cf-apo-via: tcache
cf-cache-status: HIT
cf-edge-cache: cache,platform=wordpress
cf-ray: 7e121f635a5f4c7b-HEL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 03 Jul 2023 21:11:43 GMT
last-modified: Mon, 03 Jul 2023 21:10:07 GMT
link: <https://utua.com.br/wp-json/>; rel="https://api.w.org/", <https://utua.com.br/wp-json/wp/v2/posts/24678>; rel="alternate"; type="application/json", <https://utua.com.br/?p=24678>; rel=shortlink
server: cloudflare
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-cloud-trace-context: a53667f6930567cea088ce104148e03d
x-powered-by: PHP/7.4.33

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 296ms
141ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aeb3f806ca5d0b2f8421760912fcbcae52396b5535a710131add1e9811b3fad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26234
x-xss-protection: 0
server: cafe
etag: 704 / 19541 / m202306270101 / config-hash: 4433571151520717869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 Jul 2023 21:11:44 GMT

GET
H2 200 classic-themes.min.css
utua.com.br/wp-includes/css/ 291 B
280 B 108ms
107ms Stylesheet
text/css 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:44 GMT
via: 1.1 google, 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Jul 2023 20:56:31 GMT
server: cloudflare
etag: W/"123-5ff9b66aa3dc0-gzip"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: 44986438e9883ce662c80a833248e122
cache-control: private, max-age=300
cf-ray: 7e121f647d4d4c7b-HEL
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.post.css
utua.com.br/wp-content/themes/clean-n-beauty-theme/css/ 20 KB
5 KB 102ms
101ms Stylesheet
text/css 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/style.post.css?ver=03072023181006
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 580484de80425eeec8a6ed1215a5fc5fb9ece2ad2329c93396dc45e342fc2a0d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:44 GMT
via: 1.1 google, 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 03 Jul 2023 20:56:31 GMT
server: cloudflare
cf-polished: origSize=25607
etag: W/"6407-5ff9b66aa3dc0-gzip"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: 428506fe0fef80cadbcf9b24dffe5b95
cache-control: private, max-age=300
cf-ray: 7e121f647d544c7b-HEL
alt-svc: h3=":443"; ma=86400

GET
H2 200 57adf1ca-logo-utua.png
bucket.utua.com.br/img/2023/01/ 608 B
1007 B 123ms
111ms Image
image/webp 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2023/01/57adf1ca-logo-utua.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74479d62925af6f26ef1143977cfb1117f3a64d260caa9948e8773d4e00258b8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:44 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=1593
x-guploader-uploadid: ADPycdu8D63trdU_ZUwbwmKx61YFldsIKMK4pUyqgT2QqWKwndG2idYsyVZtgaMVm3qgt2rqz8R_K-zJKKFlJYKMgC3T4-489ylL
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 32018
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="57adf1ca-logo-utua.webp"
alt-svc: h3=":443"; ma=86400
content-length: 608
x-goog-meta-height: 35
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
cf-bgj: imgq:85,h2pri
last-modified: Wed, 25 Jan 2023 14:40:53 GMT
server: cloudflare
etag: "b94830039beb79b4b41ca467089bde57"
vary: Accept
x-goog-generation: 1674657653458328
content-type: image/webp
x-goog-hash: crc32c=bCOtsw==, md5=uUgwA5vrebS0HKRnCJveVw==
x-goog-meta-width: 70
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: 71a6318b41332cc5a11ad640231ec767
x-goog-stored-content-length: 1593
accept-ranges: bytes
cf-ray: 7e121f654f0d4c7b-HEL
x-goog-meta-size: __full
expires: Mon, 03 Jul 2023 19:27:41 GMT

GET
H2 200 8bdc8496-continental-442x332.png
bucket.utua.com.br/img/2021/12/ 9 KB
9 KB 1546ms
1540ms Image
image/png 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2021/12/8bdc8496-continental-442x332.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f39e493d44f1322c379953233b13fd5bafeb1445796750813f957310d567d764

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:45 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycds6femRdthi4bSPZUv_AsnvDOCNI17Wxx3WEguNNcxuNS8eKSL0fEinFeUEW-PDpGNWOvGdCZ5Scm7Pm6f-HkyRKg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 8752
x-goog-meta-height: 332
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Tue, 25 Oct 2022 21:29:18 GMT
x-goog-meta-child-of: 27155
server: cloudflare
etag: "118d23d3e7a116cdf6618c3be1b9f592"
vary: Accept-Encoding
x-goog-generation: 1666733358568657
content-type: image/png
x-goog-hash: crc32c=cALf3g==, md5=EY0j0+ehFs32YYw74bn1kg==
x-goog-meta-width: 442
cache-control: public, max-age=36000, must-revalidate
x-goog-stored-content-length: 8752
accept-ranges: bytes
cf-ray: 7e121f653f0a4c7b-HEL
x-goog-meta-size: img-442
expires: Tue, 04 Jul 2023 07:11:45 GMT

GET
H2 200 a5c666ac-favicon2.png
bucket.utua.com.br/img/2022/03/ 872 B
2 KB 67ms
62ms Image
image/webp 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2022/03/a5c666ac-favicon2.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691171b5764dfbadde30c21093afb347c83532080d764d8b1396a133f6828a00

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:44 GMT
cf-cache-status: HIT
age: 34938
cf-polished: origFmt=png, origSize=2144
x-guploader-uploadid: ADPycdti1sMRH6rBzlrhKhxj7m9xuD1VwccI7Wnh5HEEOlRUbdu1HJaTEKydzxAjIx2jh1iuPx9qonFoDDZP_fVgZvRXxtlS7zJI
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 15313
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="a5c666ac-favicon2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 872
x-goog-meta-height: 84
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Mar 2022 21:28:10 GMT
server: cloudflare
etag: "56f4936cc0ce436c0195325de8e378f0"
vary: Accept
x-goog-generation: 1646861290115134
content-type: image/webp
x-goog-hash: crc32c=gNU6mw==, md5=VvSTbMDOQ2wBlTJd6ON48A==
x-goog-meta-width: 85
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: 6002bbb2892984438019950df995e524
x-goog-stored-content-length: 2144
accept-ranges: bytes
cf-ray: 7e121f653f064c7b-HEL
x-goog-meta-size: __full
expires: Mon, 03 Jul 2023 12:00:54 GMT

GET
H3 200 spritesheet.png
utua.com.br/wp-content/themes/clean-n-beauty-theme/images/ 1 KB
2 KB 106ms
105ms Image
image/webp 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/images/spritesheet.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/style.post.css?ver=03072023181006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 729fdd056968891a9b7a1eb8fa6365f58a7da10fd953e837feec3bea6501b585

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/style.post.css?ver=03072023181006
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:44 GMT
via: 1.1 google, 1.1 google
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=3567
content-disposition: inline; filename="spritesheet.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1366
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Jun 2023 02:22:13 GMT
server: cloudflare
etag: "def-5ff132291df40"
vary: Accept
content-type: image/webp
x-cloud-trace-context: cc1c872874321bac34b4fa92fdff6dd0
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 7e121f654f2cd922-HEL

GET
H3 200 rP2Hp2ywxg089UriCZOIHQ.woff2
utua.com.br/fonts.gstatic.com/s/dmsans/v13/ 18 KB
18 KB 121ms
120ms Font
font/woff2 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/fonts.gstatic.com/s/dmsans/v13/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4938218ce8a8325dc656e02eb1b2af4842280a54aad0ce0d11f323cb5725d27

Request headers

Referer: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Origin: https://utua.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:44 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Jun 2023 14:27:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=3600
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 7e121f654f37d922-HEL
alt-svc: h3=":443"; ma=86400
content-length: 18520

GET
H2 200 growthcontrol-lite-ltv.build.js Show response
assets.begrowth.com.br/growthcontrol/ 72 KB
19 KB 1528ms
1422ms Script
text/javascript 2606:4700:20::681a:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be9717ba973ccaabdd9e2038a32145503c8358a01125498b8774db6354a0a40

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycds8mi29i1KnDlMNauzEyCEOw6sqItjnqFkbxngXs1eizXMHdvNUleFc46M66vu0tMwKqSPZnwx90_Dn1ySndLi6UQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Fri, 17 Mar 2023 19:37:01 GMT
server: cloudflare
etag: W/"bdee3d3f971900ba215ddd16446ef924"
vary: Accept-Encoding
x-goog-generation: 1679081821460101
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=ur+DTg==, md5=ve49P5cZALohXd0WRG75JA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v60neeB5PCw2sNFsfmBOBOezHbWfAh8jEgWS2tfjKLfrONTU1WXEDU1ehtFcU3bR%2BjRG%2BIQ6Rnd%2B8ikwy5XyCuGD7PwvHxUGNUxPuAku9cDaUfuUyUehfdYOj4s1buSYp%2B00k%2FOtUuUH6b9CWzsnLz83Psw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 73954
cf-ray: 7e121f662882d92e-HEL
expires: Mon, 03 Jul 2023 21:12:45 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ 392 KB
125 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 18:32:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9526
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127740
x-xss-protection: 0
server: cafe
etag: 1744020965594933375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 02 Jul 2024 18:32:58 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 246ms
81ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 157ms
49ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:40:46 GMT
content-encoding: gzip
age: 621058
x-guploader-uploadid: ADPycdt-ImGk7AmOvZSbzZ0WXnCyDwR4tMngucnF8Wq9Y1kP4OPr2SdSot-zlJaXnxCM2qpZNxFQN7H7pUSqx3w5v3o78w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:40:46 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 300ms
134ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 04 Jul 2023 21:11:44 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
898 B 150ms
48ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jul 2023 21:11:44 GMT
x-content-type-options: nosniff
content-encoding: br
age: 35516
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-hel1410031-HEL
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 156ms
54ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: RSGEQ3TMYY4N1ZTV
age: 448
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e121f6918a2d916-HEL
x-amz-id-2: ClzlsYvLJYc9Eo875q/vdJecjgJ4MRT0Q0XFx4PfHBkkIV+wj3cuIxExZO/fsImFzYOEKXFivGo=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 167ms
48ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 20:43:45 GMT
via: 1.1 google
age: 1679
x-guploader-uploadid: ADPycdvde4Fbzt0czZscOo9NWHqsIackMSVjwaX_x1S-IpC2LY0lkwqqGGK9jan0EEVHKTy9TBdp4BdOQ50Od3jacouLoE4kjjYa
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Mon, 03 Jul 2023 21:43:45 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 242ms
70ms Script
text/javascript 2600:9000:2250:c200:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:c200:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Mon, 03 Jul 2023 05:58:56 GMT
Via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 56309
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: lpuaeVSgZKVrgYCg4g-HhuTzM8XSB7Cg_acrvoKcmO1WfkPnn5rryg==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 220ms
72ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 03:04:08 GMT
content-encoding: gzip
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 65257
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 4tS-Ri4ik-o4IB6R529z1z_sLYRwCfFh2KTR7HO_tWITaFN-JOiHBg==

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 12 KB
4 KB 158ms
48ms Script
application/javascript 104.18.35.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jun 2023 16:15:13 GMT
server: cloudflare
age: 22142
etag: W/"648b3911-2e4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7e121f6929584c82-HEL
expires: Tue, 04 Jul 2023 21:11:44 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 308 KB
70 KB 1201ms
1200ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3882624277951083&correlator=335400644725420&eid=31075760%2C44777900%2C31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&iu_parts=21862753527%2Cutua_desk_top%2Cutua_desk_content%2Cutua_desk_sidebar%2Cutua_desk_interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x250%7C970x250%7C980x90%2C320x50%7C300x250%7C336x280%2C120x600%7C160x600%7C300x600%7C300x250%2C1x1&fluid=0%2Cheight%2C0%2C0&ifi=1&adks=3399986936%2C1558435176%2C695725469%2C687659283&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C8&cust_params=request_uri%3D%252Fgt-emp-gt-crediplan-p1%252F%26utm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04%26placement%3Ddirect%26hour%3D21%26dayshifts%3Dnight&sc=1&cookie_enabled=1&abxe=1&dt=1688418704712&lmt=1688418607&dlt=1688418704020&idt=638&adxs=436%2C650%2C1468%2C-9&adys=98%2C405%2C122%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&frm=20&vis=1&psz=1600x1200%7C800x0%7C120x250%7C0x-1&msz=1600x0%7C800x0%7C120x250%7C0x-1&fws=4%2C4%2C516%2C2&ohw=1600%2C1600%2C1600%2C0&ga_vid=802373536.1688418705&ga_sid=1688418705&ga_hid=2114399624&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYurrj7JExSABSAghkEhsKDDMzYWNyb3NzLmNvbRi6uuPskTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yurrj7JExSABSAghkEhcKCHJ0YmhvdXNlGLq64-yRMUgAUgIIZBIUCgVvcGVueBi5uuPskTFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b716dd67c0beb606c4b957f773683974a74113dc5027e74c64d4ade3e6a02db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71253
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B15 6 KB
3 KB 282ms
80ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 21:11:44 GMT
expires: Tue, 02 Jul 2024 21:11:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ 37 KB
13 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a784560c79c2bd930b184a4134d59b1d672fe786320828f191e68f48458d6f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34088
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13154
x-xss-protection: 0
server: cafe
etag: 6000168152910430745
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 02 Jul 2024 11:43:36 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-e...
https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-e...

85 B
203 B

188ms
188ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&rid=esp&cc=1
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: bceb003b10f10b0bbb452f6edab594a6a3614ca399ca83bcbda0d9ded7f6d907

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:45 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-VZ8Bn8B7/lWAIlC9CmeUEsy64JE"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://utua.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 03 Jul 2023 21:11:45 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://utua.com.br
location: /esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-gt-crediplan-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dgt-utua-ct-email-emp%26utm_content%3Dgt-utua-ct-email-emp-p2-aqui%26utm_term%3Dgt-utua-ct-email-emp-p2-aqui-04&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 329 B
424 B 86ms
86ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6e744d4bfd41839f9dc659052d950cacffb86b7b71104bfb8e82396ca677a2f9

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 03 Jul 2023 21:11:45 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 7d6379c6dc7d049cf9821db94183c8fc
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 191ms
83ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://utua.com.br
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 03 Jul 2023 21:11:45 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 8e7b95c3ef0edc0e67e80db000436b95

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 214ms
68ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://utua.com.br
date: Mon, 03 Jul 2023 21:11:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 257ms
84ms XHR
application/json 54.217.8.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.8.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-8-192.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 73886a6eaea4b617db5260434c849abf3579fccbc663276c9afd9b1985e7c9e3

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:45 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://utua.com.br
cache-control: no-cache
x-server: 10.45.15.223
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 13DA 15 KB
6 KB 217ms
73ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=utua.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 21:11:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 343520
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 13DA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=utua.com.br&sn=ChromeSyncframe&so=0&topUrl=utua.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=N7ocznxSNXk4amxaYVdPV3lLSzdvMVJ0Q1ZCTzVLVEk5TmlZTkgyMW53MVZjMmsvMFM4K0tIdzdDZUMwU3pST3RYQUlKdTBHbEtNeGxOcXNJR1FVOGZhK29tUU5odCtqTGJyWkFqbEl1RmhjeFZqcCtSY1diVHVZa2VOZk...

425 B
651 B

279ms
81ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=N7ocznxSNXk4amxaYVdPV3lLSzdvMVJ0Q1ZCTzVLVEk5TmlZTkgyMW53MVZjMmsvMFM4K0tIdzdDZUMwU3pST3RYQUlKdTBHbEtNeGxOcXNJR1FVOGZhK29tUU5odCtqTGJyWkFqbEl1RmhjeFZqcCtSY1diVHVZa2VOZkZjUTI2RXhNaDdEaXF5UjVQRGZjc0t0Qm5mWFBIelVoK1EvcGd3V1hPRThScjdNc3dhUXlvTnV0eHlhcWd4bjZNUUh5Rko0YkpsNDRDV1J1eWdZeXcvTkVsK2t1U1ZvcElOWUVuc2RMcEt4VC84Z1ZMa01QWTJKZTJEVVY0Vm1oVzRBL1ZGMXBnc3pIOUFWQW9kb0JOV0hoOHcrTkQ4UT09fA&cppv=2

Requested by

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ae959b0a19f99d5a2a19f4a3c937cf0b87a3ed43c00d5161e98c1504ffdae73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1209380
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=N7ocznxSNXk4amxaYVdPV3lLSzdvMVJ0Q1ZCTzVLVEk5TmlZTkgyMW53MVZjMmsvMFM4K0tIdzdDZUMwU3pST3RYQUlKdTBHbEtNeGxOcXNJR1FVOGZhK29tUU5odCtqTGJyWkFqbEl1RmhjeFZqcCtSY1diVHVZa2VOZkZjUTI2RXhNaDdEaXF5UjVQRGZjc0t0Qm5mWFBIelVoK1EvcGd3V1hPRThScjdNc3dhUXlvTnV0eHlhcWd4bjZNUUh5Rko0YkpsNDRDV1J1eWdZeXcvTkVsK2t1U1ZvcElOWUVuc2RMcEt4VC84Z1ZMa01QWTJKZTJEVVY0Vm1oVzRBL1ZGMXBnc3pIOUFWQW9kb0JOV0hoOHcrTkQ4UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 219201
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 111E 0
176 B 206ms
90ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 03 Jul 2023 21:11:45 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 / Show response
location.begrowth.com.br/ 175 B
578 B 575ms
50ms Fetch
application/json 2606:4700:20::681a:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.begrowth.com.br/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e96fedf15d68453deaa1fb3bfdfb2849ba0b23b42f990d2b8dd8a5e35b6a229

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:46 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CykIpP0wbdJ5Y6NvhrFDKs88NCQVQKan3l68xi2bH2T1340x5aoxIJ%2FQLoIcT%2FkjxeunnQzwt%2BlidiBPigGSzBgv6cseIn68Z9II7L99WxJTEyVLat%2FUFLE3sGNT9hTcS8LEEdiQvVAeNh2WayNghN2X0oRopA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/json
cf-ray: 7e121f728bc84c8e-HEL

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 284ms
121ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd6e154f8fd13da04a0e721e78361924febdbed54ba77ca97f9ffd458fe0c2e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11281
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306200257000/ Frame 8155 222 KB
61 KB 233ms
70ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jul 2023 17:13:26 GMT
age: 14300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61862
x-xss-protection: 0
server: sffe
etag: "53e838ddc697c5aa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jul 2024 17:13:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 8155 15 KB
5 KB 460ms
298ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jul 2023 17:13:26 GMT
age: 14300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5232
x-xss-protection: 0
server: sffe
etag: "b6c1e0819a00bf67"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jul 2024 17:13:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 8155 94 KB
28 KB 429ms
267ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jul 2023 17:13:26 GMT
age: 14300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28873
x-xss-protection: 0
server: sffe
etag: "8e0d0270ff0659af"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jul 2024 17:13:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 8155 5 KB
2 KB 459ms
298ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jul 2023 17:13:26 GMT
age: 14300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "381f894f71d56fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jul 2024 17:13:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 8155 40 KB
13 KB 451ms
290ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jul 2023 17:13:26 GMT
age: 14300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "542075413e45081b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jul 2024 17:13:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8155 14 KB
2 KB 242ms
81ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 21:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 20:06:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 21:11:46 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306200257000/ Frame D90B 222 KB
61 KB 360ms
209ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jul 2023 17:13:26 GMT
age: 14300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61862
x-xss-protection: 0
server: sffe
etag: "53e838ddc697c5aa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jul 2024 17:13:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame D90B 15 KB
5 KB 219ms
214ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jul 2023 17:13:26 GMT
age: 14300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5232
x-xss-protection: 0
server: sffe
etag: "b6c1e0819a00bf67"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jul 2024 17:13:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame D90B 94 KB
28 KB 222ms
217ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jul 2023 17:13:26 GMT
age: 14300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28873
x-xss-protection: 0
server: sffe
etag: "8e0d0270ff0659af"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jul 2024 17:13:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame D90B 5 KB
2 KB 235ms
230ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jul 2023 17:13:26 GMT
age: 14300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "381f894f71d56fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jul 2024 17:13:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame D90B 40 KB
13 KB 236ms
231ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jul 2023 17:13:26 GMT
age: 14300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "542075413e45081b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jul 2024 17:13:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D90B 14 KB
1 KB 232ms
82ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 21:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 20:56:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 21:11:46 GMT

GET
H2 200 container.html Show response
daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D6DC 6 KB
3 KB 74ms
73ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 21:11:44 GMT
expires: Tue, 02 Jul 2024 21:11:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8155 3 KB
3 KB 302ms
148ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 18:05:24 GMT
x-content-type-options: nosniff
server: cafe
age: 11182
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2687
x-xss-protection: 0
expires: Tue, 04 Jul 2023 18:05:24 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8155 295 B
424 B 232ms
78ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 10:36:44 GMT
x-content-type-options: nosniff
server: cafe
age: 38102
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 04 Jul 2023 10:36:44 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D90B 3 KB
3 KB 243ms
90ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 18:05:24 GMT
x-content-type-options: nosniff
server: cafe
age: 11182
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2687
x-xss-protection: 0
expires: Tue, 04 Jul 2023 18:05:24 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D90B 295 B
353 B 242ms
89ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 10:36:44 GMT
x-content-type-options: nosniff
server: cafe
age: 38102
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 04 Jul 2023 10:36:44 GMT

GET
H2 200 container.html Show response
daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 18C3 6 KB
3 KB 73ms
72ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 21:11:44 GMT
expires: Tue, 02 Jul 2024 21:11:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8155 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83931e25c2b39853f7020992268f09ce4d55d1735cfe29d92f3cddbe4bec90c6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D90B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D90B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a324719220774d0b4d5f5c2bb36d30fae3a4a5046bf86f0641f6c19d0b69a11a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 266ms
171ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 21:11:46 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A7B5 624 B
671 B 278ms
114ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWFiAEQqM-KARjzjpbmATAB&v=APEucNUiXR5swlayLzbqQ9NpBpO82CrVBjFJDOsjeWaXOSCnn54vXh7DFERhZX7h4v6ov5rX4L2VrFu7Gh7kgFX3PYYbtVJ-e2MZIBAGDrnHt2nACqLSz2ivx3ggp-n1aCGj0U6ElYBLjRv1anGTi3Ko3wESc010b2lG6xWxekaUZToKXl4doh4

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 21:11:46 GMT
expires: Mon, 03 Jul 2023 21:11:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D6DC 78 KB
27 KB 288ms
141ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 03 Jul 2023 21:11:46 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D6DC 42 B
63 B 254ms
108ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CyOB3xvr8y0uhWmUtKC2nZJPJs-7NzQD5FSuTgY94srCe24iQboWR1G4Cby_J-SZBb4Z2n6zqxJ-MdUt2pQtoTC9x65HjLmcMl6Hoo3sdH1JIXZ6M

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D6DC 0
20 B 255ms
109ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12399473523166904988&x=1&ct=76

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame D6DC 3 KB
1 KB 228ms
155ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 18:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 18:11:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame D6DC 20 KB
9 KB 143ms
70ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D6DC 179 KB
57 KB 238ms
82ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 21:11:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 18C3 4 KB
744 B 119ms
86ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 21:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 20:48:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 21:11:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 35AA 14 KB
1 KB 104ms
84ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 21:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 20:48:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 21:11:46 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 35AA 2 KB
973 B 179ms
151ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 18:04:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 35AA 23 KB
9 KB 184ms
158ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 18:04:23 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6F73 143 B
383 B 184ms
72ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 20:55:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 35AA 3 KB
1 KB 174ms
152ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 18:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 18:11:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 35AA 20 KB
8 KB 103ms
81ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35AA 179 KB
56 KB 300ms
195ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 21:11:46 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 35AA 33 KB
14 KB 227ms
73ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 17:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 18:45:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 17:33:42 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 18C3 20 KB
9 KB 155ms
136ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 19:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7864
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8602
x-xss-protection: 0
server: cafe
etag: 5099012690780875661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 19:00:42 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 18C3 205 B
519 B 238ms
91ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 14:29:14 GMT
x-content-type-options: nosniff
age: 110552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Jul 2024 14:29:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 18C3 604 B
696 B 239ms
91ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 22:47:52 GMT
x-content-type-options: nosniff
age: 253434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 29 Jun 2024 22:47:52 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8155 33 KB
34 KB 229ms
73ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://utua.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 525749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 19:09:17 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D90B 33 KB
33 KB 308ms
158ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://utua.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 525749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 19:09:17 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6F73
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
138 B

103ms
100ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 21:11:46 GMT
expires: Mon, 03 Jul 2023 21:11:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 21:11:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 388ms
271ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: f4201c88f68faeb2addd1db0970052af

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 650ms
534ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: d0eb83f52fb1bd192bf40eaccf4fe3e2

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 618ms
503ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: 51d1d4ef4006d213dea46acc7dbf18f0

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 626ms
544ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: 9c86d0160c75d7cbc5b58c4370c6463c

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 608ms
528ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: 8e35e1495bc71b1460234a65291fea13

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 582ms
503ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: d42e938a7ec651e4261555cf94009877

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 351ms
273ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: 974effe22ccea4fd43858a4e917e0ddc

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 612ms
535ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: e4fcfab770f8527b476f98c1b3fe9fc1

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 578ms
502ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: 241b35eb3f93ea7e68eb1264cab7738f

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 347ms
272ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: 68db1b6fbcb54d0b5a95f1c095850539

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 347ms
273ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: 97e1f4561c4c76e434456e9fe89db2c0

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 345ms
273ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: 35c0c14ea84df23256d0f6c289eb970f

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 789ms
718ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
x-cloud-trace-context: 66e316d72ad40799d152a05d18d4fd6c

POST
H2 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
75 B 352ms
348ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: f5b146a3086c6c2b92ebb1e2235104fd
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
13 B 337ms
337ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:47 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 912ce6a9663eda145c6d1cf33abb2609
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
13 B 341ms
341ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:47 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 836a1b499355b5c4b78952655dfe9559
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
13 B 1400ms
1399ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:48 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 7b830efe6328730bb5efbc0b91bb9e4a
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
13 B 341ms
341ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:47 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: c521750166d7f62b10b3a3db23649ee5;o=1
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
13 B 347ms
347ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:47 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 2441b61ae30b711a4e892e2ed4773732
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
75 B 1147ms
1146ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:47 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: f39bb17e3c8f60161bc00e6ef06edecb
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
13 B 559ms
559ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:47 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: b6b96799611326a3c93468814a978032
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
13 B 335ms
335ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:47 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 04fa70e7d23d7409114c1801597a6fef
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
75 B 349ms
347ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: c32deff0add3313297897540d6c9ca31
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
66 B 1171ms
1170ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:47 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 58bc8a3cd4795063cdbc5379947a7c36
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
66 B 443ms
441ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:46 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: f9b2c09c75b67cb5d466515bea45f646
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
13 B 1286ms
1285ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:48 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: aa41beda27fc74fbb5342eacdf9aadc1
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A7B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkq-3SlE_sRfM7z3DpOM-0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkq-3SlE_sRfM7z3DpOM-0&google_cver=1&C=1

43 B
632 B

87ms
68ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkq-3SlE_sRfM7z3DpOM-0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWFiAEQqM-KARjzjpbmATAB&v=APEucNUiXR5swlayLzbqQ9NpBpO82CrVBjFJDOsjeWaXOSCnn54vXh7DFERhZX7h4v6ov5rX4L2VrFu7Gh7kgFX3PYYbtVJ-e2MZIBAGDrnHt2nACqLSz2ivx3ggp-n1aCGj0U6ElYBLjRv1anGTi3Ko3wESc010b2lG6xWxekaUZToKXl4doh4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 21:11:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 21:11:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEHkq-3SlE_sRfM7z3DpOM-0&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A7B5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKM5km1SXFm0.Uk.HZGY1QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkq-3SlE_sRfM7z3DpOM-0&google_cver=1&google_hm=2

43 B
632 B

65ms
65ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkq-3SlE_sRfM7z3DpOM-0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWFiAEQqM-KARjzjpbmATAB&v=APEucNUiXR5swlayLzbqQ9NpBpO82CrVBjFJDOsjeWaXOSCnn54vXh7DFERhZX7h4v6ov5rX4L2VrFu7Gh7kgFX3PYYbtVJ-e2MZIBAGDrnHt2nACqLSz2ivx3ggp-n1aCGj0U6ElYBLjRv1anGTi3Ko3wESc010b2lG6xWxekaUZToKXl4doh4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 21:11:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkq-3SlE_sRfM7z3DpOM-0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A7B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKN8JEa0KLmWV7-uDm-aiCU&google_cver=1

43 B
1 KB

92ms
69ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKN8JEa0KLmWV7-uDm-aiCU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWFiAEQqM-KARjzjpbmATAB&v=APEucNUiXR5swlayLzbqQ9NpBpO82CrVBjFJDOsjeWaXOSCnn54vXh7DFERhZX7h4v6ov5rX4L2VrFu7Gh7kgFX3PYYbtVJ-e2MZIBAGDrnHt2nACqLSz2ivx3ggp-n1aCGj0U6ElYBLjRv1anGTi3Ko3wESc010b2lG6xWxekaUZToKXl4doh4

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 21:11:46 GMT
AN-X-Request-Uuid: 5b73ccc6-5d87-4873-b744-1c73fb8f2c86
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.212.149.206; 185.212.149.206; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKN8JEa0KLmWV7-uDm-aiCU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A7B5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ5Njk3ODYyMTk1MDIwNDY2Nw%3D%3D

170 B
243 B

80ms
80ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ5Njk3ODYyMTk1MDIwNDY2Nw%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 03 Jul 2023 21:11:46 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.212.149.206; 185.212.149.206; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4b32840c-fb98-491a-8588-67b6c1e9eada
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ5Njk3ODYyMTk1MDIwNDY2Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 369D 13 KB
5 KB 71ms
69ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 1166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 20:52:20 GMT
expires: Tue, 02 Jul 2024 20:52:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 103C 783 B
971 B 139ms
84ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

563aa1e303165c6c5b1401c26a44f0e6989e21e61e718c48904b02e66e64dea3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p0I568_yNhsL2aZkBEkhqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-p0I568_yNhsL2aZkBEkhqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 21:11:46 GMT
expires: Mon, 03 Jul 2023 21:11:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D6DC 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=879211368663&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D6DC 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=879211368663&version=m202301230201&ct=76&x=1&cor=12399473523166904000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D6DC 87 KB
36 KB 122ms
120ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aisd3q1pilnSNQs7k2chsq8Vd4f9Z0aC71ULmCCWIuDfCL9tR6n1VcJltpx10WkueytRYnJwoMxcx-5FxDd3JK5v1XSg&cry=1&dbm_d=AKAmf-AaNYpgRwuAHjUxUUTm0g8Wlbr2hbtXvGCTJ5SvIe1HWhTFE4QbEk12Y9grxhiDNb25mYP3P8DiFa5erAqnlNISTsUgnY7d-48XjSzwtR0G3b8MpDlMb18D5UqxSKaCo3s82xaLiAd4bTNvQPtmp_39Sha9SP4lIcKqPmJ2xLNMgjX24UueOVGNd-If4ilAaMgFV1hSQXQjME2zDrJwDZ3mwuOvMs4lh93mcy8wVYGrDt9pp9Cu8Al7fWvN3Nx4oqPfIBtheS3r25NkcHDz9ISbtnk_ib6MHhjIVthX7-FzaGqWbBMXpgl9ycUJ4NaaJPU4sWRSbyC5H-5prbz-595leJYxjD4vZzgWdJ6Xj3kwYlO_QIjBYgZ8Iz4K0bg2yJqZ-jjMBoWbKAojSiLnYXKu5ge-SxYVDubD_hyxj_3b_np3pk7UJD3m50Lg9vP6xIgQu9AKqC3-7Ym2qIXjGvCAEPeHrIdBEnqjRLBLXieJL8wR-4Tgq2_3LJmXywY_q5lj4-dsmTFAybMtRmAq8mRmVoSgFZZ6LnINTHXW73A9FP8iZsoR555iIcq4CgD2I12do0iEIHqtdVItUTPo4W7-M1REN3GYZ1uiPKTphH_byNQsMXUbGbv6eoNGgWGd-QTQQoE4SXMYgETFba28gILRK-dlMrHU63fYvmvHx8TVjPp6DWtpNYnL8mIHGgTq93rWKTXbQBSKrul2mVAbYIII1S-upccFHSGVr6nV8RkENzW1TjoBYz0x-UYtKjDBW-bmeFV9X5z5FZMooKQ1X-XHh8dN93bLUSPVWMoEWScMScd174BrIDnnDYA4tUW2wszTMdwwYDZujCQ8hvFrYOd0tehVAzLyTDZ8kD4X8B3BTporsQlboINDT_dTbBzbKc0GeaYeT6wC0zoFJLKp58hr2qMQjanz50z6_INRXlSZ2c6D8gCA4yi-unwUkiYiFfmKHnmu2RLNTyZI4xxkSubFdllyplSnOjM0IAGYRqBlvhNC0bvQl09A3oJV50S8ticGMeJRatznFErW5_eFcvAAQ6pYKuQfTEqghkAkLHPWciqKEFDL6z0IELfXT6H3FQsdvbnR9EoEV_Byb2CL1Mpj5KHsMHpPsiS088cDSXPZqzbnr8lICEPeQvNdAzk4_KrzdAJWO3ZgmTxne3EK12j3vNW0tq2SMc6kTnfMrOiv6xjcS3Dv0OzTR27ta11BA9oM3htKa-62gEe2z8fSyN7SDnAwbk8mMVbXE_fFJf4FNZL2NNTFGryiQSm472u6d1VLd_bKWYswHzWJLpeWRXgpdo2jWEzPzvICcgx55lOExuGZ0i0ed9gGo_fYxjDzfVo6GjSCQTy36XQ5rnlf_PXqVil931cwf8fTXrHC0Ya_KeXH-JBUYgDErR0NB9XvsjorubvXnz558cv_odRJZFxQYNjdSyPrvJ4I7L6HnD44qDIgCkkXKXlPlosnV0Ajmrc6YbJRuMKqbRWXGa63C4lSLXIlDFy3BHcDfzo53HXWQMoAmrz5cM9yMQKvL9drEC-aHsnaCsRtO57BD3etsjV7PRSrSJyVB3Kdd-onijw_1e7jjPFMz-K-YqPXQWStE-ELEiKpEnCTObRsSKyNv3GwCiO4bxJOl2slnTxvvM6VKwGtycwMLZu4FAaKCWH-Ac1kMT1VKunnMntF1QlXuadZzFJpOQzfgEP8KfM_Fl045eHwbgkuXSLh9HIU8TeMsqaSkpsQvj5TOnSNQl-T4m-zAAPopm7jtuzyneYQnMFT7OZEducAIjoYYez9VnxQHMFphUHohUoVQFIXaQolUhInJ1uFs1GRPyjrsrR1IfTSGDisuaZLOa_rvYQEu2DQQa_W16cLEgOg091ox1UZ6d-QoWpuRzjNQdMFeXuTFQel1aM56sweES9Sb64nUpdCfYy5oGhXybOS3PIuLO6E3dNJ2JqDySaPvinz5eyfsGAegdEMq7l75aLfGIbdxNfEosCE0VFkM-DNLoyEqBj8BRenbJxz-qB3AgB2lFpqa8lUkMsVHwj8SSYxiizZxDtXvk57pPtXaIThuNKcAInYTYQVogIowM3KFzZfXXhbuV8x_qEJwELwW5xL2Pi-nCNgswEVvXoolBCTjl_X3fsaXBrm9Cw5zFVL9nLp778K5c69MOpyNy9dwRSu9lEYxf5JCH1yY8F78BYtAsAQW3XHFgtK-_OMUiZZxaH4g-c2mTVh15j_bRzFSXiKEaXQ0Uy8RXe02WIEzmGPBC4e6sIlh-y_gT3Yjeo31yT8xtf7dWheSJqdIPxSucKUpIXziiDClDEaN1UIAnzEmmet_oZjou1HKAT40Z_fuKrfj3Beef6tb2Hjcr5pzr6btW5UFi8KPO45UzEW4ixHoc2cRo2XvckbDUg7CG2iVqgg8DNbtC5aVXC-3rrw0cNsggdxdVZgnIwZL1lvRG04ypE_CpnncgIQJF0wAOjW_EPZhU8-Z_G5qu9Cm07rgVMkT1pjSA6TzHxiTvmfXVU4Gr1y9pVqykwZ45TDJm1Yg-ONst1ne2hqWccP3lcJ_I-B_Mp3oWC-JkKdXaZjZZuL8je1nUUuUEHY2oiw_c13zVr-sGrYGA3Oh474HNK7pky05KVwqAm539_SlkNQltoxYYiM3Csg1eCao7y_Ul1lz-tpYMrgrsqUsRz1dGBNzKqHu9LKrGW8VO4F6AGRekEVq8FO1v2A7uH2x4MvnDO7o05WlHECR5zmp7PpewiXpvqJ9F33YI3xEsw0cATB529vAC0Hxx1nc4FVgeCkVhEyWhG6fTs5ftWc-xkRYpsYXKfjCnsw4jnHsGTZlDXfdGNfNJ8o-JgxlqpmsdW94wcQco1CHkynhIDfFxR-r09vsufFV1HkxSPfHUNFG2t_hrVfLPNVG2JAsUtpm-CoVbcvS2OjkvgqfMtZ5beHVbg1gH-P09ojd1exjE1wPP9dIUPKsgExEJd1ZLhnCkwFJkVji7mDct0GwrLdll6YvY01Yc95isKJ9iq1HGOo4pfvzZ4VBN6TrI857vgb-Li2NeclvS-tuM2em4Fh_uxWOlQY9rEKRjO4Uv2I1HNXJCpq4E3gj9g8P_FzjeepQ3OD7NK49W-ehrNS68YA_STBtbp-QHRBrSzDgCPW0CVDoa4jQiKtI5uWotoCNVa-Dt4oVBu7jIGElG3zGO-y2JncomnVBl9WI0_EgoWen5-mdwXEPl16sM66e7fd-5zZ3bqUL4WEeAiag6PqVdibS1ARDAPjUnDYjJxtjFAeggl8n2llHzQzXF1FrtuOdta_A_5NWe2_LYrdmue4lXzjZcQJD2oSIrEkw_mCgCU-gFsZ34Q-LFo676pBOsmnwGkfTnLAY0HSuroDXzEsCQQUFU5BLHlAjwA2neswJRKovOqTjPhp8RronmHJm0SdE_s6W_7vopmcfAydNty2jjrEOwjuVp4R5vFmPfKx-x20jaBrHQPK1g4NKTObrxOZtUJ97S-0lOWMbufesA7wQV1Ith1rR3p0-Ai2Gf9kurN7y_WF-AJz&cid=CAQSTABygQiDwqgkZKqPS9MlyXo-EtViaCgejvrLBEojvAkdFEWSw0St9AVFDWIp2wDIBWULypqBvkWEPg5jmOMvWlLoYr2w2hxe7AVDKVYYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=12399473523166904000&adk=2228999115&idt=332&cac=0&dtd=29

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96686ac3b1afe326ee0ccfa814d71810d259c37b040e8754155230dd05f41102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36936
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8155
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

81ms
81ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Mon, 03 Jul 2023 21:11:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D90B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

90ms
90ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H2
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Mon, 03 Jul 2023 21:11:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8155 0
0 118ms
117ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CET9VkDmjZMK7MPHH7_UP09G52AHfypr1br7W4rWEEdrZHhABIJ_O9n1g-wGgAcSoq_wDyAEBqQIL3hSwklCyPuACAKgDAcgDCqoE9AFP0JYQtdkuwNFi-SWmBA08BfTvqRCdoL0oVzQtBbA0Lqy4DX_6R86tX13qg0ie_p4EaDh84cE6O1_WagQzvoLw9P1W6nNKbex99LuOSJh_c4z_Prc4OM4U0WieHR840DB0ZNEu3VOQglMIdbQ2tYsQ3I0wK8neJmUepqKPjmW4cQxnAoCBHJFAUHU7YzU2aad39WcKFlltHqqzD82wogqO00M-jZt-x_tFM3vZUXAWF55zVGRinxUK1IE9G4tNa40mvWkB9phYS8Pxptv29QYETz1WEZ2_acpwUb32RhpaJetrwEftCvIpa7EZ2X9uIrvEncYBwAT6hc66zwPgBAGSBQQIBBgBkgUECAUYBIAHpNfUA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEK_fqQHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBogwIKgYKBMOwsQLYEwzQFQGAFwGyFx4KHAgAEhRwdWItNDk3OTk3NzQ2MzgzMzAyNBiZgXQ&sigh=JcWPq-W4ZKk&uach_m=[]&cid=CAQSTABygQiDwqgkZKqPS9MlyXo-EtViaCgejvrLBEojvAkdFEWSw0St9AVFDWIp2wDIBWULypqBvkWEPg5jmOMvWlLoYr2w2hxe7AVDKVYYAQ&cbvp=2
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 103C 0
0 106ms
105ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306270101&jk=3882624277951083&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 369D 37 KB
14 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D90B 0
0 120ms
120ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6c0YkDmjZMO7MPHH7_UP09G52AGfsOOdcc_NgpL6EWQQASCfzvZ9YPsBoAHo58a5A8gBAakCC94UsJJQsj7gAgCoAwHIAwqqBPwBT9AnKR2Ks2Bgn6Saf5edZkmaAsfzxjSYGL7VZaBPRCU6TvS-7qUmNYDyfV33M9BcblkTwhP3Z66y7muRe8G9MshMkt0KNKSuOWfqBt-kKdSo8WU5svcMwh3YID795J7IxALYog30yyzcFvP04Apm_CAWmqTV6BekAZ_D7eFIKJRAaPXRqoNtfo26fl_mWer_PkiRBSA_v4QLLkd0z4zx3Uwoa09T36ru-zCOblGZRT76IGd8eX8VJU5Bw9ZiypfUY_q_Q4hCFivjJv40a2WvsBphIvcl9yPYGzYrUMcSLu6zOYckdWa5WAFtjFbvYLdGaFK20_ysUCf3IUS_wASE9ar4yQTgBAGSBQQIBBgBkgUECAUYBIAHgJi5RqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEJ7XkwPSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBogwIKgYKBMOwsQLYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDk3OTk3NzQ2MzgzMzAyNBiZgXQ&sigh=fsnQat0o_I4&uach_m=[]&cid=CAQSTABygQiDwqgkZKqPS9MlyXo-EtViaCgejvrLBEojvAkdFEWSw0St9AVFDWIp2wDIBWULypqBvkWEPg5jmOMvWlLoYr2w2hxe7AVDKVYYAQ&template_id=5020&cbvp=2
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-gt-crediplan-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-p2-aqui&utm_term=gt-utua-ct-email-emp-p2-aqui-04
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame D6DC 111 KB
39 KB 239ms
72ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
Origin: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 13:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 13:52:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame D6DC 11 KB
4 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aisd3q1pilnSNQs7k2chsq8Vd4f9Z0aC71ULmCCWIuDfCL9tR6n1VcJltpx10WkueytRYnJwoMxcx-5FxDd3JK5v1XSg&cry=1&dbm_d=AKAmf-AaNYpgRwuAHjUxUUTm0g8Wlbr2hbtXvGCTJ5SvIe1HWhTFE4QbEk12Y9grxhiDNb25mYP3P8DiFa5erAqnlNISTsUgnY7d-48XjSzwtR0G3b8MpDlMb18D5UqxSKaCo3s82xaLiAd4bTNvQPtmp_39Sha9SP4lIcKqPmJ2xLNMgjX24UueOVGNd-If4ilAaMgFV1hSQXQjME2zDrJwDZ3mwuOvMs4lh93mcy8wVYGrDt9pp9Cu8Al7fWvN3Nx4oqPfIBtheS3r25NkcHDz9ISbtnk_ib6MHhjIVthX7-FzaGqWbBMXpgl9ycUJ4NaaJPU4sWRSbyC5H-5prbz-595leJYxjD4vZzgWdJ6Xj3kwYlO_QIjBYgZ8Iz4K0bg2yJqZ-jjMBoWbKAojSiLnYXKu5ge-SxYVDubD_hyxj_3b_np3pk7UJD3m50Lg9vP6xIgQu9AKqC3-7Ym2qIXjGvCAEPeHrIdBEnqjRLBLXieJL8wR-4Tgq2_3LJmXywY_q5lj4-dsmTFAybMtRmAq8mRmVoSgFZZ6LnINTHXW73A9FP8iZsoR555iIcq4CgD2I12do0iEIHqtdVItUTPo4W7-M1REN3GYZ1uiPKTphH_byNQsMXUbGbv6eoNGgWGd-QTQQoE4SXMYgETFba28gILRK-dlMrHU63fYvmvHx8TVjPp6DWtpNYnL8mIHGgTq93rWKTXbQBSKrul2mVAbYIII1S-upccFHSGVr6nV8RkENzW1TjoBYz0x-UYtKjDBW-bmeFV9X5z5FZMooKQ1X-XHh8dN93bLUSPVWMoEWScMScd174BrIDnnDYA4tUW2wszTMdwwYDZujCQ8hvFrYOd0tehVAzLyTDZ8kD4X8B3BTporsQlboINDT_dTbBzbKc0GeaYeT6wC0zoFJLKp58hr2qMQjanz50z6_INRXlSZ2c6D8gCA4yi-unwUkiYiFfmKHnmu2RLNTyZI4xxkSubFdllyplSnOjM0IAGYRqBlvhNC0bvQl09A3oJV50S8ticGMeJRatznFErW5_eFcvAAQ6pYKuQfTEqghkAkLHPWciqKEFDL6z0IELfXT6H3FQsdvbnR9EoEV_Byb2CL1Mpj5KHsMHpPsiS088cDSXPZqzbnr8lICEPeQvNdAzk4_KrzdAJWO3ZgmTxne3EK12j3vNW0tq2SMc6kTnfMrOiv6xjcS3Dv0OzTR27ta11BA9oM3htKa-62gEe2z8fSyN7SDnAwbk8mMVbXE_fFJf4FNZL2NNTFGryiQSm472u6d1VLd_bKWYswHzWJLpeWRXgpdo2jWEzPzvICcgx55lOExuGZ0i0ed9gGo_fYxjDzfVo6GjSCQTy36XQ5rnlf_PXqVil931cwf8fTXrHC0Ya_KeXH-JBUYgDErR0NB9XvsjorubvXnz558cv_odRJZFxQYNjdSyPrvJ4I7L6HnD44qDIgCkkXKXlPlosnV0Ajmrc6YbJRuMKqbRWXGa63C4lSLXIlDFy3BHcDfzo53HXWQMoAmrz5cM9yMQKvL9drEC-aHsnaCsRtO57BD3etsjV7PRSrSJyVB3Kdd-onijw_1e7jjPFMz-K-YqPXQWStE-ELEiKpEnCTObRsSKyNv3GwCiO4bxJOl2slnTxvvM6VKwGtycwMLZu4FAaKCWH-Ac1kMT1VKunnMntF1QlXuadZzFJpOQzfgEP8KfM_Fl045eHwbgkuXSLh9HIU8TeMsqaSkpsQvj5TOnSNQl-T4m-zAAPopm7jtuzyneYQnMFT7OZEducAIjoYYez9VnxQHMFphUHohUoVQFIXaQolUhInJ1uFs1GRPyjrsrR1IfTSGDisuaZLOa_rvYQEu2DQQa_W16cLEgOg091ox1UZ6d-QoWpuRzjNQdMFeXuTFQel1aM56sweES9Sb64nUpdCfYy5oGhXybOS3PIuLO6E3dNJ2JqDySaPvinz5eyfsGAegdEMq7l75aLfGIbdxNfEosCE0VFkM-DNLoyEqBj8BRenbJxz-qB3AgB2lFpqa8lUkMsVHwj8SSYxiizZxDtXvk57pPtXaIThuNKcAInYTYQVogIowM3KFzZfXXhbuV8x_qEJwELwW5xL2Pi-nCNgswEVvXoolBCTjl_X3fsaXBrm9Cw5zFVL9nLp778K5c69MOpyNy9dwRSu9lEYxf5JCH1yY8F78BYtAsAQW3XHFgtK-_OMUiZZxaH4g-c2mTVh15j_bRzFSXiKEaXQ0Uy8RXe02WIEzmGPBC4e6sIlh-y_gT3Yjeo31yT8xtf7dWheSJqdIPxSucKUpIXziiDClDEaN1UIAnzEmmet_oZjou1HKAT40Z_fuKrfj3Beef6tb2Hjcr5pzr6btW5UFi8KPO45UzEW4ixHoc2cRo2XvckbDUg7CG2iVqgg8DNbtC5aVXC-3rrw0cNsggdxdVZgnIwZL1lvRG04ypE_CpnncgIQJF0wAOjW_EPZhU8-Z_G5qu9Cm07rgVMkT1pjSA6TzHxiTvmfXVU4Gr1y9pVqykwZ45TDJm1Yg-ONst1ne2hqWccP3lcJ_I-B_Mp3oWC-JkKdXaZjZZuL8je1nUUuUEHY2oiw_c13zVr-sGrYGA3Oh474HNK7pky05KVwqAm539_SlkNQltoxYYiM3Csg1eCao7y_Ul1lz-tpYMrgrsqUsRz1dGBNzKqHu9LKrGW8VO4F6AGRekEVq8FO1v2A7uH2x4MvnDO7o05WlHECR5zmp7PpewiXpvqJ9F33YI3xEsw0cATB529vAC0Hxx1nc4FVgeCkVhEyWhG6fTs5ftWc-xkRYpsYXKfjCnsw4jnHsGTZlDXfdGNfNJ8o-JgxlqpmsdW94wcQco1CHkynhIDfFxR-r09vsufFV1HkxSPfHUNFG2t_hrVfLPNVG2JAsUtpm-CoVbcvS2OjkvgqfMtZ5beHVbg1gH-P09ojd1exjE1wPP9dIUPKsgExEJd1ZLhnCkwFJkVji7mDct0GwrLdll6YvY01Yc95isKJ9iq1HGOo4pfvzZ4VBN6TrI857vgb-Li2NeclvS-tuM2em4Fh_uxWOlQY9rEKRjO4Uv2I1HNXJCpq4E3gj9g8P_FzjeepQ3OD7NK49W-ehrNS68YA_STBtbp-QHRBrSzDgCPW0CVDoa4jQiKtI5uWotoCNVa-Dt4oVBu7jIGElG3zGO-y2JncomnVBl9WI0_EgoWen5-mdwXEPl16sM66e7fd-5zZ3bqUL4WEeAiag6PqVdibS1ARDAPjUnDYjJxtjFAeggl8n2llHzQzXF1FrtuOdta_A_5NWe2_LYrdmue4lXzjZcQJD2oSIrEkw_mCgCU-gFsZ34Q-LFo676pBOsmnwGkfTnLAY0HSuroDXzEsCQQUFU5BLHlAjwA2neswJRKovOqTjPhp8RronmHJm0SdE_s6W_7vopmcfAydNty2jjrEOwjuVp4R5vFmPfKx-x20jaBrHQPK1g4NKTObrxOZtUJ97S-0lOWMbufesA7wQV1Ith1rR3p0-Ai2Gf9kurN7y_WF-AJz&cid=CAQSTABygQiDwqgkZKqPS9MlyXo-EtViaCgejvrLBEojvAkdFEWSw0St9AVFDWIp2wDIBWULypqBvkWEPg5jmOMvWlLoYr2w2hxe7AVDKVYYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=12399473523166904000&adk=2228999115&idt=332&cac=0&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 17:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 17:56:38 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame D6DC 30 KB
11 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 17:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 17:56:38 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D6DC 41 KB
13 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 544751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:52:35 GMT

GET
DATA 200
OK truncated
/ Frame D6DC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c87150708f3168ea8eb6b6a3c23b45ea92a459b6c1e9799ed8d370907a5dd29

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame E77E 37 KB
14 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2507 22 KB
8 KB 72ms
71ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 544445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:57:41 GMT
expires: Wed, 26 Jun 2024 13:57:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2507 37 KB
14 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 369D 0
10 B 69ms
69ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XoHppw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D6DC 0
0 286ms
122ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssM6uLzTUXRVSruhB7iSCtG5LKj6WMwGTJOAEajRoNZYWcXYIZHKG_sjcBqM_YlCSilORPg4oFFrg3o3C2WpQ5HQqbmVM-pDAIGMfqloeKKOp310rltil2i_W21mVMrR5W-2ByFnjgCq_4Q8CY4mYA37dkVSIpdQkUjV7ynh-TCDUpnoM_dth_aEIlkYRZ7jae20-yuW9Uyh-5NpkxCikSlMJjD8GRr7oCYiq1_EWKJMfvrXsd0duIfe-Mhgv3CJb_DqmTryG00DgVHY2kPtgoRGgdqeseoQJwo1pTYc1mO5v1zuCpsjjRCXkKYN13mvd8PdC2bboQ3ZyPuOwxWS_9GrXGjea7oV2Hklgv6ZfrznQfveHercmfzI7TivVFL4pZ3Cgyg1CtEiMTxp-UXnFF-Q8L_zfiCFuJAncW6Ou3aOaPn6qkv2B0Vz-9Z-AyVa62ZghHPi8yDAbQMt-rOPpxtqtOPBAb80nzVBp1mG5tR7cDbW-W_TqLs04oE7x_HphOktvPx8yufSBE3p18_1gi_G9Wa6ryad-8h4IOvFfpjFGjmnWv5SEZmkzhdHSRq7JtL3lj9pDWoJHMfaPzzQBaNLaT48c2zAwsRTjNiA40uHfkg40GrihtIQjhgA1QVW-Lj5WrkXEpEdBrs77PLhG7H3NX9oOB5VBI0YDebRbTth_e1uPrmKg_-_0IAI9ofXVRpF0wuwkO9HlGRJ9S8j3gKGP_6Rx9SREWW8-_vHc49_g2vD08WnRiwSUJFFhJgfRXk4pVGwOF7SVVfjM9qWP_cVz9PC79yFn7M3kAJMgiy5RvjYgerE3tek7eylKANbGmfcIOEcFZGFSiJBX3xMKyXRuZSAxY-Ig8amchJiMGOl18gdSKN_kNx9uxvuQWeK10uo0l_IYxc4E6dbELICSlxe1dORiGLcfh2QBXxxMFXnET9imaa3-DQZ-DYAx-aMUn5zPGR1DiXxluPZCILowL5mDuSDXolXUVCRR0L-U32U8NU3tMJlUEPITFzf_4L01K-oBwO_peGaALDItPGk8N3zR0qq9sLRO4DsEcRjPemhsBliBjjgfE9qBS-729dd-6ZFHDks4lIUH9husxS6p8m7i4k0OzoWJbLM-jYuUcHcGm1NK4QrQffCkcB8DURCdz58--LjUpT-HmVAGmRNfgBGtWmiHAilFYMsuRP9OUJDwtV0culw4tscOhEWLqhJxzvriEN6KjQOg476zve6INV3uyyTdOFag&sai=AMfl-YSSBta6jZE5XdfrKU1Qd4VO_eElQTJBkRA9stWFQyRctaR4ecWyoBuYBkQ2XX77VRcjE_1mhwv7GPVUN_NoW2StYVk1SEXRtE0Q4OUNxDrjCdZ-sPqNCiDoY76yHCzoYLN8KlRfJ_VgftimiSQ9pIhrNPgOcUs28k0Dt0MUWt2ZsLllHx0uVIU53XaaeHfdJHeGV_o7s3kdaBPgqFyXEjNOkQgPnyrZd2z057CdFuVMQvA9MUhvWx1Y-vkIUqfNENBKmMgA7WlucebnHoq0MuuDCJLsZnE01rkN&sig=Cg0ArKJSzAZIGEoKUQO6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=354&cbvp=1&cisv=r20230627.26941&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 21:11:47 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 03 Jul 2023 21:11:47 GMT

GET
H3 200 9977316380758212286
s0.2mdn.net/simgad/ Frame D6DC 40 KB
40 KB 219ms
73ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9977316380758212286

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55e6df2aa5b8a497da4a9d53b78a5582acff7ca68ac9b07da6f8d9c7ba67d8f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 20:03:21 GMT
x-content-type-options: nosniff
age: 436106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41081
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 10:04:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jun 2024 20:03:21 GMT

OPTIONS
H3 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 1275ms
1274ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:48 GMT
server: Google Frontend
x-cloud-trace-context: 245184df07855c61286bdab05348fba5

POST
H3 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
13 B 337ms
337ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:48 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 772eaaa0ba8088ed85d218bb12a5d21b
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 1275ms
1275ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:48 GMT
server: Google Frontend
x-cloud-trace-context: af37247e4016f21aca075451521538cd

POST
H3 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
13 B 344ms
344ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:48 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: c48d9ba9491a1a9f141e107daefe5583
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2507 0
20 B 112ms
112ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiLaRkjmjZPfmIaCs9u8Pm8ypoAQAAAAAOAHgBAI&bg=!S0ilSBzNAAb90kgr3dI7ADkAdvg8WnlM4MZY7wN-YmbMh5_cwKO7FCZE9xFXCRkPYgfLa5FECECRjcFIIbRlXdiIf0cromYQ_SECAAAAbFIAAAAEaAEHmQLgfLTJtb1HvJIakAostQ69kIm1ivacI_TNnVx1XaG3IZvyJPt47eaxDTicn-Zx5YVyyk0ahdeS5DD99oHIGaAdptHTGOyKSp2My9rKpJwFdcRBvWePXaHWtiNc0cT9o9rDqwzrLMOoSmRLINUe_c4T-Do_k01o_4-aa3kzDFqQzBdEQrnAcqianu1y_vm1zefBohfmzN7gpb-9oZgIqr0rDBLnjxaJt8S3sgtTjaPNaWcCRKY772ztO6U8Hwayx-MEh81ccPnKHXKyyRvCoaYIFEEdZ6NPmxYnJsGv-HOBy2W9_ngy-Ae7JA6aOUyikoZ0JOqStnCZsBWTZ7AtxK3Kmr0MrRbKCli1UIep-uvRta7Xy9vURmgCLv8wezuK0otY5eSjtRX0PmILEWHv3_TTbDD8cpLbfuRSVLBk7b2fQyf1pKGjh8gtviWxdf5rnfZ1xWgaHlx2XAMyWpo935YWXIg0qfTbVjAngk2oX_uQeH7VY0qOIHSgTooq1eQlL-ZWyNGnVnddd7WLPMm_vKi81g8UsxMbLzOM9J2RlZ6TqKS472D9TyxtS2XYgPNjpvdqzfcDUTgvgHjfgcepMDvW49bGlT72e0gOi1FWVsf6F4X8Msbl0jiEJbL1b6W0J__z2GrnV4G5A32CwxRaHbNihp14wXVMkuwQIOVqbXsr_Sc5SjURBFEWnbhJPue1iY5SthLDCYXgyU4CjZ-qHWnOniMlT6O9dv5HGRFYkjHP5h26Kc_-L-xKiff4ELYfIYCvWMw7qWjjgiSslm_A3auwhDbNWqw_3bAruXDJbFpo83o06pjMLyrS9lGwehpD9Vb3HrAGVSB8TQNG89WJJLVdD0Oe0cdKB7M4ztScvJx1CpXfAWkW1jIxiGrgHyYCflItMa9Nf-UlBdag4xb2EycWNWQwFVYeo-i0v-_5BW2XXNnGOImmK_6cngPLMpkuVKck46ixaxo6zLb1DnJRl7J9JA

Requested by

Host: daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
URL: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D6DC 0
0 115ms
114ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssM6uLzTUXRVSruhB7iSCtG5LKj6WMwGTJOAEajRoNZYWcXYIZHKG_sjcBqM_YlCSilORPg4oFFrg3o3C2WpQ5HQqbmVM-pDAIGMfqloeKKOp310rltil2i_W21mVMrR5W-2ByFnjgCq_4Q8CY4mYA37dkVSIpdQkUjV7ynh-TCDUpnoM_dth_aEIlkYRZ7jae20-yuW9Uyh-5NpkxCikSlMJjD8GRr7oCYiq1_EWKJMfvrXsd0duIfe-Mhgv3CJb_DqmTryG00DgVHY2kPtgoRGgdqeseoQJwo1pTYc1mO5v1zuCpsjjRCXkKYN13mvd8PdC2bboQ3ZyPuOwxWS_9GrXGjea7oV2Hklgv6ZfrznQfveHercmfzI7TivVFL4pZ3Cgyg1CtEiMTxp-UXnFF-Q8L_zfiCFuJAncW6Ou3aOaPn6qkv2B0Vz-9Z-AyVa62ZghHPi8yDAbQMt-rOPpxtqtOPBAb80nzVBp1mG5tR7cDbW-W_TqLs04oE7x_HphOktvPx8yufSBE3p18_1gi_G9Wa6ryad-8h4IOvFfpjFGjmnWv5SEZmkzhdHSRq7JtL3lj9pDWoJHMfaPzzQBaNLaT48c2zAwsRTjNiA40uHfkg40GrihtIQjhgA1QVW-Lj5WrkXEpEdBrs77PLhG7H3NX9oOB5VBI0YDebRbTth_e1uPrmKg_-_0IAI9ofXVRpF0wuwkO9HlGRJ9S8j3gKGP_6Rx9SREWW8-_vHc49_g2vD08WnRiwSUJFFhJgfRXk4pVGwOF7SVVfjM9qWP_cVz9PC79yFn7M3kAJMgiy5RvjYgerE3tek7eylKANbGmfcIOEcFZGFSiJBX3xMKyXRuZSAxY-Ig8amchJiMGOl18gdSKN_kNx9uxvuQWeK10uo0l_IYxc4E6dbELICSlxe1dORiGLcfh2QBXxxMFXnET9imaa3-DQZ-DYAx-aMUn5zPGR1DiXxluPZCILowL5mDuSDXolXUVCRR0L-U32U8NU3tMJlUEPITFzf_4L01K-oBwO_peGaALDItPGk8N3zR0qq9sLRO4DsEcRjPemhsBliBjjgfE9qBS-729dd-6ZFHDks4lIUH9husxS6p8m7i4k0OzoWJbLM-jYuUcHcGm1NK4QrQffCkcB8DURCdz58--LjUpT-HmVAGmRNfgBGtWmiHAilFYMsuRP9OUJDwtV0culw4tscOhEWLqhJxzvriEN6KjQOg476zve6INV3uyyTdOFag&sai=AMfl-YSSBta6jZE5XdfrKU1Qd4VO_eElQTJBkRA9stWFQyRctaR4ecWyoBuYBkQ2XX77VRcjE_1mhwv7GPVUN_NoW2StYVk1SEXRtE0Q4OUNxDrjCdZ-sPqNCiDoY76yHCzoYLN8KlRfJ_VgftimiSQ9pIhrNPgOcUs28k0Dt0MUWt2ZsLllHx0uVIU53XaaeHfdJHeGV_o7s3kdaBPgqFyXEjNOkQgPnyrZd2z057CdFuVMQvA9MUhvWx1Y-vkIUqfNENBKmMgA7WlucebnHoq0MuuDCJLsZnE01rkN&sig=Cg0ArKJSzAZIGEoKUQO6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=679&vt=11&dtpt=325&dett=3&cstd=655&cisv=r20230627.26941&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Jul 2023 21:11:47 GMT

GET
H3 200 PVFR_AON_SUMMERR23_PROSPECTION_DCO_SUMMER23_v2-French-300x600-638128298762814517-a8dd878d-970d-461b-ac8a-276c33dade6b.html Show response
s0.2mdn.net/sadbundle/14167577535780487168/ Frame 92B3 4 KB
1 KB 74ms
73ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14167577535780487168/PVFR_AON_SUMMERR23_PROSPECTION_DCO_SUMMER23_v2-French-300x600-638128298762814517-a8dd878d-970d-461b-ac8a-276c33dade6b.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eecba504edc3120b7053c0959d2c333631d2650d764d4f1d08c862cbafdb707e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 519482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1419
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 20:53:45 GMT
expires: Wed, 26 Jun 2024 20:53:45 GMT
last-modified: Fri, 24 Feb 2023 10:04:54 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 109ms
109ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306270101&jk=3882624277951083&bg=!aGulaz_NAAb90kgr3dI7ADkAdvg8WmhV3rMBYrS6zKYv7Py7VkJtGO15ZlVYaMiljtYmZ4AOwelkv26iHKEC_E2GwdORY86iyScCAAAAu1IAAAAFaAEHmQKZUndPvXJLxJ2rNv-sZSGylOSN7Cvcruqi6WmuZonPRZGikSJ55UkEPYYw-FWiIHR9jonRdBwETCGRLNtq6VXDkvKca7lwOzc51pENAbnxQzYpyMPPaZzmTZ_yaYiEYYUHAh__pmy8OEVrPDLHi-hOkDe5KDRsjc7kip4TSUxB_4YZyk3iyUXY01E9ljJKEj5qftjYILRfbtna8BxWVdOmOsixf2mUPJhFMTec8lnXKaTbahTxKMyjJiK5R0dlOjMohcketexkYt2PMSx7p8HR-2RaY1ut2GyU0Nt0aLeSItUb8DhuKl3ZTtKCXWkIbdRRCYlFdVGqKSxUKhMDjSfDD9K7G6rjGnguKZmn4JBuqDRxbnpgg4qQoFnVCrmTyrNuKPegd5dtgRsCgqXZRkol0IOx79Tjf-0bcq9B72vSGRmpKxfhnR3dIqYf2vRnf1pHAu4GmoyzPpvlaLXUj3vNmMiFbU0_WtticvcH_JVGTIghyTCqTQDTEebVDgm47EFqjvC9yXi2w8lm34iLNMAp1xb8xwqRszgS_6DhOq2t1xdkBh6GoppRa2NdMhlH_OrOGjKhDF0SAwcpTCX2Iu7Q_CKeaTfw4NoxG-6RgjV8iJc_k34UyaKdC7HgNaaT_WPjo0A9q3SHD9CPzoEC27mxKJNyZr9SAAc41MzeCjwV2xix_f2yMgo0vB8IxTthxYRfekAaq7XVCGK3qz_qtMUdU05ykXa_v5M2xW8sn00vzDrpLgNYZjT7q9XsIcFOU4TVmBt_CfsGxTgKql2elfH7s3fggtZWGh3z5EpO3RWZnPIRMrbClD_WwY9HbHjAVQ8irGTfD_1hxOA0YzlSYlIE0qiVhSIKcWPrVYSSJq0aC75CbeWAtKkK9P4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 63f88b41402b72ea53506152 Show response
c.bannerflow.net/a/ Frame 92B3 70 KB
24 KB 195ms
91ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/63f88b41402b72ea53506152?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss6lWIQrw4Jgj09N2gTR3IPolJOzUh2fgw71IGc5tcmkg8Uve5xR9Pg2WZZPqTAqjzZEg71wwyjqYhqIntzXrb6cftQiKdbrges_c0LeQU0KVeL01gDOInkTA6MULZ775uZa0nY7I7cRrZ4QvwWiglqGOk6GMwjamz1zor2LkQ0C11titWgBH6ud1-kkHXVzKd7aapQlzvz9XZGbQ-lSofTnMew6Ozh_MeSBKEI4mZr1IuqLIh6sv8J5y6_dffg2ZH-x9IuILG4Rvu1kBAcRcbDNnlg4w77g0YDJqWehASdusL0D782O7IdGLsGNRl18KPb95zmCI8S9DfznLtpenhiJ72OJ1lgM3pRUEDDzCASvbgV_WlTdIrpq5ARO_nE7JckaZRFmu_n-WryvBIcwl3wg4HrlsjK7bjw8IXT1c4Np_MmlufJhrwG081zmEKKt2olsO5uC5s7HOtQRfJcgDrQwnef1UV3_2D36Ia8FvTt_bKGt41GQqgnzHmjhADNbqbOwn43Xe4QYwUEE4wEZ-uFF9HY4MeumtJiePyKRIVbg4xn4idUlHSsfMDRcYJG2fJPEYrP8MG3aIag4dVSWyxezEOFzUVoEKftiehMOM2a7TXp_dRLLUgladSp4jOx7TR0CiugiJ_vGpNZy3gDzUEvK97QnfK3BQdqT4yCYN1CQMbmcSVAczRIvrVsrsdZr5MbXFbLY3xu581gUJtui5XQX3ODmN9l-PBNFI8-izgrXoDbdga17wKAcl4q2x7osDC_ofeEzrHn5jhrq4EZs_6KNASjWugM2AHXCr2Go7GWQwAIPTvlMdrSJhvAXljnZGBROdUBlJNDIuqcCl0fQPX_kMzp1RTDqm-iCaoHU2Bqutz6FoTbfY954SYHKgZzdq05z5L4zQwNglxPJ7ysNhSyYcGbIxhdJuZDEzIs274frAi8HqXpA9SgVuxIjE_niP_lfV_ADDAxIU2sAXnvYsiw5Dl2kV2dr9O_22uBnLsdn5q6O3iIVblX6KV9SBUJI_dnBzF6DBfHFc_kgxe4idzQcISA3ohZ-HtKZbo8EP8gBaacJsq6bX5tSV2lK02Iu0Ifk0gyyr5jqfCqu1azBJ8qw4kz6A7ZZGN-Wxyg5yB8072dT18ltwV79khjOpGBj9gJvTZooz-Z_rxl04iZuN50bQWkD2ewmaDZzQJpaZSneJ-uRY6aJ60tExalZM15eddXk2-nQxfO8Gh9KpdAwgzoWMg5LtgpQ1M%26sai%3DAMfl-YSKbWGMEt4-1zvbtej27Zcdb_31pdJ_PK59s7GAT4GXx7r6s1kn4m0TOdOGnWF7qfbDv0RqgbrkzLR5q9NePZJPBvYFO5QitHCFTk_8Dk9SQkOref4KD8m7akf-MnRFCYsaW9LaVUPkGBlbbv_9jgAgvfzpbYiVs1SKB2xz_YOyfn0VcZ6ZZFBxVISlYuBONX9EBfBmtuXtWc-mwrq4oXS6LQzygf1W1x73XwR_uX2lg20BW_yFlHTL6RPRJApk7iyc29avwspSRyBJVVRRXxDOq1DVJbj4ZeDMOe_98cTb0CKb%26sig%3DCg0ArKJSzKBYY2NJ6MxFEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7088149%26adurl%3Dhttps%253A%252F%252Fwww.pierreetvacances.com%252Ffr-fr%252Fnous-connaitre_ms%253Futm_source%253Ddfa%2526utm_medium%253Dcpm%2526utm_campaign%253DPVFR_AON_PROSPECTION_TGT_3P-InMarket_Summer23-Phase4_Display_DV360_300x600%2526utm_term%253DOM%2526dclid%253D%2525edclid!
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14167577535780487168/PVFR_AON_SUMMERR23_PROSPECTION_DCO_SUMMER23_v2-French-300x600-638128298762814517-a8dd878d-970d-461b-ac8a-276c33dade6b.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2bdba664c87e553e3a25d56fef1fc8f98b9552bbf785e81c7b13e089b0875bd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 03 Jul 2023 21:11:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7e121f7adec14c86-HEL
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8155 42 B
64 B 112ms
111ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuolNbigDGfBvx8qLvlrCE1v11jDcD0rdnOjV3zgjVAa4HHLmnR08g5JClKJd0p5y4_ac5muyEmYpv-JfUwF5jVI8vsXPAZxgGIUQ95WBffjNfEoosBYVrDaLWJQrD4EW6Xk3yTmhuNAwsM&sai=AMfl-YRm5ji4y0K6xPN44uHCOYrauj5IkK-IXcNe7Yu7rxHb4gtUm3AM27WE7tS0hQz1B3IeybzQxM1WrBXS0iKfhgeyimiv9OskvMhRo3jQWR0D8IeWqE35Xgku9LQI9quGKzu0dWkmnC7JR5Z4mA&sig=Cg0ArKJSzGqLOl1jzOrTEAE&cid=CAQSTABygQiDwqgkZKqPS9MlyXo-EtViaCgejvrLBEojvAkdFEWSw0St9AVFDWIp2wDIBWULypqBvkWEPg5jmOMvWlLoYr2w2hxe7AVDKVYYAQ&id=ampim&o=310,122&d=980,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=682&tls=1682&g=100&h=100&tt=1682&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D90B 42 B
64 B 114ms
113ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvczHYnX70sbhR8BF9SfifTdwN8bldpzIh6fU6EKlWPSPd1JP_VvXLiHFfHMSzbpEnTTXL2i6gGosyGank5Q-vJwCe8GwKb2N6FpWALTPlf3kuG4MZuOLm0OHIxp1f53Khy_ct0lP7PiOba&sai=AMfl-YSLfUZRJ8mMW2CnEa2Pl1RMPNr1zwhhWQ1MQkkbCo_RFM8Bvdv_QRSZ3z_Ps2yi5xIoelP-_27WD0yI5BSNpMFqnUTSc2dHpasVMEm30y48rbu926UwGsEqRsvY8_p7CDR-_pwgsV-2i9gLrA&sig=Cg0ArKJSzE0JbTGybRSnEAE&cid=CAQSTABygQiDwqgkZKqPS9MlyXo-EtViaCgejvrLBEojvAkdFEWSw0St9AVFDWIp2wDIBWULypqBvkWEPg5jmOMvWlLoYr2w2hxe7AVDKVYYAQ&id=ampim&o=464,1044&d=672,280&ss=1600,1200&bs=1600,1200&mcvt=1014&mtos=0,0,1014,1014,1014&tos=0,0,1014,0,0&tfs=677&tls=1691&g=55.714285373687744&h=55.714285373687744&tt=1691&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 feed.a6f81203b00688ce342c.js Show response
c.bannerflow.net/scripts/ Frame 92B3 5 KB
2 KB 81ms
80ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/feed.a6f81203b00688ce342c.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/63f88b41402b72ea53506152?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss6lWIQrw4Jgj09N2gTR3IPolJOzUh2fgw71IGc5tcmkg8Uve5xR9Pg2WZZPqTAqjzZEg71wwyjqYhqIntzXrb6cftQiKdbrges_c0LeQU0KVeL01gDOInkTA6MULZ775uZa0nY7I7cRrZ4QvwWiglqGOk6GMwjamz1zor2LkQ0C11titWgBH6ud1-kkHXVzKd7aapQlzvz9XZGbQ-lSofTnMew6Ozh_MeSBKEI4mZr1IuqLIh6sv8J5y6_dffg2ZH-x9IuILG4Rvu1kBAcRcbDNnlg4w77g0YDJqWehASdusL0D782O7IdGLsGNRl18KPb95zmCI8S9DfznLtpenhiJ72OJ1lgM3pRUEDDzCASvbgV_WlTdIrpq5ARO_nE7JckaZRFmu_n-WryvBIcwl3wg4HrlsjK7bjw8IXT1c4Np_MmlufJhrwG081zmEKKt2olsO5uC5s7HOtQRfJcgDrQwnef1UV3_2D36Ia8FvTt_bKGt41GQqgnzHmjhADNbqbOwn43Xe4QYwUEE4wEZ-uFF9HY4MeumtJiePyKRIVbg4xn4idUlHSsfMDRcYJG2fJPEYrP8MG3aIag4dVSWyxezEOFzUVoEKftiehMOM2a7TXp_dRLLUgladSp4jOx7TR0CiugiJ_vGpNZy3gDzUEvK97QnfK3BQdqT4yCYN1CQMbmcSVAczRIvrVsrsdZr5MbXFbLY3xu581gUJtui5XQX3ODmN9l-PBNFI8-izgrXoDbdga17wKAcl4q2x7osDC_ofeEzrHn5jhrq4EZs_6KNASjWugM2AHXCr2Go7GWQwAIPTvlMdrSJhvAXljnZGBROdUBlJNDIuqcCl0fQPX_kMzp1RTDqm-iCaoHU2Bqutz6FoTbfY954SYHKgZzdq05z5L4zQwNglxPJ7ysNhSyYcGbIxhdJuZDEzIs274frAi8HqXpA9SgVuxIjE_niP_lfV_ADDAxIU2sAXnvYsiw5Dl2kV2dr9O_22uBnLsdn5q6O3iIVblX6KV9SBUJI_dnBzF6DBfHFc_kgxe4idzQcISA3ohZ-HtKZbo8EP8gBaacJsq6bX5tSV2lK02Iu0Ifk0gyyr5jqfCqu1azBJ8qw4kz6A7ZZGN-Wxyg5yB8072dT18ltwV79khjOpGBj9gJvTZooz-Z_rxl04iZuN50bQWkD2ewmaDZzQJpaZSneJ-uRY6aJ60tExalZM15eddXk2-nQxfO8Gh9KpdAwgzoWMg5LtgpQ1M%26sai%3DAMfl-YSKbWGMEt4-1zvbtej27Zcdb_31pdJ_PK59s7GAT4GXx7r6s1kn4m0TOdOGnWF7qfbDv0RqgbrkzLR5q9NePZJPBvYFO5QitHCFTk_8Dk9SQkOref4KD8m7akf-MnRFCYsaW9LaVUPkGBlbbv_9jgAgvfzpbYiVs1SKB2xz_YOyfn0VcZ6ZZFBxVISlYuBONX9EBfBmtuXtWc-mwrq4oXS6LQzygf1W1x73XwR_uX2lg20BW_yFlHTL6RPRJApk7iyc29avwspSRyBJVVRRXxDOq1DVJbj4ZeDMOe_98cTb0CKb%26sig%3DCg0ArKJSzKBYY2NJ6MxFEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7088149%26adurl%3Dhttps%253A%252F%252Fwww.pierreetvacances.com%252Ffr-fr%252Fnous-connaitre_ms%253Futm_source%253Ddfa%2526utm_medium%253Dcpm%2526utm_campaign%253DPVFR_AON_PROSPECTION_TGT_3P-InMarket_Summer23-Phase4_Display_DV360_300x600%2526utm_term%253DOM%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f466606324c817d535870492cb047e3a633550971a849918a9648f506cbe881

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Jul 2023 21:11:47 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: UragyqAPEOrq1WBxti4Giw==
age: 2945727
cf-polished: origSize=5175
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 09 May 2023 13:06:14 GMT
server: cloudflare
etag: W/"0x8DB508E2B40BE1F"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0dd6b414-a01e-008f-567d-82644c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7e121f7ba8ad4c86-HEL

GET
H2 200 document.0000004F3C0ECA.js Show response
c.bannerflow.net/accounts/center-parks/5c120d1ef4ea2719643abe4f/published/2891439/6104529/ Frame 92B3 30 KB
6 KB 53ms
53ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/center-parks/5c120d1ef4ea2719643abe4f/published/2891439/6104529/document.0000004F3C0ECA.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/63f88b41402b72ea53506152?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss6lWIQrw4Jgj09N2gTR3IPolJOzUh2fgw71IGc5tcmkg8Uve5xR9Pg2WZZPqTAqjzZEg71wwyjqYhqIntzXrb6cftQiKdbrges_c0LeQU0KVeL01gDOInkTA6MULZ775uZa0nY7I7cRrZ4QvwWiglqGOk6GMwjamz1zor2LkQ0C11titWgBH6ud1-kkHXVzKd7aapQlzvz9XZGbQ-lSofTnMew6Ozh_MeSBKEI4mZr1IuqLIh6sv8J5y6_dffg2ZH-x9IuILG4Rvu1kBAcRcbDNnlg4w77g0YDJqWehASdusL0D782O7IdGLsGNRl18KPb95zmCI8S9DfznLtpenhiJ72OJ1lgM3pRUEDDzCASvbgV_WlTdIrpq5ARO_nE7JckaZRFmu_n-WryvBIcwl3wg4HrlsjK7bjw8IXT1c4Np_MmlufJhrwG081zmEKKt2olsO5uC5s7HOtQRfJcgDrQwnef1UV3_2D36Ia8FvTt_bKGt41GQqgnzHmjhADNbqbOwn43Xe4QYwUEE4wEZ-uFF9HY4MeumtJiePyKRIVbg4xn4idUlHSsfMDRcYJG2fJPEYrP8MG3aIag4dVSWyxezEOFzUVoEKftiehMOM2a7TXp_dRLLUgladSp4jOx7TR0CiugiJ_vGpNZy3gDzUEvK97QnfK3BQdqT4yCYN1CQMbmcSVAczRIvrVsrsdZr5MbXFbLY3xu581gUJtui5XQX3ODmN9l-PBNFI8-izgrXoDbdga17wKAcl4q2x7osDC_ofeEzrHn5jhrq4EZs_6KNASjWugM2AHXCr2Go7GWQwAIPTvlMdrSJhvAXljnZGBROdUBlJNDIuqcCl0fQPX_kMzp1RTDqm-iCaoHU2Bqutz6FoTbfY954SYHKgZzdq05z5L4zQwNglxPJ7ysNhSyYcGbIxhdJuZDEzIs274frAi8HqXpA9SgVuxIjE_niP_lfV_ADDAxIU2sAXnvYsiw5Dl2kV2dr9O_22uBnLsdn5q6O3iIVblX6KV9SBUJI_dnBzF6DBfHFc_kgxe4idzQcISA3ohZ-HtKZbo8EP8gBaacJsq6bX5tSV2lK02Iu0Ifk0gyyr5jqfCqu1azBJ8qw4kz6A7ZZGN-Wxyg5yB8072dT18ltwV79khjOpGBj9gJvTZooz-Z_rxl04iZuN50bQWkD2ewmaDZzQJpaZSneJ-uRY6aJ60tExalZM15eddXk2-nQxfO8Gh9KpdAwgzoWMg5LtgpQ1M%26sai%3DAMfl-YSKbWGMEt4-1zvbtej27Zcdb_31pdJ_PK59s7GAT4GXx7r6s1kn4m0TOdOGnWF7qfbDv0RqgbrkzLR5q9NePZJPBvYFO5QitHCFTk_8Dk9SQkOref4KD8m7akf-MnRFCYsaW9LaVUPkGBlbbv_9jgAgvfzpbYiVs1SKB2xz_YOyfn0VcZ6ZZFBxVISlYuBONX9EBfBmtuXtWc-mwrq4oXS6LQzygf1W1x73XwR_uX2lg20BW_yFlHTL6RPRJApk7iyc29avwspSRyBJVVRRXxDOq1DVJbj4ZeDMOe_98cTb0CKb%26sig%3DCg0ArKJSzKBYY2NJ6MxFEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7088149%26adurl%3Dhttps%253A%252F%252Fwww.pierreetvacances.com%252Ffr-fr%252Fnous-connaitre_ms%253Futm_source%253Ddfa%2526utm_medium%253Dcpm%2526utm_campaign%253DPVFR_AON_PROSPECTION_TGT_3P-InMarket_Summer23-Phase4_Display_DV360_300x600%2526utm_term%253DOM%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 050579c5e99b80ee04dd56f281b33ec9e97cf702b3afb43decffd1374f0b8ce2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Jul 2023 21:11:47 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: WmgXPGqCDp6+M7dILtEpLg==
age: 275900
cf-polished: origSize=34601
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Fri, 12 May 2023 15:21:49 GMT
server: cloudflare
etag: W/"0x8DB52FC9B5C7209"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0939d07b-501e-007f-7116-ab22bd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7e121f7ba8b44c86-HEL

GET
H2 200 animated-creative.322e55c9365620f3a62c.js Show response
c.bannerflow.net/scripts/ Frame 92B3 156 KB
53 KB 62ms
62ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.322e55c9365620f3a62c.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/63f88b41402b72ea53506152?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss6lWIQrw4Jgj09N2gTR3IPolJOzUh2fgw71IGc5tcmkg8Uve5xR9Pg2WZZPqTAqjzZEg71wwyjqYhqIntzXrb6cftQiKdbrges_c0LeQU0KVeL01gDOInkTA6MULZ775uZa0nY7I7cRrZ4QvwWiglqGOk6GMwjamz1zor2LkQ0C11titWgBH6ud1-kkHXVzKd7aapQlzvz9XZGbQ-lSofTnMew6Ozh_MeSBKEI4mZr1IuqLIh6sv8J5y6_dffg2ZH-x9IuILG4Rvu1kBAcRcbDNnlg4w77g0YDJqWehASdusL0D782O7IdGLsGNRl18KPb95zmCI8S9DfznLtpenhiJ72OJ1lgM3pRUEDDzCASvbgV_WlTdIrpq5ARO_nE7JckaZRFmu_n-WryvBIcwl3wg4HrlsjK7bjw8IXT1c4Np_MmlufJhrwG081zmEKKt2olsO5uC5s7HOtQRfJcgDrQwnef1UV3_2D36Ia8FvTt_bKGt41GQqgnzHmjhADNbqbOwn43Xe4QYwUEE4wEZ-uFF9HY4MeumtJiePyKRIVbg4xn4idUlHSsfMDRcYJG2fJPEYrP8MG3aIag4dVSWyxezEOFzUVoEKftiehMOM2a7TXp_dRLLUgladSp4jOx7TR0CiugiJ_vGpNZy3gDzUEvK97QnfK3BQdqT4yCYN1CQMbmcSVAczRIvrVsrsdZr5MbXFbLY3xu581gUJtui5XQX3ODmN9l-PBNFI8-izgrXoDbdga17wKAcl4q2x7osDC_ofeEzrHn5jhrq4EZs_6KNASjWugM2AHXCr2Go7GWQwAIPTvlMdrSJhvAXljnZGBROdUBlJNDIuqcCl0fQPX_kMzp1RTDqm-iCaoHU2Bqutz6FoTbfY954SYHKgZzdq05z5L4zQwNglxPJ7ysNhSyYcGbIxhdJuZDEzIs274frAi8HqXpA9SgVuxIjE_niP_lfV_ADDAxIU2sAXnvYsiw5Dl2kV2dr9O_22uBnLsdn5q6O3iIVblX6KV9SBUJI_dnBzF6DBfHFc_kgxe4idzQcISA3ohZ-HtKZbo8EP8gBaacJsq6bX5tSV2lK02Iu0Ifk0gyyr5jqfCqu1azBJ8qw4kz6A7ZZGN-Wxyg5yB8072dT18ltwV79khjOpGBj9gJvTZooz-Z_rxl04iZuN50bQWkD2ewmaDZzQJpaZSneJ-uRY6aJ60tExalZM15eddXk2-nQxfO8Gh9KpdAwgzoWMg5LtgpQ1M%26sai%3DAMfl-YSKbWGMEt4-1zvbtej27Zcdb_31pdJ_PK59s7GAT4GXx7r6s1kn4m0TOdOGnWF7qfbDv0RqgbrkzLR5q9NePZJPBvYFO5QitHCFTk_8Dk9SQkOref4KD8m7akf-MnRFCYsaW9LaVUPkGBlbbv_9jgAgvfzpbYiVs1SKB2xz_YOyfn0VcZ6ZZFBxVISlYuBONX9EBfBmtuXtWc-mwrq4oXS6LQzygf1W1x73XwR_uX2lg20BW_yFlHTL6RPRJApk7iyc29avwspSRyBJVVRRXxDOq1DVJbj4ZeDMOe_98cTb0CKb%26sig%3DCg0ArKJSzKBYY2NJ6MxFEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7088149%26adurl%3Dhttps%253A%252F%252Fwww.pierreetvacances.com%252Ffr-fr%252Fnous-connaitre_ms%253Futm_source%253Ddfa%2526utm_medium%253Dcpm%2526utm_campaign%253DPVFR_AON_PROSPECTION_TGT_3P-InMarket_Summer23-Phase4_Display_DV360_300x600%2526utm_term%253DOM%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56ce92887c108586bf63058a06f051e957f58936396e829d5fddeb59dbab0e59

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Jul 2023 21:11:47 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: juPt1GbRx23XCKIRo1MiKA==
age: 69454
cf-polished: origSize=159689
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Thu, 11 May 2023 08:35:06 GMT
server: cloudflare
etag: W/"0x8DB51FA9F714A4E"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8cc2245a-301e-0024-62f5-8c1b86000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7e121f7ba8b74c86-HEL

GET
DATA 200
OK truncated
/ Frame 92B3 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 819ff6a1-36a3-4941-b98e-4791f550a1b4 Show response
https://s0.2mdn.net/ Frame 716F 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s0.2mdn.net/819ff6a1-36a3-4941-b98e-4791f550a1b4
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.322e55c9365620f3a62c.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 6220f3f2145ee177b07cec6e.json Show response
c.bannerflow.net/sfeeds/5c120d1ef4ea2719643abe4f/ Frame 92B3 85 KB
8 KB 485ms
397ms Fetch
application/json 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/sfeeds/5c120d1ef4ea2719643abe4f/6220f3f2145ee177b07cec6e.json
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/feed.a6f81203b00688ce342c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbcadc7fa36cab741085943d823f2337168e3741107a62c87391c72a8f36d88

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:48 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 03 Jul 2023 20:52:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-if-error=28800, stale-while-revalidate=28800
cf-ray: 7e121f7dcb2ed963-HEL
request-context: appId=cid-v1:ab2f42fc-6a35-4ceb-b810-86e88366fb0b

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D6DC 42 B
174 B 114ms
113ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujeBc_g2IwLSnikvnsk1QsziSIC6b8TU_ViYRJH3YA6fSO1sVrVhOfi9gsgI2ek1IVQqllQjbrZeqWSD8w3dfcP8nqbngnn00k7ZtsCCgIvv6C6aqVHrBtxJ5SN2PKlN_EaRFkDkaKRnNK&sai=AMfl-YRVS0EbxOpG0itA-4XxQP4T5caYvSCoqfIBAdazjljA-LP4ARoTpGqmANgHd_Fw83_RinHJzLbhUdJ5EfXfbECbQiINaoPmVTmOP4Izuq2aMglQOj_M3KmgvgGHmtowlvM5F93yY0p_40g7YA&sig=Cg0ArKJSzLiRy_4j19W6EAE&cid=CAQSTABygQiDwqgkZKqPS9MlyXo-EtViaCgejvrLBEojvAkdFEWSw0St9AVFDWIp2wDIBWULypqBvkWEPg5jmOMvWlLoYr2w2hxe7AVDKVYYAQ&id=lidar2&mcvt=1000&p=420,1547,460,1588&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=695725469&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688418706037&rpt=706&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D6DC 0
20 B 109ms
109ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=879211368663&version=m202301230201&ct=76&x=1&cor=12399473523166904000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 21:11:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 262ms
262ms Preflight
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 21:11:48 GMT
server: Google Frontend
x-cloud-trace-context: 0c8694a4e0b1b76f64a0ff8564b733f0

POST
H3 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
13 B 341ms
339ms XHR
text/html 2001:4860:4802:36::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:48 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 02c6e18d1d718d0cd1588b58ec93c81f
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 92B3 10 KB
10 KB 49ms
49ms Font
font/woff 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F550abe329445702310657a53%2F5c120d1ef4ea2719643abe4f%2F6144d963-3564-4056-b7d4-3119d3385f9a.woff&t=%20%27%2a-0156%3EABCDEFGHIJKLMNOPRSTVabcdefghiklmnoprstuvxyz%C3%8E%C3%A8%C3%B3%E2%80%99
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14167577535780487168/PVFR_AON_SUMMERR23_PROSPECTION_DCO_SUMMER23_v2-French-300x600-638128298762814517-a8dd878d-970d-461b-ac8a-276c33dade6b.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 627388009157104c7d18671679f441bb5cb088f7b5ab5896d08c2b6e5b37ee45

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:48 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 09:12:12 GMT
server: cloudflare
age: 57816
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=6144d963-3564-4056-b7d4-3119d3385f9a-subset.woff
cf-ray: 7e121f805963d963-HEL
expires: Sat, 15 Jun 2024 09:12:12 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 92B3 10 KB
10 KB 53ms
53ms Font
font/woff 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F550abe329445702310657a53%2F5c120d1ef4ea2719643abe4f%2Fa492f849-d4f1-46d0-8942-b54fe5e9565f.woff&t=%20%2a%2F0123456789CDRVabcdeilmnpqrstuv%C3%A8%C3%A9%E2%82%AC
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14167577535780487168/PVFR_AON_SUMMERR23_PROSPECTION_DCO_SUMMER23_v2-French-300x600-638128298762814517-a8dd878d-970d-461b-ac8a-276c33dade6b.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77cf7cb4056cffe52a3240f74fde75b36d63daa53fe58e75aad651492c64e07d

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:48 GMT
cf-cache-status: HIT
last-modified: Sun, 02 Jul 2023 06:11:53 GMT
server: cloudflare
age: 57816
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=a492f849-d4f1-46d0-8942-b54fe5e9565f-subset.woff
cf-ray: 7e121f80ba7fd963-HEL
expires: Mon, 01 Jul 2024 06:11:53 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 92B3 2 KB
2 KB 57ms
57ms Font
font/woff 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F550abe329445702310657a53%2F5c120d1ef4ea2719643abe4f%2F36e435be-4fc8-4c1c-86c1-011e5e55d8cd.woff&t=%20
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14167577535780487168/PVFR_AON_SUMMERR23_PROSPECTION_DCO_SUMMER23_v2-French-300x600-638128298762814517-a8dd878d-970d-461b-ac8a-276c33dade6b.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6ed530f48f65c115804a69eeb519f91768bd255d676277032d7dd05d8e0d194

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:48 GMT
cf-cache-status: HIT
last-modified: Sat, 10 Jun 2023 03:56:54 GMT
server: cloudflare
age: 2040810
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=36e435be-4fc8-4c1c-86c1-011e5e55d8cd-subset.woff
cf-ray: 7e121f811b81d963-HEL
expires: Sun, 09 Jun 2024 03:56:54 GMT

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame F302 88 KB
88 KB 51ms
50ms Image
image/webp 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fs3-eu-west-3.amazonaws.com%2Fchannable-pvcp-images%2Fpvcp_images%2Fmedia_PV_SUMMER_2023_14L_800x600_AAA_111329_43.jpg&w=300&h=600&q=85&f=webp&rt=cover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5203d1cd65d6731e8ab7e78ba4265bc6ff15f34b17ec7156b86e4d595c56f2c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 21:11:48 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 20:14:48 GMT
api-supported-versions: 2.0
server: cloudflare
age: 36494
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7e121f81e8d44c86-HEL
content-length: 90050
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 1d4ff67b-c79f-4128-a98d-1bbac393b73f.svg
c.bannerflow.net/accounts/center-parks/5c120d1ef4ea2719643abe4f/images/ Frame F302 5 KB
2 KB 69ms
68ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/center-parks/5c120d1ef4ea2719643abe4f/images/1d4ff67b-c79f-4128-a98d-1bbac393b73f.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 884b54523a92e59d9daec1382e9ac7db0c33bb8d7bb3e99111e00621e2f08f57

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Jul 2023 21:11:48 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: TjlsUh307PKLlWf3lc6+3w==
age: 6447
x-ms-lease-status: unlocked
last-modified: Thu, 12 May 2022 13:50:20 GMT
server: cloudflare
etag: W/"0x8DA341E5AC6D2DF"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ff658a85-e01e-00a1-2b9b-8d365b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7e121f81e8d84c86-HEL

GET
H2 200 b62cf924-fb87-4565-8cee-0a510911a37b.svg
c.bannerflow.net/accounts/center-parks/5c120d1ef4ea2719643abe4f/images/ Frame F302 2 KB
885 B 55ms
55ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/center-parks/5c120d1ef4ea2719643abe4f/images/b62cf924-fb87-4565-8cee-0a510911a37b.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 331704aee114cfbd04ab32dbc48efce118fdd664fe1b3960800075eacc0840a7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Jul 2023 21:11:48 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: VsCF3oNBKseZ2v34fnpmvQ==
age: 6447
x-ms-lease-status: unlocked
last-modified: Thu, 07 Apr 2022 13:42:30 GMT
server: cloudflare
etag: W/"0x8DA189C764F6969"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2afe0a8f-b01e-0058-649b-8d3579000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7e121f8209024c86-HEL

GET
H2 200 27b3183e-ff1a-45c1-87d4-827b19e9ded9.svg
c.bannerflow.net/accounts/center-parks/5c120d1ef4ea2719643abe4f/images/ Frame F302 9 KB
4 KB 55ms
55ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/center-parks/5c120d1ef4ea2719643abe4f/images/27b3183e-ff1a-45c1-87d4-827b19e9ded9.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017a45168587ae1479523903d9e3631551266746d2b432f8da92c56286e88c14

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Jul 2023 21:11:48 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: AWwrGKnCgc1nICXUPCw7pw==
age: 6447
x-ms-lease-status: unlocked
last-modified: Fri, 12 May 2023 15:14:06 GMT
server: cloudflare
etag: W/"0x8DB52FB875961EF"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2b9cdb76-501e-0050-37d5-972f76000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7e121f8209084c86-HEL

GET
H2 200 273d0c00-5f0b-4847-9516-30894f0c8437.svg
c.bannerflow.net/accounts/center-parks/5c120d1ef4ea2719643abe4f/images/ Frame F302 2 KB
967 B 53ms
53ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/center-parks/5c120d1ef4ea2719643abe4f/images/273d0c00-5f0b-4847-9516-30894f0c8437.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7537388c39311241a2da2dbd6a4c04d2ff7f6a345fb31b90d87f2fc594be2a30

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Jul 2023 21:11:48 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 98j1yRIPnX87E8rfs4p0dw==
age: 6447
x-ms-lease-status: unlocked
last-modified: Fri, 12 May 2023 15:14:06 GMT
server: cloudflare
etag: W/"0x8DB52FB874F77BE"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 216bc766-901e-0070-039b-8d54d1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7e121f82090c4c86-HEL

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 92B3 0
81 B 76ms
76ms Ping
text/plain 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/63f88b41402b72ea53506152?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss6lWIQrw4Jgj09N2gTR3IPolJOzUh2fgw71IGc5tcmkg8Uve5xR9Pg2WZZPqTAqjzZEg71wwyjqYhqIntzXrb6cftQiKdbrges_c0LeQU0KVeL01gDOInkTA6MULZ775uZa0nY7I7cRrZ4QvwWiglqGOk6GMwjamz1zor2LkQ0C11titWgBH6ud1-kkHXVzKd7aapQlzvz9XZGbQ-lSofTnMew6Ozh_MeSBKEI4mZr1IuqLIh6sv8J5y6_dffg2ZH-x9IuILG4Rvu1kBAcRcbDNnlg4w77g0YDJqWehASdusL0D782O7IdGLsGNRl18KPb95zmCI8S9DfznLtpenhiJ72OJ1lgM3pRUEDDzCASvbgV_WlTdIrpq5ARO_nE7JckaZRFmu_n-WryvBIcwl3wg4HrlsjK7bjw8IXT1c4Np_MmlufJhrwG081zmEKKt2olsO5uC5s7HOtQRfJcgDrQwnef1UV3_2D36Ia8FvTt_bKGt41GQqgnzHmjhADNbqbOwn43Xe4QYwUEE4wEZ-uFF9HY4MeumtJiePyKRIVbg4xn4idUlHSsfMDRcYJG2fJPEYrP8MG3aIag4dVSWyxezEOFzUVoEKftiehMOM2a7TXp_dRLLUgladSp4jOx7TR0CiugiJ_vGpNZy3gDzUEvK97QnfK3BQdqT4yCYN1CQMbmcSVAczRIvrVsrsdZr5MbXFbLY3xu581gUJtui5XQX3ODmN9l-PBNFI8-izgrXoDbdga17wKAcl4q2x7osDC_ofeEzrHn5jhrq4EZs_6KNASjWugM2AHXCr2Go7GWQwAIPTvlMdrSJhvAXljnZGBROdUBlJNDIuqcCl0fQPX_kMzp1RTDqm-iCaoHU2Bqutz6FoTbfY954SYHKgZzdq05z5L4zQwNglxPJ7ysNhSyYcGbIxhdJuZDEzIs274frAi8HqXpA9SgVuxIjE_niP_lfV_ADDAxIU2sAXnvYsiw5Dl2kV2dr9O_22uBnLsdn5q6O3iIVblX6KV9SBUJI_dnBzF6DBfHFc_kgxe4idzQcISA3ohZ-HtKZbo8EP8gBaacJsq6bX5tSV2lK02Iu0Ifk0gyyr5jqfCqu1azBJ8qw4kz6A7ZZGN-Wxyg5yB8072dT18ltwV79khjOpGBj9gJvTZooz-Z_rxl04iZuN50bQWkD2ewmaDZzQJpaZSneJ-uRY6aJ60tExalZM15eddXk2-nQxfO8Gh9KpdAwgzoWMg5LtgpQ1M%26sai%3DAMfl-YSKbWGMEt4-1zvbtej27Zcdb_31pdJ_PK59s7GAT4GXx7r6s1kn4m0TOdOGnWF7qfbDv0RqgbrkzLR5q9NePZJPBvYFO5QitHCFTk_8Dk9SQkOref4KD8m7akf-MnRFCYsaW9LaVUPkGBlbbv_9jgAgvfzpbYiVs1SKB2xz_YOyfn0VcZ6ZZFBxVISlYuBONX9EBfBmtuXtWc-mwrq4oXS6LQzygf1W1x73XwR_uX2lg20BW_yFlHTL6RPRJApk7iyc29avwspSRyBJVVRRXxDOq1DVJbj4ZeDMOe_98cTb0CKb%26sig%3DCg0ArKJSzKBYY2NJ6MxFEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7088149%26adurl%3Dhttps%253A%252F%252Fwww.pierreetvacances.com%252Ffr-fr%252Fnous-connaitre_ms%253Futm_source%253Ddfa%2526utm_medium%253Dcpm%2526utm_campaign%253DPVFR_AON_PROSPECTION_TGT_3P-InMarket_Summer23-Phase4_Display_DV360_300x600%2526utm_term%253DOM%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 21:11:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e121f8279fe4c86-HEL
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

Verdicts & Comments Add Verdict or Comment

252 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
utua.com.br/gt-emp-gt-crediplan-p1	1970-01-20 13:01:45	Name: bg_location Value: %7B%22location%22%3A%7B%22country%22%3A%22FI%22%2C%22city%22%3A%22Helsinki%22%2C%22continent%22%3A%22EU%22%2C%22region%22%3A%22Uusimaa%22%2C%22regionCode%22%3A%2218%22%2C%22timezone%22%3A%22Europe%2FHelsinki%22%2C%22latitude%22%3A%2260.21880%22%2C%22longitude%22%3A%2224.87080%22%7D%7D
.utua.com.br/	1970-01-20 13:00:18	Name: lotame_domain_check Value: utua.com.br
.openx.net/	1970-01-20 21:45:54	Name: i Value: 624ee8b8-7452-468a-91dc-d2f50993ff95\|1688418705
.criteo.com/	1970-01-20 22:21:54	Name: uid Value: 2b84cfd6-4a4b-4f89-a691-8b5b3d834f14
.utua.com.br/	1970-01-20 22:21:54	Name: cto_bundle Value: clTAQl80aHRaaVl1V0FzUEdhcXgxaURrbm50bG9qV1NzJTJGSlVZVGNUSE00Vk1PVFBnQkFmemY0WW5KZXlQaG8zOEYxdUNZNXgzaE5rZUolMkZyZWRlMDJwWFp0cmo2ZVUwM3JzMXJONVdVRUlLTGRYQVV0a2Q0cXA0SVBYZ1lseEdHd2U4Mmt3ZUw4djNyWFVoMDd0UXJQSCUyRmYwYmclM0QlM0Q
.utua.com.br/	1970-01-20 20:12:18	Name: bg_anonymousId Value: f18c2257-605c-4ae9-8e94-7f5ef11c934c
.utua.com.br/	1970-01-20 22:21:54	Name: __gads Value: ID=8fed35b43bd3cf50:T=1688418704:RT=1688418704:S=ALNI_Ma-LBYvHRGAl-WbvPgI6Gy-TrtTcw
.utua.com.br/	1970-01-20 22:21:54	Name: __gpi Value: UID=00000c36f327abd1:T=1688418704:RT=1688418704:S=ALNI_MbZ4swocBWvj48cI6lZuLxEtmfcxQ
.utua.com.br/	1970-01-20 13:00:20	Name: bg_sessionId Value: 3adfe45f-cbaa-4b97-9efc-8bfe4b49b01f
.doubleclick.net/	1970-01-20 22:21:54	Name: IDE Value: AHWqTUnDR3l3kjVBIXD8ZhDm_ddiXI8BkjCtyjbFNAS2sl_Gk9crjjtshN1GCYrv
.adnxs.com/	1970-01-20 15:09:54	Name: uuid2 Value: 1496978621950204667
.casalemedia.com/	1970-01-20 15:09:54	Name: CMPS Value: 2184
.casalemedia.com/	1970-01-20 15:09:54	Name: CMPRO Value: 2184
.doubleclick.net/	1970-01-20 13:00:22	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 15:09:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVKl!!E[!]tbPl1M>e)ZlrFUfJ+tGXxpOX:wZMY7OiPHOvT_HU0>6HMXNf[8/7X7aSLVbpRzqF1`*b^v-)pr]N
.casalemedia.com/	1970-01-20 21:45:54	Name: CMID Value: ZKM5km1SXFm0.Uk.HZGY1gAA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
assets.begrowth.com.br
bcp.crwdcntrl.net
bucket.utua.com.br
c.bannerflow.net
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
daac29652b72758ead52df54cc3cab2a.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
location.begrowth.com.br
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
utua.com.br
www.google.com
www.googletagservices.com
www.gstatic.com
104.18.35.34
142.250.185.66
162.19.138.82
172.217.16.194
178.250.7.13
185.80.39.216
185.89.210.46
2001:4860:4802:36::35
2600:9000:2250:c200:a:e047:753:be1
2606:4700:10::6816:29
2606:4700:10::ac43:266a
2606:4700:20::681a:551
2606:4700::6812:ae65
2a00:1450:4001:801::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::2006
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::c
2a04:4e42:600::485
34.102.146.192
34.120.135.53
34.96.70.87
35.190.39.111
35.244.159.8
54.217.8.192
65.9.66.68
017a45168587ae1479523903d9e3631551266746d2b432f8da92c56286e88c14
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
050579c5e99b80ee04dd56f281b33ec9e97cf702b3afb43decffd1374f0b8ce2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986
20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8
20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e
27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
331704aee114cfbd04ab32dbc48efce118fdd664fe1b3960800075eacc0840a7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e96fedf15d68453deaa1fb3bfdfb2849ba0b23b42f990d2b8dd8a5e35b6a229
4f466606324c817d535870492cb047e3a633550971a849918a9648f506cbe881
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e6df2aa5b8a497da4a9d53b78a5582acff7ca68ac9b07da6f8d9c7ba67d8f1
563aa1e303165c6c5b1401c26a44f0e6989e21e61e718c48904b02e66e64dea3
56ce92887c108586bf63058a06f051e957f58936396e829d5fddeb59dbab0e59
580484de80425eeec8a6ed1215a5fc5fb9ece2ad2329c93396dc45e342fc2a0d
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5be9717ba973ccaabdd9e2038a32145503c8358a01125498b8774db6354a0a40
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c87150708f3168ea8eb6b6a3c23b45ea92a459b6c1e9799ed8d370907a5dd29
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627388009157104c7d18671679f441bb5cb088f7b5ab5896d08c2b6e5b37ee45
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
691171b5764dfbadde30c21093afb347c83532080d764d8b1396a133f6828a00
6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
6e744d4bfd41839f9dc659052d950cacffb86b7b71104bfb8e82396ca677a2f9
729fdd056968891a9b7a1eb8fa6365f58a7da10fd953e837feec3bea6501b585
73886a6eaea4b617db5260434c849abf3579fccbc663276c9afd9b1985e7c9e3
74479d62925af6f26ef1143977cfb1117f3a64d260caa9948e8773d4e00258b8
7537388c39311241a2da2dbd6a4c04d2ff7f6a345fb31b90d87f2fc594be2a30
77cf7cb4056cffe52a3240f74fde75b36d63daa53fe58e75aad651492c64e07d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8
83931e25c2b39853f7020992268f09ce4d55d1735cfe29d92f3cddbe4bec90c6
884b54523a92e59d9daec1382e9ac7db0c33bb8d7bb3e99111e00621e2f08f57
96686ac3b1afe326ee0ccfa814d71810d259c37b040e8754155230dd05f41102
99f91008e669a94bdd38ff9f2b92852dd1446c1de9e885815d239c84eaa88d85
9b716dd67c0beb606c4b957f773683974a74113dc5027e74c64d4ade3e6a02db
9cbcadc7fa36cab741085943d823f2337168e3741107a62c87391c72a8f36d88
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a324719220774d0b4d5f5c2bb36d30fae3a4a5046bf86f0641f6c19d0b69a11a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a784560c79c2bd930b184a4134d59b1d672fe786320828f191e68f48458d6f90
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
ae959b0a19f99d5a2a19f4a3c937cf0b87a3ed43c00d5161e98c1504ffdae73d
aeb3f806ca5d0b2f8421760912fcbcae52396b5535a710131add1e9811b3fad5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bceb003b10f10b0bbb452f6edab594a6a3614ca399ca83bcbda0d9ded7f6d907
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c5203d1cd65d6731e8ab7e78ba4265bc6ff15f34b17ec7156b86e4d595c56f2c
c6ed530f48f65c115804a69eeb519f91768bd255d676277032d7dd05d8e0d194
cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475
cd6e154f8fd13da04a0e721e78361924febdbed54ba77ca97f9ffd458fe0c2e7
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
d4938218ce8a8325dc656e02eb1b2af4842280a54aad0ce0d11f323cb5725d27
d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942
db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e2bdba664c87e553e3a25d56fef1fc8f98b9552bbf785e81c7b13e089b0875bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eecba504edc3120b7053c0959d2c333631d2650d764d4f1d08c862cbafdb707e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39e493d44f1322c379953233b13fd5bafeb1445796750813f957310d567d764
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

utua.com.br Open in urlscan Pro 2606:4700:10::6816:29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

154 Requests

94 %HTTPS

61 %IPv6

25 Domains

38 Subdomains

37 IPs

6 Countries

1347 kBTransfer

3735 kBSize

16 Cookies

0 Outgoing links

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

utua.com.br Open in urlscan Pro
2606:4700:10::6816:29 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

94 %
HTTPS

61 %
IPv6

25
Domains

38
Subdomains

37
IPs

6
Countries

1347 kB
Transfer

3735 kB
Size

16
Cookies

154 HTTP transactions
5 data transactions