ajuda.serasa.com.br Open in urlscan Pro
104.16.53.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cl.s11.exct.net/?qs=51c730ba65fdea6c21114d348048743e459365e6a510c099f43f09b2adfed1471f80aca1359a728b828989a9b6c0...
Effective URL:
https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A...
Submission: On April 08 via api (April 8th 2022, 11:39:31 am UTC) from US — Scanned from DE

Summary HTTP 163 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 49 IPs in 8 countries across 39 domains to perform 163 HTTP transactions. The main IP is 104.16.53.111, located in and belongs to CLOUDFLARENET, US. The main domain is ajuda.serasa.com.br.
TLS certificate: Issued by R3 on February 7th 2022. Valid for: 3 months.

This is the only time ajuda.serasa.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.71.12 13.111.71.12	22606 (EXACT-7) (EXACT-7)
1 9	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1 1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
4	104.236.60.225 104.236.60.225	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	108.157.4.113 108.157.4.113	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.86 108.157.4.86	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.7 108.157.4.7	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	52.217.14.252 52.217.14.252	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.102 143.204.98.102	16509 (AMAZON-02) (AMAZON-02)
1	217.79.188.11 217.79.188.11	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.54 217.79.188.54	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	52.86.137.10 52.86.137.10	14618 (AMAZON-AES) (AMAZON-AES)
5 6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 5	92.122.147.230 92.122.147.230	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1	78.46.23.46 78.46.23.46	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
7	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.92.106.130 104.92.106.130	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	85.10.231.200 85.10.231.200	24940 (HETZNER-AS) (HETZNER-AS)
1	178.79.242.245 178.79.242.245	22822 (LLNW) (LLNW)
1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	164.132.182.207 164.132.182.207	16276 (OVH) (OVH)
1	85.114.131.235 85.114.131.235	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1 2	35.186.240.205 35.186.240.205	15169 (GOOGLE) (GOOGLE)
1 1	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
163	49

1 13.111.71.12 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: cl.s11.exct.net

cl.s11.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.53.111 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ajuda.serasa.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p13.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
theme.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.236.60.225 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.agentbot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

serasaconsumidor.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-113.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-86.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-7.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.14.252 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

agentcore.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net

adapter.aivo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com

ad13.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.137.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-137-10.compute-1.amazonaws.com

apibot.agentbot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 92.122.147.230 (Milan, Italy) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-147-230.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.216 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.116 (Reilingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

ad4.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.106.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-130.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.239.217 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.10.231.200 (Kassel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-231-200.clients.your-server.de

www.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.245 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-245.fra.llnw.net

asset.conrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.132.182.207 (France)

ASN16276 (OVH, FR)
PTR: ip207.ip-164-132-182.eu

cdn.ad-sun.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.235 (Rheinfelden, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21039.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.240.205 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 205.240.186.35.bc.googleusercontent.com

lenovo.7eer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128 pagead2.googlesyndication.com — Cisco Umbrella Rank: 98	157 KB
27	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2110 p13.zdassets.com — Cisco Umbrella Rank: 34313 theme.zdassets.com — Cisco Umbrella Rank: 11168	910 KB
21	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 ad.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	219 KB
9	serasa.com.br 1 redirects ajuda.serasa.com.br	30 KB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 238	28 KB
7	ad4m.at ad4m.at — Cisco Umbrella Rank: 2329 as.ad4m.at — Cisco Umbrella Rank: 2723 assets.ad4m.at — Cisco Umbrella Rank: 36633	44 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 4 adservice.google.com — Cisco Umbrella Rank: 77	2 KB
6	ad-srv.net 1 redirects ad.ad-srv.net — Cisco Umbrella Rank: 32699 ad4.ad-srv.net — Cisco Umbrella Rank: 220816	7 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	4 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	112 KB
5	agentbot.net cdn.agentbot.net — Cisco Umbrella Rank: 104969 apibot.agentbot.net — Cisco Umbrella Rank: 99437	213 KB
4	awin1.com 4 redirects www.awin1.com — Cisco Umbrella Rank: 15136	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 248	4 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
4	jquery.com code.jquery.com — Cisco Umbrella Rank: 647	166 KB
3	adition.com imagesrv.adition.com — Cisco Umbrella Rank: 16391 ad13.adfarm1.adition.com — Cisco Umbrella Rank: 35439	11 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 621 script.hotjar.com — Cisco Umbrella Rank: 818 vars.hotjar.com — Cisco Umbrella Rank: 999	66 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5383 adservice.google.de — Cisco Umbrella Rank: 7579	1 KB
2	7eer.net 1 redirects lenovo.7eer.net — Cisco Umbrella Rank: 504953	550 B
2	media01.eu www.media01.eu — Cisco Umbrella Rank: 269892 pb.media01.eu — Cisco Umbrella Rank: 44330	1 KB
2	zenaps.com 2 redirects www.zenaps.com — Cisco Umbrella Rank: 20144	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1031	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 411	419 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	73 KB
2	amazonaws.com agentcore.s3.amazonaws.com — Cisco Umbrella Rank: 139662	30 KB
2	gstatic.com fonts.gstatic.com	45 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 436	18 KB
2	zendesk.com 1 redirects assets.zendesk.com — Cisco Umbrella Rank: 7566 serasaconsumidor.zendesk.com	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	ojrq.net 1 redirects www.ojrq.net — Cisco Umbrella Rank: 7647	583 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 67611	12 KB
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 51671	9 KB
1	ad-sun.de cdn.ad-sun.de — Cisco Umbrella Rank: 391477	14 KB
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 46083	1 KB
1	conrad.com asset.conrad.com — Cisco Umbrella Rank: 84052	22 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 63776	731 B
1	aivo.co adapter.aivo.co — Cisco Umbrella Rank: 92553	11 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2288	258 B
1	exct.net 1 redirects cl.s11.exct.net — Cisco Umbrella Rank: 84750	588 B
163	39

	Domain	Requested by
16	theme.zdassets.com	ajuda.serasa.com.br p13.zdassets.com
15	pagead2.googlesyndication.com	0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ajuda.serasa.com.br cdn.agentbot.net www.googletagservices.com
13	tpc.googlesyndication.com	ajuda.serasa.com.br 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
9	static.zdassets.com	ajuda.serasa.com.br static.zdassets.com
9	ajuda.serasa.com.br	1 redirects ajuda.serasa.com.br static.zdassets.com
8	cdnjs.cloudflare.com	ajuda.serasa.com.br cdnjs.cloudflare.com
7	securepubads.g.doubleclick.net	ajuda.serasa.com.br securepubads.g.doubleclick.net
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
5	ad4.ad-srv.net	1 redirects 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com ad4.ad-srv.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	ajuda.serasa.com.br 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	1 redirects ajuda.serasa.com.br 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com tpc.googlesyndication.com
4	www.awin1.com	4 redirects
4	ad4m.at	0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com ad4m.at
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	securepubads.g.doubleclick.net cdn.agentbot.net
4	cdn.agentbot.net	ajuda.serasa.com.br cdn.agentbot.net
4	code.jquery.com	ajuda.serasa.com.br
3	0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	lenovo.7eer.net	1 redirects as.ad4m.at
2	as.ad4m.at	ad4m.at as.ad4m.at
2	www.zenaps.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.googletagservices.com	0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
2	ad13.adfarm1.adition.com	0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com ad13.adfarm1.adition.com
2	agentcore.s3.amazonaws.com	ajuda.serasa.com.br
2	fonts.gstatic.com	fonts.googleapis.com
2	ad.doubleclick.net	1 redirects ajuda.serasa.com.br
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	cdn.jsdelivr.net	ajuda.serasa.com.br cdn.agentbot.net
2	www.google-analytics.com	ajuda.serasa.com.br www.google-analytics.com
2	p13.zdassets.com	ajuda.serasa.com.br
1	www.ojrq.net	1 redirects
1	assets.ad4m.at	as.ad4m.at
1	ad-server.eu	ad4.ad-srv.net
1	pb.media01.eu	pv.medialead.de
1	cdn.contentspread.net	ad4.ad-srv.net
1	cdn.ad-sun.de	ad4.ad-srv.net
1	pv.medialead.de	ad4.ad-srv.net
1	asset.conrad.com	ad4.ad-srv.net
1	www.media01.eu	ad4.ad-srv.net
1	www.conrad.de	ad4.ad-srv.net
1	ad.ad-srv.net	ajuda.serasa.com.br
1	apibot.agentbot.net	cdn.agentbot.net
1	imagesrv.adition.com	0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
1	adapter.aivo.co	cdn.agentbot.net
1	vc.hotjar.io	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	ajuda.serasa.com.br
1	www.google.de	ajuda.serasa.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	serasaconsumidor.zendesk.com	ajuda.serasa.com.br
1	assets.zendesk.com	1 redirects
1	cl.s11.exct.net	1 redirects
163	58

This site contains links to these domains. Also see Links.

Domain
sitenet05.serasa.com.br
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com
open.spotify.com

Subject Issuer	Validity	Valid
ajuda.serasa.com.br R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.agentbot.net Sectigo RSA Domain Validation Secure Server CA	`2022-01-19` - `2023-02-19`	a year	crt.sh
serasaconsumidor.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
aivo.co Amazon	`2021-12-23` - `2023-01-20`	a year	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2021-04-15` - `2022-05-17`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2021-05-21` - `2022-06-22`	a year	crt.sh
ad-srv.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
www.conrad.de Cloudflare Inc ECC CA-3	`2021-05-17` - `2022-05-16`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
pv.medialead.de R3	`2022-02-20` - `2022-05-21`	3 months	crt.sh
contentspread.net R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
ad-server.eu R3	`2022-02-13` - `2022-05-14`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Frame ID: A116E91C179A4301D682C2AA8F00FE87
Requests: 83 HTTP requests in this frame

Frame: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 82C7F40406AD93B7EC6866890A2A63A8
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: BED6311A4D691D39FD82402181137101
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: FBF930A5CDD2EF9799B46CE0B8F267EB
Requests: 14 HTTP requests in this frame

Frame: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 39FDCBF123ACBA2FE933A242C0CFF9F0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiJ4NLHATAB&v=APEucNUdXmG6dP6pgLNEB9r-I8I8q7-gkGPA-DdgPunjxQ7j4fDH4c8Rhxvh64rVM4t8cDPPz2qNa2mIUkacC5_9uD2jhNXf7tSb6fvn1GjFJw52WXObN_hM_gGWWkIunM7sjc2l90Fhzh7fvDZ7sN2GN4XgKleJc4nXuFT0XplRO6hFHA02hKI
Frame ID: 7FEA830199502F1464C1707A2A87A289
Requests: 5 HTTP requests in this frame

Frame: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5DB76F68D7DE694E1D78D3D645090A8A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCS6EoYrvOMbDAB&v=APEucNW_OlkRjtGkqK3pbDm9Er7i8lHTYeweXAhMRWJUT_AuASOzbWbZeNN6MD0GzIS_xtviP1Biso4DHwBSGfK7IPOQgoWIj7LPykdQ0QCT3rYCSRbVmfM3vNbRkxf33_TkCQS8Fkkvg7tgIIcUqsEuQdF0J_fVmgZ-JMY5lEqJJ4rrkrYPt1I
Frame ID: A30AF5BABAC35C3CEB255B9983166EFF
Requests: 5 HTTP requests in this frame

Frame: https://www.conrad.de/ztpv.php?awc=11354_473322_1649417967_8bb3c390-b730-11ec-ba92-2231672bdcd1&insert=AW
Frame ID: 58E9BF5532ABA3749AF663902F477299
Requests: 1 HTTP requests in this frame

Frame: https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_473322_1649417967_8bb7bb30-b730-11ec-956f-22655f6734d7&dt_mode=iframe&dt_url=
Frame ID: A0DD9E2BE5BE7E2E3FD0A4A52A897E02
Requests: 1 HTTP requests in this frame

Frame: https://ad4.ad-srv.net/request_content.php?s=46881300088464200383828011923004&a=4716afee
Frame ID: AC9811E2388D9EA26E5AB9F2E0DD3BFD
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 95A4FE94CDF968E78F85C764F552840A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2AA463AB85FABF467CC9B8E930681412
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50099&dt_subid2=46881300088464200383828011923004&actionid=981741&produktid=&dt_url=
Frame ID: 38705632CECE6F47521D9BF98DE45851
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4927A42C6A89861FB608C14DDA7AECD6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0A9C789A06E40317B23441A1C0A6FFF4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A14B20688F5192F01E4EEE8BE5BAC58
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=24411&b=Yxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcr&f=q4gUmfBDeXt79WaZH3C1HRCQVEUPTgTZRU3&c=160&d=600&e=ZQIHifWby-GqjvmE1ueAOOwqcJhTTjFz&g=4dc035707b9945f17da8754df361c1e4%2F8735007909180105330&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&r=1649417968143&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC1Yal7h5QYpq2KMGD3gPS173oBsnR-oli9sukzqwM8C4QASDh7spAYJWCgICYB8gBCakCSyvHseQ4sj6oAwGqBIECT9BBi-puNKVCpS7l3nTf4WA7-_AKUX9ZiV8y-C_jokKHj5N33VabhhOsQeDmC2IFBmq4Yy3yx-wKi2oSc25_uJsWJ1W0OLNOll5txXjNPt_KpSaBcsjx47K1g7Z7-oetwxOsXmpVDYw2u6hsLfmLS_wMV6txMoNruRf2vfawL760ftHsPB7Afi1lE80PliLcPpmpieAtz1RGSfT2fPiNljmftdCfp0i2DcVqu8pX0lWr9hVScTqP92_zG8N0NDVpiK5iZZDBZeePLQOGUx1r2NHgdLmUGo1XKvUUmfCTWglsxbGEAXOmUNz4Nb9P1oOGMBJeHMAYXCzcGM-HNNUz863ABPe83OKeA-AEA5AGAaAGTYAH6sHBXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATop_TBtATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-Ro7GZKgAYrjpfP2fqNYCGngy4gHgANwhOol9NoG9sl12w2AAqJFQ%2526sig%253DAOD64_0J5-EkK22r2AjdgBcvRMrKPbtGLA%2526client%253Dca-pub-9650408980791532%2526dbm_c%253DAKAmf-CnPJ9cAN_3tJENRR4NaBeZDowePv2REgSlAhxHrPMBg63pHa6l1_Mu_6QL82tMdCPpPhtTeMf__rmYXBK7vP7hD3cP42ZkEq-fuUm9gAGqcHQCOO_caHX5TXfhVNTO61C4W4qeMpcfsfD0ke-487zVd2bdEw%2526cry%253D1%2526dbm_d%253DAKAmf-AFGpcVr1DSZOaVChnzShLTbTbTMWdD92lr02IY0Vzsid9-X5wt_2Y2Evi16y47sfEkrcZ2VmDtJrmCc_JAzeQFRYEAqs2pjUilIyqAQ7ferRMOE3TjrYF_GI9BqwdpPSaDVAWYziRKrt18v8-Od60c3QWkI43eV6UK__tUF2cwXvlb_pxOymMxnniF-1tYfLFBUGP42qTAJ_J_HhD2pWS1qCFqDWWignPFMmdjV4PqLXTDFlV0CaNjfa7BWOaVCo6u_aHc7hVz9ZkQWKSBQiX1uXoYmH5AepblF0Q7lNH7fXz_GjUyUI53sJzJldY3xZg3NW1kmUuRoXUHlomVkgonrgOrGWRG2o096VNGtPCWuAXpi4Q3QoER8zCAUwSLe4lQDrhHVjxrwZe30iLRzlD77f2dDhWJycSoxG91iowFJ3qG6MQKnSESpMLsTyVuU5R7uOE0BG7zsYzoAbboLXX96xecWvbqZemSmkn5enPeihnPuIHeqC_PsDGcWeG9KVdMuGNVatMic9ziwG4xxpTofRPZhhGk6MzR3jw3oFa8-oseWUgYDo4oPD1DYOMyO5q0TLBV5Eap88s_Ggqt16qvhbYE9L-tNxxaa3QczkqJVAHtabmTvxx7NvITxrJyFfUUAoRK_IlXgAkScAZcs_yHjEyeDktJf8IW0puir0KJnZXM52q8hs3Nr-4kJCxx6wfBFNAhfnrPSX4jmQN356PZV49A65f_vDzrF2htkzLessiXFh0-90dM52FJzPbQ3QtQ7MZPjYXQHfg76ZzZocXZD66_8kOpyYBvAnbPbU3G4Xg9J4g%2526adurl%253D&y=1&z=0
Frame ID: 33AC3F8C0CA6AACF68DF0E815E91784E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Como acionar o Alerta Provisório? – Central de Ajuda - Serasa

Page URL History Show full URLs

https://cl.s11.exct.net/?qs=51c730ba65fdea6c21114d348048743e459365e6a510c099f43f09b2adfed1471f80aca1... HTTP 302
https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-l... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

163
Requests

91 %
HTTPS

35 %
IPv6

39
Domains

58
Subdomains

49
IPs

8
Countries

2237 kB
Transfer

5789 kB
Size

36
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://sitenet05.serasa.com.br/chequedocroubados/CadastroCPF.aspx
Title: Quero me cadastrar

Search URL Search Domain Scan URL

URL: https://www.facebook.com/serasa.com.br

Search URL Search Domain Scan URL

URL: https://www.instagram.com/serasa/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCZxt4ydjJGnV6fieQaVZ7bA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/serasa

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/5ZTMUau1ssfgmCIyvygpwt

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cl.s11.exct.net/?qs=51c730ba65fdea6c21114d348048743e459365e6a510c099f43f09b2adfed1471f80aca1359a728b828989a9b6c0652523e4340dd1f25ba2da36520a79da6744 HTTP 302
https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://assets.zendesk.com/assets/apps/conditional_fields/latest/helpcenter.js HTTP 302
https://static.zdassets.com/conditional_fields_app_hc/latest/helpcenter.js

Request Chain 60

https://ajuda.serasa.com.br/api/v2/help_center/articles/360012553371.json HTTP 301
https://ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/360012553371.json

Request Chain 73

https://ad.doubleclick.net/ddm/trackimp/N377801.3435685GOOGLEADS/B27337746.329782156;dc_trk_aid=521819059;dc_trk_cid=167039996;ord=2447946762;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N377801.3435685GOOGLEADS/B27337746.329782156;dc_pre=CMzF3t-whPcCFfH7dwod6dcJmg;dc_trk_aid=521819059;dc_trk_cid=167039996;ord=2447946762;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpOjNvEMPVQxkNZXfW-ZMw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpOjNvEMPVQxkNZXfW-ZMw&google_cver=1&C=1

Request Chain 99

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlAe7qbxJL12sWRW1KEhZQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpOjNvEMPVQxkNZXfW-ZMw&google_cver=1

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED0mmLP3CUWNH2eiahACjT0&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED0mmLP3CUWNH2eiahACjT0%26google_cver%3D1

Request Chain 101

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ5ODEwMzc0MzAzMjAzMTU0Mg%3D%3D

Request Chain 106

https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=ab63a4ab67&subid=&uid=930642a09b4ee92c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fajuda.serasa.com.br%2F&ancestorOrigins=https%3A%2F%2Fajuda.serasa.com.br&random=720280380975&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=ab63a4ab67&subid=&uid=930642a09b4ee92c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fajuda.serasa.com.br%2F&ancestorOrigins=https%3A%2F%2Fajuda.serasa.com.br&random=720280380975&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF-a9yJhBIqQVoEzB9u7pmg&google_cver=1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEM8d3BcaAI5ifWMqDzIvBKk&google_cver=1

Request Chain 120

https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pv=1&pref1=46881300088464200383828011923004 HTTP 302
https://www.zenaps.com/cshow.php?pvr=8bb3c390-b730-11ec-ba92-2231672bdcd1&v=11354&r=473322&q=371931&s=2470208&viewref=46881300088464200383828011923004&pv=1 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_473322_1649417967_8bb3c390-b730-11ec-ba92-2231672bdcd1&insert=AW

Request Chain 121

https://www.awin1.com/cshow.php?s=2840015&v=20646&q=409071&r=473322&pv=1&pref1=46881300088464200383828011923004 HTTP 302
https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_473322_1649417967_8bb7bb30-b730-11ec-956f-22655f6734d7&dt_mode=iframe&dt_url=

Request Chain 126

https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pref1=46881300088464200383828011923004 HTTP 302
https://www.zenaps.com/cshow.php?pvr=8bb8a590-b730-11ec-956f-22655f6734d7&v=11354&r=473322&q=371931&s=2470208&viewref=46881300088464200383828011923004 HTTP 302
https://asset.conrad.com/media10/isa/160267/c1/-/de/boschaktion_234x60?format=gif

Request Chain 128

https://www.awin1.com/cshow.php?s=2869893&v=20646&q=411817&r=473322&pref1=46881300088464200383828011923004 HTTP 302
https://cdn.ad-sun.de/STIHL/Werbemittel/Homepage/stihl_affiliate_werbemittel_usp_234x60.gif

Request Chain 162

https://lenovo.7eer.net/i/1197007/815242/3786?subId1=oneidYxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcroneid__asuidZQIHifWby-GqjvmE1ueAOOwqcJhTTjFzasuid__dbmRTXL&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Flenovo.7eer.net%2Fi%2F1197007%2F815242%2F3786%3FsubId1%3DoneidYxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcroneid__asuidZQIHifWby-GqjvmE1ueAOOwqcJhTTjFzasuid__dbmRTXL%26gdpr_consent%3D%26gdpr%3D0%26gdpr_pd%3D0%26level%3D1&cid=3786&tpsync=no HTTP 302
https://lenovo.7eer.net/i/1197007/815242/3786?subId1=oneidYxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcroneid__asuidZQIHifWby-GqjvmE1ueAOOwqcJhTTjFzasuid__dbmRTXL&gdpr_consent=&gdpr=0&gdpr_pd=0&level=1&brwsr=8c66e783-b730-11ec-a7e0-ab4671ed77cf&brwsrsig=wpyUUuWXd27iU9HSOIW3PxLkSvZ1pc

163 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio Show response
ajuda.serasa.com.br/hc/pt-br/articles/
Redirect Chain

https://cl.s11.exct.net/?qs=51c730ba65fdea6c21114d348048743e459365e6a510c099f43f09b2adfed1471f80aca1359a728b828989a9b6c0652523e4340dd1f25ba2da36520a79da6744
https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm...

60 KB
15 KB

1253ms
1001ms

Document
text/html

104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b877318e6b04ae287105d3a6b85090f387711c17fb4b2528a26f61f0700c07f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
cf-cache-status: MISS
cf-ray: 6f8ab8e57e48926e-FRA
content-encoding: br
content-language: pt-br
content-type: text/html; charset=utf-8
date: Fri, 08 Apr 2022 11:39:25 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
protocol: HTTP/1.1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTHpz8UcpyBgWXYLxcP6A0Od2OhyOvACc8HWRQLgf%2BEPo4uTQ0XTi%2FFzPSS8oHrO9bL2Gsf3%2B4d6TbufC2eMjZIZT9nOMRFHdp%2B%2B9QcZ%2F93mDPepNRoDtB2wRVgp69fbFtQQXCw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-envoy-upstream-service-time: 168
x-frame-options: SAMEORIGIN
x-request-id: 6f8ab8e59769926e-FRA 6f8ab8e59769926e-FRA
x-runtime: 0.164569
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-zendesk-origin-server: help-center-unicorn-765954b689-lf42v
x-zendesk-zorg: yes
zendesk-api-version: 2022-01-01

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 566
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Apr 2022 11:39:23 GMT
Location: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&

GET
H2 200 application-eee6d8d7fa05e7e79d4f3bfce1e548f7.css
static.zdassets.com/hc/assets/ 54 KB
11 KB 102ms
51ms Stylesheet
text/css 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/application-eee6d8d7fa05e7e79d4f3bfce1e548f7.css

Requested by

Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a972b4d1cdb31c6ed98e2b2cdb37aeaf482dedf022c278e8579b44d545b87d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172672
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: V7CJY7NJRM1KV01X
x-amz-id-2: El1ehXQ6j6PHttboBGWxpZrieKjreFV9377fFHUTLXNBplWr4wisAH+Lh9QAOPto7BvLE9U0go0=
last-modified: Wed, 16 Feb 2022 11:38:17 GMT
server: cloudflare
etag: W/"db93d565a4a928bcc3c7f69066f238cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEXjoHJLtpPGmcIe9XsKOzVOltW%2Bz%2B3QrIY5SPtIVCL%2B%2B1BhyGSviNwrFGJsF8GnOikE46AM1LTV3rm5c%2FihjOwvHU3bMY5tHnSesfujnkQTxqwISaWRdsCrqwfVOSnPXJh2Rnc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-amz-version-id: _8zAQbC.eJm5lM4RUl704vubjUGk2xfb
cf-ray: 6f8ab8ec3c3999d9-CDG

GET
H2 200 style.css
p13.zdassets.com/hc/theming_assets/2029595/114094504791/ 132 KB
24 KB 92ms
34ms Stylesheet
text/css 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5233929039629

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e26590014d3d13154389b9625a653d9d7713d43165c3361150e54123ac99eba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76799
x-zendesk-origin-server: help-center-unicorn-664bdc7b4b-btlnv
x-envoy-upstream-service-time: 22
zendesk-api-version: 2022-01-01
strict-transport-security: max-age=0
protocol: HTTP/1.1
content-encoding: br
x-zendesk-zorg: yes
x-request-id: 6f53b683cda539ff-SEA, 6f53b683cda539ff-SEA
x-ua-compatible: IE=edge
x-runtime: 0.018574
x-robots-tag: none, noarchive
server: cloudflare
etag: W/"e26590014d3d13154389b9625a653d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JLv0CvyQqAOg%2Bcmu7A7RvdWZsW6IyW2KWfdqg24x%2B2k68JS811vPObvz1yqaI2HOZatF2BrpAtsOBvdF1ZE0zUTFcHBxQ6bKo2RcbNwBQbaFxfKToyRN3%2FQyLPQo6qpwMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=604800, public
cf-ray: 6f8ab8ec4b9699f1-CDG

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 43ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 275
date: Fri, 08 Apr 2022 11:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 08 Apr 2022 13:34:50 GMT

GET
H2 200 slick.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
1 KB 70ms
27ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 306063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 450
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFY%2FFrxD4GbfR1TDw%2Fpw2p%2Fs8z8P5YkFRHlY8hkiYSu39ZfciEhbStihn34buXCrmnLz1gGmIzq7zTXbwjhGaW4LCW2qoreG2EOsxf1KUGxCD0DUqI5I%2FwAWFIOfRTzyzHkcrJCcfG56RsvEId%2FaoZTH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f8ab8ec2d1259a7-MXP
expires: Wed, 29 Mar 2023 11:39:25 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
973 B 75ms
33ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1861508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 657
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=So6%2Bzwx1oRfLuQYU6TCJAE5fB%2BsKkqer3pEej4TtTQViBdqT24qSFrOw%2F1tWcp3o%2BHm254aeeAt3TSxuecYRy2bNJgbw5yh8r57fUErdT8rrfWJn0TSJoF2boXvLMqggt2RbjjOOXWqnXTHoYeX5i1Yg"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f8ab8ec2d1559a7-MXP
expires: Wed, 29 Mar 2023 11:39:25 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ 94 KB
33 KB 33ms
12ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1787d"
vary: Accept-Encoding
x-hw: 1649417965.dop146.fr8.t,1649417965.cds267.fr8.hn,1649417965.cds001.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33357

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 40ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1c1f"
vary: Accept-Encoding
x-hw: 1649417965.dop146.fr8.t,1649417965.cds267.fr8.hn,1649417965.cds161.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3063

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 43 KB
10 KB 75ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2563890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9564
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-ab69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAQmsdd5nfwMoXvMWRkvyLLFsu%2BaXPIA4d5uoOXKt2z2UjdtIvCAMjEnkL4IIB4%2FibBzOKm3RURrwhcrrGoLY6wY%2Fv13Y2fvadDRbGPJbmz%2BVqbPQmqlQ8EkGqPs3fhDAiXB1iqF3FucHCAK4aWWJAzW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f8ab8ec2d1859a7-MXP
expires: Wed, 29 Mar 2023 11:39:25 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 40ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-7f20a"
vary: Accept-Encoding
x-hw: 1649417965.dop146.fr8.t,1649417965.cds267.fr8.hn,1649417965.cds269.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124434

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 32ms
12ms Stylesheet
text/css 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
server: nginx
etag: W/"620cd700-8c85"
vary: Accept-Encoding
x-hw: 1649417965.dop146.fr8.t,1649417965.cds267.fr8.hn,1649417965.cds272.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8323

GET
H2 200 jquery.mask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.9/ 7 KB
3 KB 81ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.9/jquery.mask.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fd6d97c5e1e295a7c66bceaff39daf165a8e65ae8a8dd7228443caaf05f2b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ajuda.serasa.com.br/
Origin: https://ajuda.serasa.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8106755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2797
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1d13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUGOjcephUnqYXef3Wt%2F75pSkHZghv9ZVQteuHbGNOqdlDKKnEzL5BBNKxcFDRY%2FvqqjOVX3zWr4HAGIl95uZ5KuntJTm6sNRwUjnB0Sn0w849YFSp3rvPkFXG4thviNcT7vBFY5WkfGa9tio9P3GNwh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f8ab8ec3b780f6a-MXP
expires: Wed, 29 Mar 2023 11:39:25 GMT

GET
H2

200

helpcenter.js Show response
static.zdassets.com/conditional_fields_app_hc/latest/
Redirect Chain

https://assets.zendesk.com/assets/apps/conditional_fields/latest/helpcenter.js
https://static.zdassets.com/conditional_fields_app_hc/latest/helpcenter.js

63 KB
19 KB

34ms
33ms

Script
application/javascript

104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/conditional_fields_app_hc/latest/helpcenter.js

Requested by

Protocol

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c1a64732de92fe691f38055f446c114cba9df7e63b2ccc35015e57c7513fc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 580
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: T5GJDQSDGPFC3RD1
x-amz-id-2: sac547lVvjjIZKSz//XyBMemuIED/0kZS4+7trqFIonrpEHxzcIo3UWDvI4y/MILQvnc8oCMa0o=
last-modified: Wed, 05 Dec 2018 23:42:03 GMT
server: cloudflare
etag: W/"06dadc6c7364cf7662b03515664be760"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn7X1T7lT7H7S4eb5CVsuYZ%2FFU%2FWfCDXxX88zd0ZYAQRg1wWHNG%2BZAHozVO8my9TOK5THJlc522DDmyBjJxcwH6QNRS7lwecGZdfO0wq3GHMxboCAGebW93MQRXbylJorA40Z2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-version-id: 3aS1wWYF1HCvCctTv8qQiOsRRZwVNgEk
cf-ray: 6f8ab8ec6c7899d9-CDG
expires: Thu, 05 Dec 2019 23:42:02 GMT

Redirect headers

date: Fri, 08 Apr 2022 11:39:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 300
strict-transport-security: max-age=0
x-zendesk-zorg: yes
x-request-id: 6f8ab1975b539186-FRA
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXxueGQPIian0K988pTotthSgrv49G3B%2FJcCS0GcGi4yoCIe9IKLJVaL67ZI%2B0zxD1ZWLnLTczz5vjiZzPYJ9V9ZG%2FGa2myhiKOSPyX4PSrqQJN76AvKpNJlDG%2FSiSU20EzZLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://static.zdassets.com/conditional_fields_app_hc/latest/helpcenter.js
cache-control: max-age=600
cf-ray: 6f8ab8ec0e729183-FRA
expires: Fri, 08 Apr 2022 11:44:25 GMT

GET
H2 200 sweetalert2@8 Show response
cdn.jsdelivr.net/npm/ 62 KB
17 KB 75ms
35ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40473
x-jsd-version: 8.19.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19143-FRA, cache-iad-kiad7000104-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"f9a3-83/dkKMqqE70ruguVvt5jysji+A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvZeWduXO1agcI9SxHQWsfsgoXn8t96J6Okoh%2FyNgnZ1iLsIyqMvSpCnV0RpBMbxAM10GxcM4UbAoE%2Fabwwb6shM%2B3OJQCdkzeHq3KbOx1tT%2Fm8m4UCkBAuw8lAbddmaS%2Bd7dZ9XC9mxgNi2XQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6f8ab8ec282159b3-MXP

GET
H2 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/ 23 KB
5 KB 72ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/jquery.mask.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3edcd35f57ed9849a3f18522017d304c843e75d4c0195b763222ccb06b003313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2563020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4938
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-5a58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuWatN2zxMYxcAHb2eljw4k4xB2WIz5Mnl8S%2BD5GcZYmdpVC%2BqDu%2BuBVfzKfogm4dguTzI7uJ4qEbU77eCugP15Ws0TAMH8d8%2B0Lw%2BYDpuoQPkhjL4aFMRCbqSYjWHzgYAsuokuZyJFPd2zAeyvj4e6p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f8ab8ec2d1959a7-MXP
expires: Wed, 29 Mar 2023 11:39:25 GMT

GET
H2 200 mailcheck.js Show response
cdnjs.cloudflare.com/ajax/libs/mailcheck/1.1.2/ 8 KB
3 KB 89ms
49ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mailcheck/1.1.2/mailcheck.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffd0f1a8998b84c05b08ff0e234e5b02d69f4fd5982def489be7dc36ed72b44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2880443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2217
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-21cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPsPj%2BcD%2B4vEFBvQ%2BFkG5Rs7n8%2FpGxvzu%2FSe7cJl6Dzar21P7fHmSV%2BJLCEKG9I8hs%2BRlcYjwVEoJ8ZHl%2FI%2BWAZOJPZH3wp5CsX40EhBOpJn1V8B98H4k%2B8znaG%2F54uaUtv1yyqiLxGiMufojUqrX34w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f8ab8ec2d1d59a7-MXP
expires: Wed, 29 Mar 2023 11:39:25 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 1 KB
716 B 88ms
48ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 118384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VM8d%2B5AmnRXDQkJFNvqRkUtcROmyI37mLribYuzinI1Wy4A1rPPJLK3DfmF14%2B%2Ff%2FEoNwwO%2FbpEB30ubCvB4TiNtkuYKdrjLEoJ2YD9n%2BRJMqRZnhs7vkvApdBE6ygRXAv3QSVE23ZQTA3YJg2WHmr2P"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f8ab8ec2d1659a7-MXP
expires: Wed, 29 Mar 2023 11:39:25 GMT

GET
H2 200 api.js Show response
ajuda.serasa.com.br/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 25ms
23ms Script
text/javascript 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/cdn-cgi/bm/cv/669835187/api.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdcEIn2IvqH6RzAQOLrkpkcXJdKmokolI7uIoTiYq%2FDj3HBjjGbeJnk2LYQLGsblZ9Gt5KTbFa3AV3rtwN71wOVdWOF%2BHw3AxHr00x2%2B1Wi4fMUq5oQncYAALn0aytHTGzrC%2BAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6f8ab8ecc9de926e-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 67ms
31ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

a5abb09db0c5e8b3bdef42c4eaed45cf4a6d660586942f5cb7998a9df6e428da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28293
x-xss-protection: 0
server: sffe
etag: "1181 / 61 of 1000 / last-modified: 1649416227"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Apr 2022 11:39:25 GMT

GET
H2 200 69a88bbc97b6f612454ed33837665cf83a4ba4ee.png
theme.zdassets.com/theme_assets/2029595/ 6 KB
7 KB 51ms
40ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/69a88bbc97b6f612454ed33837665cf83a4ba4ee.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe32d9e8c5b91d60410c08d8fa519796439792744528d5a01bde953a60428712

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 efde5be81ce9c9a89c77d96186504846.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8197
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 6231
last-modified: Sun, 28 Feb 2021 00:08:19 GMT
server: cloudflare
etag: "309bf36aefe0731606e5add035e14404"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXUZt3p8GSD%2BtdJ9ogyKgyHK5HMXxwaLxfqsd34NSEwMgFmR8C6OiDwc3zUHwHf33DzKredRSVKkuW7pFGw%2BxU7VWzBn5gDRw5DGWyir9JJTgXIgYZtQUqy3XawCEA9KYgl0HA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: IfHzCRqXvC.j2MAO1sWO8.Xcr9ycjNRz
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG52-P1
accept-ranges: bytes
cf-ray: 6f8ab8ecdd6799d9-CDG
x-amz-cf-id: rnY0DDfLAdoxnG4MThoc3wllZYeG6zELj1wntmn3s4pp4wVqSxzriQ==

GET
H/1.1 200
OK dea6c07769c06d2043b5cb74146ddb86.js Show response
cdn.agentbot.net/core/ 802 B
788 B 420ms
98ms Script
application/javascript 104.236.60.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.agentbot.net/core/dea6c07769c06d2043b5cb74146ddb86.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.236.60.225 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f5cd0d0af73325ea04c9b99435d3d4018dc0a048a41987cc94fcf3eb8a06e698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 11:39:25 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 484

GET
H2 200 1d903b0e11f8f745e039543bc5a23331fde40bfc.png
theme.zdassets.com/theme_assets/2029595/ 6 KB
7 KB 89ms
79ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/1d903b0e11f8f745e039543bc5a23331fde40bfc.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b826baf4b1c464fb6f997c20dd47e496f30a58d1efc8432e3b33fb0872a90862

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 7aef920ed20c713960127526fa3a88f5.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58787
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 6558
last-modified: Sat, 20 Feb 2021 23:23:13 GMT
server: cloudflare
etag: "7c2306ff2b5eaa7723da25b59b489acb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFl7V9dS5eHYnMi2ehUBIGNRl4ijW9DKviUjZXDz4PysPuv0EgI6TO0493T6xLlTd4gfpaIniJ3yacviD%2Btgp3XpQ%2Fe3aPc%2FWRiWDkOxSLycOE95xlii7%2BAq8O0Ia5ak76Ep5w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 8QOe6lFMgT2OoZucvWMrbArkHcees_7j
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
cf-ray: 6f8ab8ecdd7299d9-CDG
x-amz-cf-id: DyvGAtVEL8oZfIk59Ky_QGRHIPbt2EufFJaH-ufXaStDJMUaw97RnA==

GET
H2 200 5ae6a2a27c0f986f606c2e576cd74e83f9e68e90.png
theme.zdassets.com/theme_assets/2029595/ 7 KB
8 KB 89ms
79ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/5ae6a2a27c0f986f606c2e576cd74e83f9e68e90.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26186ef31ef35679017179c6639f347c58e4eb941ba9a262a4b8584dcb4e8ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 e01ab9056cc78875229a55be936f41ee.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58787
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 7200
last-modified: Sat, 20 Feb 2021 23:23:14 GMT
server: cloudflare
etag: "e2b25241cb25e9cefd04a6b299ea90e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSfLJdNPKkU%2FrVmW2cahTvbbanPRQ2oAMMuzz13IOJsrOtZUC5KtsFH%2BR3RNPPK7xaa2pCdZYPTofv1ugpyD9g4Z%2B1d4e3A%2FZiNs4P7Rn7dClxbhceZG8XrX1MhYEzF6dwoESQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 8ImGdfHBxbBiTt9yqG7IcXOyKAjH0STc
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
cf-ray: 6f8ab8ecdd6a99d9-CDG
x-amz-cf-id: HgXMIiXm1gfhYRvIUwfkOBGd6phZvn4Jk7NHDV1fZtDdxQx0lPVg8w==

GET
H2 200 ee5cb3e3a6a5d18c0b00d556b92ee7ad74aec850.png
theme.zdassets.com/theme_assets/2029595/ 2 KB
3 KB 89ms
79ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/ee5cb3e3a6a5d18c0b00d556b92ee7ad74aec850.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce61e05539704fb07f314ebadf3e65416ffa784626a3cda98623b84c1cafefe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 3808ed40220bada3ae901e3a58b94244.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8237
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 2105
last-modified: Sat, 20 Feb 2021 23:21:12 GMT
server: cloudflare
etag: "3ed26a7e7a65e8fbaac529f3c9c57061"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zl0oBaLLzsIZYtD%2FmRrBBjyIN1jEuaAdxjuVQXZbMPkaK4qrixetUBXZHHVTkup1wdizU4bILBbSjzY4RTWm1fn2DfE1YJMH6NLj2RtJUtdB5ojppjPBPUWLGvK15KqOnQgasw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: KwVXwHt_W1gMIVBlj6AXaIwmhj5ADVjW
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
cf-ray: 6f8ab8ecdd6f99d9-CDG
x-amz-cf-id: TIvpP0JEaDVpBaj1Kciv6mmdzaMqvQj_P0YZY4_FN4ou92mJti3hpQ==

GET
H2 200 9e0d453da3b5056819631b2b1a9345cf4f9f7258.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
4 KB 88ms
78ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/9e0d453da3b5056819631b2b1a9345cf4f9f7258.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

006aabd877ee1ccdc2bd16cee536f4536a4f3981d9cb76ae6cfd1d3f25129a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58788
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 3295
last-modified: Sat, 20 Feb 2021 23:21:13 GMT
server: cloudflare
etag: "266948f5416e85e42af6f4456a54a483"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Muu9ht8%2BgBFTA4em5icbtIknJAP%2B01XY1PzxM84L7%2BHpt%2BmweWpYweGtIfyjHwWPtnWgZw1p%2Fd36bNF1WF%2FvUNMwNrX8hBvjXlNIAFNsWexzmpbsUqQxMbK1MVEWDKSDjWwAHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: RyuMEdegMi8DUY6GLMWr1di1ltvtaVzF
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG52-P1
accept-ranges: bytes
cf-ray: 6f8ab8ecdd6c99d9-CDG
x-amz-cf-id: lRisNTE8MyiFyyI1UbGDL9U8QdcKIDdywkV3lnfTkod5Lgs9v0QkWA==

GET
H2 200 dc9c10e062be30c6cfaff2a8e6ba71d122ccecda.png
theme.zdassets.com/theme_assets/2029595/ 1 KB
2 KB 89ms
80ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/dc9c10e062be30c6cfaff2a8e6ba71d122ccecda.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f41c1bfd9141177523d3ba40196be30dc3056fd1fdc5067eca64e9b1b915bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 e9e1ae0211eb8060a9bf55183ccf8788.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58787
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 1372
last-modified: Sat, 20 Feb 2021 23:21:15 GMT
server: cloudflare
etag: "433ca788a305be039c7912db1aa397be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORTQP8u2w3aKvAM10M%2BBNStTPRYgmhSaXiAM9zRV%2Bnp3g5myBHlCGKHdfIjMgHbNWnB6oW2AuMwNCzxIlqVupibVIw9zKhjuQK5ehx14TzV5v2ErMCKPqzHZc1pe2JoYwpArrA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: aPeVoYP64gtetXI0YxDG2.oVHZAl.Mom
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
cf-ray: 6f8ab8ecdd7099d9-CDG
x-amz-cf-id: Lo4INffBm3tOEjWDMdseMWaH6NqJ4eZGTfCu8xjMtN2tzFfc466wBQ==

GET
H2 200 77ef7b9f7c550a060fee3f6e058a2a2e9a4d0e76.png
theme.zdassets.com/theme_assets/2029595/ 1 KB
2 KB 51ms
45ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/77ef7b9f7c550a060fee3f6e058a2a2e9a4d0e76.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1f0c11a70973083a31465b27bd503c6cbcf216f208a2bde6862460a38cf01c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 322aee8aa5d1b8e91a9db30a8244f179.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58787
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 1517
last-modified: Sat, 20 Feb 2021 23:21:14 GMT
server: cloudflare
etag: "00ffc9d6a78332984815173bd818d2e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOO6IjmWAo%2FQ%2BQewQeYJUgsAf0arHBKZw3Dit3dk5Mf7bdZwnPywlSg7aCd6jrM6Y1GbqbWJ4RrV8J07tUeknY%2BA5KIWshq8kYQQPNNiQnlKZq3ljSmqSEGrZdkBUP%2FPHy4sEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: OHPhprL_UD5DM2aYtOe9ZDWS96VVPUYb
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG3-C1
accept-ranges: bytes
cf-ray: 6f8ab8ed6e6f99d9-CDG
x-amz-cf-id: 93OBtY17224q_dqQHjvznk394CmOAG74TkAicNEkXHeV8SOQSnHr4A==

GET
H2 200 334d039b4cb4c53e99f6e9445d1897b2613fc047.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
4 KB 52ms
46ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/334d039b4cb4c53e99f6e9445d1897b2613fc047.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

838823d4fc5054d84fbde32bbeb6cd22f18ea7d96edad521aacf170b0ebca411

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 59217f0941f089caa7fbc6da584e0d2e.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58787
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 3133
last-modified: Sat, 20 Feb 2021 23:21:14 GMT
server: cloudflare
etag: "2391b6822e2ef746c5a45a8a7a3e3f56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92JZgZ0PU5zl9gJzAiyCc4lmsYOrlbc%2BE1O5LlRkJ93%2BJ5vzbSuGP5sX2uqcuQrG9lDLPQacaExwSTAfzYuTXDHNT0J6Tj0Sl3Rb1WABA6uXyQOtU43E3NgLmILFx1IxBonQeg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: MtTXFBGl1wGuX9epx5qZXhZHC.g6OT3l
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG52-P1
accept-ranges: bytes
cf-ray: 6f8ab8ed6e7299d9-CDG
x-amz-cf-id: sJnw8gNgIXgVLaLDlnPmFZmJFLPMrZgYXBNKFLD0tvAfO70FWt3egw==

GET
H2 200 4ca996b6cb531f196b790cd0803e5060e1db5118.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
4 KB 52ms
47ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/4ca996b6cb531f196b790cd0803e5060e1db5118.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66d301290c1e9b6e4c9732d4d200f8a33f750f97a75b734fcc82c2ee605b073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58786
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 3521
last-modified: Sat, 20 Feb 2021 23:47:38 GMT
server: cloudflare
etag: "534bfc28d3a2b893053d135c9e7d2159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uunHEbOOuodUkMvJ2zSei1boIr5AjeSbPVWark0BUwNuFU42ZY59H2fUskHtCOR6QcUysfOjajWvuDKGmtLHtV0DcplG4LdmXwywHNdCBwCVyj9vpcX81j8dO5jFEM6BcFa7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LVbjS1CJo4UPZiXNovUmtJa0vGFnej3p
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
cf-ray: 6f8ab8ed6e7399d9-CDG
x-amz-cf-id: -Ojk1I5xP3V4pVJb9jHbz57BEgA_JiM8W7dkU_n96iTjWkEO6AnhzA==

GET
H2 200 pt-br.05c2556234b3c4a9bd1a.js Show response
static.zdassets.com/hc/assets/ 198 KB
37 KB 37ms
37ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/pt-br.05c2556234b3c4a9bd1a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

204110acea6098a6adc43156ed2e81914c59ba21abe2cdfdd9a6270f7fc91bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270605
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 74G4HSP79GYT4RQF
x-amz-id-2: IKLYoL/+O/6YXS9pHC5NozMXPM+LvFpvF9y8PoWqcLB76Bf6RCCpm3L01sHNqwoNcTZ8yV5HEtM=
last-modified: Tue, 05 Apr 2022 07:27:40 GMT
server: cloudflare
etag: W/"05c2556234b3c4a9bd1aadd466721c15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buovCcEPyAhtsHQxFseiDx5WEoyh504II1pdamJ1%2BU9zNDjC1KIuQXU6IzD6m2MTr5LbC9z8We8FeEL9ru6Nmqi8mN8o2%2FFWq9QMDahYU7I0hgjMs4InLAw9a7rwbppGKV34jIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: CGbOipxfpqKw_j73L56kKlt12tAnDpDZ
cf-ray: 6f8ab8ecbd0b99d9-CDG

GET
H2 200 host.js Show response
serasaconsumidor.zendesk.com/auth/v2/ 27 KB
11 KB 64ms
28ms Script
text/javascript 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://serasaconsumidor.zendesk.com/auth/v2/host.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46f51dfa02a9f96c84032f9ba066f3881096781bc142b26c98a3e4b947566468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 50582
x-zendesk-zorg: yes
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-zendesk-origin-server: classic-app-server-58cffb88cd-x5v6x
zendesk-api-version: 2022-01-01
vary: Accept, Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6e548070994d5c50-SEA, 6e548070994d5c50-SEA
x-runtime: 0.073779
server: cloudflare
etag: W/"46f51dfa02a9f96c84032f9ba066f388"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HogS83Rc17FO7WWbeo26xCMD652T%2BOsuTMvJH%2FvNaBhojp9qdNT1WxlWs7%2FejLjkBKT5M1bmOtX%2FBDiFfqSyS%2FJ8oCMezLlBfChEGo2HK3WBVBFqsq2ZmqZl5nUOSHljM73hV9%2FVCuuXCBgt16E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=86400, public
cf-ray: 6f8ab8ecfd449b51-FRA

GET
H2 200 hc_enduser-4efc38ad11d1e958b2ce305473bc4b9e.js Show response
static.zdassets.com/hc/assets/ 618 KB
184 KB 52ms
50ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/hc_enduser-4efc38ad11d1e958b2ce305473bc4b9e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81ac0780714c8aef309cea2eff23b216535d2c9b70290920da16d65165e8d9a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77111
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: VJ2ZHDPZK7XY6XBK
x-amz-id-2: hT5NVSOZVo/qyWntbF0rlfu976zjj/aiwibhA7BOfJ8ArAQQFWhvi4+H6bMZDN3cL+uMdhKzW5+Uwqv8zRStPA==
last-modified: Thu, 07 Apr 2022 14:12:07 GMT
server: cloudflare
etag: W/"cfdbba26b43b1e1bec15a72f678e2efa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEZ4GzMidgSlXVq7077jkS%2BaUXAH8pLAHp6M2DykMj3vX7D5K7O9goDpc5QSKBzO4uWTGszP65DFZ9tKy8s8nROfRiqwKXNNvkF9rjvo6Alfl5csK0ygD4RGVWpobqsaef3Ng%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: 6cpgbHrycL3Igi3EgA08pcg.n5wiDhYJ
cf-ray: 6f8ab8eccd3699d9-CDG

GET
H2 200 script.js Show response
p13.zdassets.com/hc/theming_assets/2029595/114094504791/ 26 KB
7 KB 40ms
38ms Script
text/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/script.js?digest=5233929039629

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30d8b7673f41672185843f69b79543c5eb50d57eecd92fdec573244a8e413ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76798
x-zendesk-origin-server: help-center-unicorn-664bdc7b4b-mssq2
x-envoy-upstream-service-time: 19
zendesk-api-version: 2022-01-01
strict-transport-security: max-age=0
protocol: HTTP/1.1
content-encoding: br
x-zendesk-zorg: yes
x-request-id: 6f53b685a8aa39ff-SEA, 6f53b685a8aa39ff-SEA
x-ua-compatible: IE=edge
x-runtime: 0.015985
x-robots-tag: none, noarchive
server: cloudflare
etag: W/"30d8b7673f41672185843f69b79543c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emXgwi40tNVB0hbf4K5FiQ2cIzBH71NgNN5GTeeTGqJUYsrHYRjD9RCMm46Z65AaO%2B%2BJckxgs9T2b0V9OSDu7YJXHPgRfOufdNbsn2qbevIO7CO8kebIwNlHU3p2YMnK0A4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800, public
cf-ray: 6f8ab8eccc9299f1-CDG

GET
H2 200 dd1b1db13ff1f72138c134c62f38fef83749f36a.ttf
theme.zdassets.com/theme_assets/2029595/ 168 KB
169 KB 114ms
50ms Font
application/x-font-ttf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/2029595/dd1b1db13ff1f72138c134c62f38fef83749f36a.ttf

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5233929039629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/
Origin: https://ajuda.serasa.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 51e38e49e0ed8139bfe27f40adfc4628.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27179
x-amz-server-side-encryption: AES256
cf-ray: 6f8ab8ed39df3a23-CDG
x-cache: RefreshHit from cloudfront
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
last-modified: Fri, 14 Dec 2018 12:20:53 GMT
server: cloudflare
etag: W/"3e1af3ef546b9e6ecef9f3ba197bf7d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztiUKLQwS%2Bf3d9C%2B7imAl16LGJkVij802OAH6CBFctURHV7tkQ%2FlBblFbSmfMw30pwf57w6KI%2B3fuxWlHBelxHtCt7KQh%2BKPTUSdLuYqrdVdQ5AEU0lwre%2BlJM5p%2FFtGPw4vIw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: EuIv9ejf3bymncVwL_gI7qxN48VZpQtR
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG50-P2
content-type: application/x-font-ttf
x-amz-cf-id: huWiRaKH7g-N_iLDIj0bllSiAft5ONkHSrBK1J2tADJJUzG83RYzXg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 22ms
21ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=164172033&t=pageview&_s=1&dl=https%3A%2F%2Fajuda.serasa.com.br%2Fhc%2Fpt-br%2Farticles%2F360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio%3Fcm_ven%3DExactTarget%26cm_cat%3DEM_LNO_BAU_ABRIL%26cm_pla%3DAll%2BSubscribers%26cm_ite%3Dhttps%253a%252f%252fajuda.serasa.com.br%252fhc%252fpt-br%252farticles%252f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%2525C3%2525A1-lo-Alerta-Provis%2525C3%2525B3rio%26cm_ainfo%3D%26%26%26%26%26&ul=en-us&de=UTF-8&dt=Como%20acionar%20o%20Alerta%20Provis%C3%B3rio%3F%20%E2%80%93%20Central%20de%20Ajuda%20-%20Serasa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1181066653&gjid=1781248842&cid=43521287.1649417965&tid=UA-34169623-7&_gid=200326458.1649417965&_r=1&_slc=1&z=2000669400

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ajuda.serasa.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ajuda.serasa.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 76ms
19ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-34169623-7&cid=43521287.1649417965&jid=1181066653&gjid=1781248842&_gid=200326458.1649417965&_u=IEBAAEAAAAAAAC~&z=1918317499

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ajuda.serasa.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 08 Apr 2022 11:39:25 GMT
content-type: text/plain
access-control-allow-origin: https://ajuda.serasa.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022040401.js Show response
securepubads.g.doubleclick.net/gpt/ 369 KB
125 KB 22ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

49adad57c43159e3b07daf3f0ae19e1f31d973bc3859ec4dcb647784f0677736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128155
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 08:35:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 08 Apr 2023 10:05:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 72 B
97 B 40ms
26ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ajuda.serasa.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

dc477ab682fe2729d0dc4fadc416897b131f9209cef31fe5c8b675bdb99663e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72
x-xss-protection: 0
expires: Fri, 08 Apr 2022 11:39:25 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 66ms
33ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34169623-7&cid=43521287.1649417965&jid=1181066653&_u=IEBAAEAAAAAAAC~&z=1462619294

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 65ms
32ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34169623-7&cid=43521287.1649417965&jid=1181066653&_u=IEBAAEAAAAAAAC~&z=1462619294

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 42ms
19ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ajuda.serasa.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ajuda.serasa.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 437ms
437ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3878864729388047&correlator=1788005375650480&eid=31066947%2C31065787&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fif&iu_parts=281426761%2Cserasa_centralajuda%2Ccentral_ajuda_artigo_leadeboard_top&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&adks=3968775647&sfv=1-0-38&ecs=20220408&fsapi=false&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1649417965112&lmt=1649417965&dlt=1649417964720&idt=359&biw=1600&bih=1200&adxs=436&adys=309&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fajuda.serasa.com.br%2Fhc%2Fpt-br%2Farticles%2F360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio%3Fcm_ven%3DExactTarget%26cm_cat%3DEM_LNO_BAU_ABRIL%26cm_pla%3DAll%2BSubscribers%26cm_ite%3Dhttps%253a%252f%252fajuda.serasa.com.br%252fhc%252fpt-br%252farticles%252f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%2525C3%2525A1-lo-Alerta-Provis%2525C3%2525B3rio%26cm_ainfo%3D%26%26%26%26%26&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x22&msz=1600x0&fws=0&ohw=0&ga_vid=43521287.1649417965&ga_sid=1649417965&ga_hid=164172033&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

d1685e8b9b7e03eaba14cbd0cfb0c55a175a500e009bfeb5837f648e230fb388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12143
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ajuda.serasa.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 82C7 6 KB
4 KB 75ms
16ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ajuda.serasa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 11:39:25 GMT
expires: Sat, 08 Apr 2023 11:39:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK core.js Show response
cdn.agentbot.net/core/latest/ 778 KB
205 KB 201ms
201ms Script
application/javascript 104.236.60.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/dea6c07769c06d2043b5cb74146ddb86.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.236.60.225 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

48f06ee1e5c731e2cb399cbb155bf6ddddf9e446b949908ea1a0f94860097903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 11:39:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Mar 2022 20:09:49 GMT
Server: nginx
ETag: "c28e6-5dae84fcc3ae4-gzip"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes

GET
H2 200 f6783010d5def128c4a1539333324f75701d9bab.ttf
theme.zdassets.com/theme_assets/2029595/ 168 KB
168 KB 37ms
37ms Font
application/x-font-ttf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/2029595/f6783010d5def128c4a1539333324f75701d9bab.ttf

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5233929039629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/
Origin: https://ajuda.serasa.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 24e6529ea30fbe719bde2164c1fe9238.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74757
x-amz-server-side-encryption: AES256
cf-ray: 6f8ab8ef3d223a23-CDG
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
last-modified: Sat, 20 Feb 2021 03:03:20 GMT
server: cloudflare
etag: W/"58aef543c97bbaf6a9896e8484456d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBBmitkbzSF4fQ%2Fia0dd6Ddzhi6nuFh%2BMEPRgiPhzKUkjDSzSkjVoza%2Bo8lipAXn9581gouYHeoYK3Df85xWsr0bI4GWsTl6mCpKEtVAhb0BSP1RFN8wITtsIwWFVxcciqVqww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: zAM6xFjeT4.7isikbchG3tBx3dFfYhNG
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG50-P2
content-type: application/x-font-ttf
x-amz-cf-id: NfsmpJvY931l8X839p0P0b4IR0Y4FEBc4K5xKAo9bwM50xPX6I0Wyg==

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
20ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ajuda.serasa.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ajuda.serasa.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 11:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 hotjar-2469592.js Show response
static.hotjar.com/c/ 4 KB
2 KB 46ms
17ms Script
application/javascript 108.157.4.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2469592.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-113.dus51.r.cloudfront.net

Software

Resource Hash

8cdf19d3403a42f8a84bdf023368c392d65b247cd6fff587dd308c430cd640df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1919
access-control-allow-origin: *
cache-control: max-age=60
etag: W/3a49db56603c0ad16030939851a6d96c
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Lh564Ww_SkjK88aeyo85e-yR69eRsEf2AsLfpf2PHLlzqE5lq8vpSg==

GET
H2 200 0ce37ced9c5fcac9bdc452a432c1258870ba4677.ttf
theme.zdassets.com/theme_assets/2029595/ 167 KB
167 KB 52ms
52ms Font
application/x-font-ttf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/2029595/0ce37ced9c5fcac9bdc452a432c1258870ba4677.ttf

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5233929039629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/
Origin: https://ajuda.serasa.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 7526a0b7bfa848d05d560d12a314a7c9.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27178
x-amz-server-side-encryption: AES256
cf-ray: 6f8ab8ef3d453a23-CDG
x-cache: Hit from cloudfront
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
last-modified: Sat, 20 Feb 2021 03:03:17 GMT
server: cloudflare
etag: W/"ee7b96fa85d8fdb8c126409326ac2d2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gEMZczY2Qkkw7gJcsK%2BXQvd2VAYbKBDP9V4rbOEgrquGJMoAgu7i95HNhFbwambmZxNVQm1waxeVQVRbUi6mWNwA3GAVwMh2Vb%2FrHUcRguDFmx3cri41aAbxT2kaqx8WgCAZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: NxArhaQtkw2wgZXJpzBKcLGt4dOAdttA
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG3-C1
content-type: application/x-font-ttf
x-amz-cf-id: DSH6eg_zQzGxjnNzz_OmaWKaaC6v0cpngL0ne6sb_8iSHFHDJw9Cvg==

GET
H2 200 a7cf9fd064d4f719e3ed5a0481bb5f5793e11e48.png
theme.zdassets.com/theme_assets/2029595/ 14 KB
14 KB 31ms
31ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/a7cf9fd064d4f719e3ed5a0481bb5f5793e11e48.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5233929039629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05ad3b768943f707a28a890757381563494068df29222c803cb43baba65488b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:25 GMT
via: 1.1 32a3d8b90281de379fa6ae275a2021bc.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41485
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 14278
last-modified: Wed, 03 Nov 2021 16:48:18 GMT
server: cloudflare
etag: "23940a86a311c5faaeba262d3c726a4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12HC5VPjtr9Q9L%2BjHKTKGqBfPEQ%2Fe8WqEKHWF1n7cE3MUNfKqzF%2Bc5EQFIspmP6b7FpBH%2B8BsozFBgpAlcnoW%2BeTxNp2VJBEv1ItIBkTqkLt9%2F11uOKZhe%2B0ISyGwd%2BYsH9xSA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 2yIepN3pmCXJZPJP2tDPT111GKuczOT2
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: CDG52-P1
accept-ranges: bytes
cf-ray: 6f8ab8ef59ff99d9-CDG
x-amz-cf-id: LwFYOpBkZH3Y-5UtkV1Sz19R7CB8YRhE55-LX7CCgshPTbVf91SAzA==

GET
H2 200 360012331832 Show response
ajuda.serasa.com.br/api/v2/help_center/pt-br/sections/ 514 B
1018 B 328ms
328ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/api/v2/help_center/pt-br/sections/360012331832

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ae56b65ec006cba7103d4755cad1ba299c460a5e44b1b0cdb66a186a77f8c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-zendesk-origin-server: help-center-unicorn-765954b689-fgkd7
x-envoy-upstream-service-time: 67
zendesk-api-version: 2022-01-01
protocol: HTTP/1.1
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6f8ab8ef5db9926e-FRA, 6f8ab8ef5db9926e-FRA
x-ua-compatible: IE=edge
x-runtime: 0.064115
server: cloudflare
x-zendesk-api-version: v2
x-frame-options: SAMEORIGIN
etag: W/"7ae56b65ec006cba7103d4755cad1ba2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBKpEgAuWTwlEcyWK%2FerdRnA0V4aBEPM0hvlyNfsRUK%2F2NGd8nROWS6cLIiYtH%2F1Iwzxryk7xrGVt0dCyo0dRdlsTD8OPAg7iDv%2BqCQR0MbkgOeskTYZjvY1QcMk9DM6bq4q1XQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: max-age=0, public, s-maxage=180, stale-while-revalidate=60, stale-if-error=10800
cf-ray: 6f8ab8ef5db9926e-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 690ms
689ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3878864729388047&correlator=1788005375650480&eid=31066947%2C31065787&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fif&iu_parts=281426761%2Cserasa_centralajuda%2Ccentral_ajuda_artigo_anchor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=2&adks=3781204470&sfv=1-0-38&ecs=20220408&fsapi=false&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1649417965305&lmt=1649417965&dlt=1649417964720&idt=359&biw=1600&bih=1200&adxs=436&adys=1110&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fajuda.serasa.com.br%2Fhc%2Fpt-br%2Farticles%2F360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio%3Fcm_ven%3DExactTarget%26cm_cat%3DEM_LNO_BAU_ABRIL%26cm_pla%3DAll%2BSubscribers%26cm_ite%3Dhttps%253a%252f%252fajuda.serasa.com.br%252fhc%252fpt-br%252farticles%252f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%2525C3%2525A1-lo-Alerta-Provis%2525C3%2525B3rio%26cm_ainfo%3D%26%26%26%26%26&frm=20&vis=1&scr_x=0&scr_y=0&psz=1160x0&msz=1600x-1&fws=512&ohw=0&ga_vid=43521287.1649417965&ga_sid=1649417965&ga_hid=164172033&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

f89cfa0193094d175fce0382c11fef8a731816251d128f43d08eec02a5e60aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9584
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ajuda.serasa.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 1001ms
1001ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3878864729388047&correlator=1788005375650480&eid=31066947%2C31065787&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fif&iu_parts=281426761%2Cserasa_centralajuda%2Ccentral_ajuda_artigo_skyscrapper&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=3&adks=1661103190&sfv=1-0-38&ecs=20220408&fsapi=false&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1649417965309&lmt=1649417965&dlt=1649417964720&idt=359&biw=1600&bih=1200&adxs=276&adys=884&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fajuda.serasa.com.br%2Fhc%2Fpt-br%2Farticles%2F360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio%3Fcm_ven%3DExactTarget%26cm_cat%3DEM_LNO_BAU_ABRIL%26cm_pla%3DAll%2BSubscribers%26cm_ite%3Dhttps%253a%252f%252fajuda.serasa.com.br%252fhc%252fpt-br%252farticles%252f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%2525C3%2525A1-lo-Alerta-Provis%2525C3%2525B3rio%26cm_ainfo%3D%26%26%26%26%26&frm=20&vis=1&scr_x=0&scr_y=0&psz=232x867&msz=232x0&fws=0&ohw=0&ga_vid=43521287.1649417965&ga_sid=1649417965&ga_hid=164172033&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

20df98277c86a9a13b8baa9a0ca32f27171c43759e1906950ad3333d452b71ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9492
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ajuda.serasa.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 react-5fcaf0bc8b418fffbf611da1260ce6c9.js Show response
static.zdassets.com/hc/assets/ 135 KB
43 KB 46ms
45ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/react-5fcaf0bc8b418fffbf611da1260ce6c9.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4efc38ad11d1e958b2ce305473bc4b9e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1ab87b85f9b4fe02797c9ff8dafbded313b0bde855d1535678619b001be0ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 258317
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: ZHEJRRVZY62RPKHP
x-amz-id-2: YoSBx2sEMcwoP1+c4X2cjABAilRk+qSqjVR3IrlBl8TTOt20AwGjl222TfEsrO3w1j/pYZtaKoA=
last-modified: Tue, 15 Feb 2022 11:51:49 GMT
server: cloudflare
etag: W/"0581f7f4a720b7916d91a4ac9d6e1c69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0JvoFjUx2tdZB3urCZuilpgX3maqfQByiz7CyFiyKJK%2B0OZGnm60XA85zjg9LLjUZLew4EejiWgn%2F6hvApts4tbc%2B6HIHAaxw88YEAojsbOBKZLH%2FAdXJqqSN3C1dXDYFbUKv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: hztrmkVtALc5SSxlwMiwdA7I_keHkOhC
cf-ray: 6f8ab8efdb0e99d9-CDG

GET
H2 200 Notifications-1a3bb287b50ffd3279be4b54948ba14b.js Show response
static.zdassets.com/hc/assets/ 7 KB
3 KB 34ms
34ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/Notifications-1a3bb287b50ffd3279be4b54948ba14b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4efc38ad11d1e958b2ce305473bc4b9e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8597bd147a5decfba88e3cdc9c8179319328c238e8f012deb158b3d6ac4250c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81312
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: CMTA1Q0SM0GGNYHH
x-amz-id-2: PqyO53bs74pgWTwso6wbTYDm+LFts+nSTULY5rBmewzVnQ1z9lSATb+mj4xIiQTQk/e1NzCZYpM=
last-modified: Thu, 24 Mar 2022 13:01:09 GMT
server: cloudflare
etag: W/"98e9fb54f75bff12c6b57481de1f3388"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGPut%2BjXjM8Ck3pEKJzlCVN3xEjX%2B2JMhsSQmXxJe%2BtBMsDtnqvs8O5AUE8dZU9f1AxrbzGWYi9mWvlHNM7o7pP5jW%2FJc7i2TLQG70HwDh00BaxPeWrfvD%2FPcPNjjiOV61%2FETBI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: EqRgqwDBMRlfkqB0iCeMS3zeQ4TE3Tgy
cf-ray: 6f8ab8efdb1299d9-CDG

GET
H2 200 VoteControls-396bd1fd80540a305f8c02345ab1811b.js Show response
static.zdassets.com/hc/assets/ 5 KB
2 KB 35ms
34ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/VoteControls-396bd1fd80540a305f8c02345ab1811b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4efc38ad11d1e958b2ce305473bc4b9e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b94ca272a3d8a1846e379ff4ca560dc846a49310a1f64b737f89c99aeb3b6a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290692
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: V1ACRPYCP3J16HY8
x-amz-id-2: 2sHoaY+cmWPEJ0BIVrLU6h4sjpoxdXMzOZxp/JEkdxzbCgsVIOlaVfgxqJaQVjGm4yauXIbVrVs=
last-modified: Mon, 15 Nov 2021 13:14:24 GMT
server: cloudflare
etag: W/"2c91ed5e0d9717132e60eac9ac97b302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nucodnniwcoXsB1kitYlf%2FBIz3w3oT%2B5R6ZSPr4X7vTmZfULNXZzfUOvHErRYb%2FUXJmzO9TPB0AZKJ98J7l64ye4%2Bt%2BA5wXCF5j2292x1tjsd1948luaNXWwkR3ra4Mqgic5aUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: fgr8802zyUfbxrZy5as6gYill11VAves
cf-ray: 6f8ab8efdb2399d9-CDG

GET
H2 200 vendors~CommentActions~PostActions~actions~subscribe-381162c56d16e0396aa4b333723b5052.js Show response
static.zdassets.com/hc/assets/ 23 KB
8 KB 35ms
35ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/vendors~CommentActions~PostActions~actions~subscribe-381162c56d16e0396aa4b333723b5052.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4efc38ad11d1e958b2ce305473bc4b9e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95e3ff0fbf7dbf5df571f6f69b1d4afafa00c320f7bd38c26e5d9e270e6b962e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 267938
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 78BSB52896ARJAZD
x-amz-id-2: 9UPNV17wh9sd2IkDnvKuQQdSrXEEXxz+bXjwtGQIvjvXShBwAsggCOxRSClcKK90NTrudu1eu2c=
last-modified: Tue, 05 Apr 2022 07:27:41 GMT
server: cloudflare
etag: W/"a75f239937f145ef90ce58ea5054879b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7NeSeHKCyZCsKtENaYb1%2BOXdLnYy6puWYWGH%2BVtH%2FC4Nx9zV0bW6778119eUhk%2ByymfjjD%2F9tFzrZR60F7MUcOEHgMH%2B5L8ch7zZRpaARI3WHfKUpK%2B0h8v7LvlgoBnMJcwPD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: pfI1xqA1jisToaB4pFijf0qeMQb5LMTL
cf-ray: 6f8ab8efdb2699d9-CDG

GET
H2 200 subscribe-f703542e15f9772cc891ee0b52634516.js Show response
static.zdassets.com/hc/assets/ 10 KB
4 KB 34ms
33ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/subscribe-f703542e15f9772cc891ee0b52634516.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4efc38ad11d1e958b2ce305473bc4b9e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5210ae0e4bff21331c4c9cdc7ca22276aefe687fb9f49c3215917dfbdb04a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81312
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: CMT8ZX3VK6SZENFR
x-amz-id-2: GF8qgYPHAbAdu9FBdn96suHKis4nZyPvfgRaA1nldAmKrrW8aOjPbpI92xeZrc3U/6PpqR31xXk=
last-modified: Thu, 24 Mar 2022 13:01:29 GMT
server: cloudflare
etag: W/"5b689e2879a348893a432228aaf8db24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pePUsTty5kjeAqfEhVMkGX8Z4CwAe5cczDx%2BxEvDfsl4cxnfjxRgN63j48k20eqaVi%2BXmuc1KKprg%2F5muSUoU9uFksLwfntv%2FvDlZG4%2Bgm672BgoQpYNjM8JgDuvAA2pPcyfrHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: qRM.UtGFpeQJyhJKzdarbyUW4RxHjx57
cf-ray: 6f8ab8efdb2799d9-CDG

POST
H2 200 view.json Show response
ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/360012553371/stats/ 0
586 B 267ms
267ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/360012553371/stats/view.json

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4efc38ad11d1e958b2ce305473bc4b9e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-zendesk-origin-server: help-center-unicorn-765954b689-kf9pg
x-envoy-upstream-service-time: 75
zendesk-api-version: 2022-01-01
protocol: HTTP/1.1
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 6f8ab8efde71926e-FRA, 6f8ab8efde71926e-FRA
x-ua-compatible: IE=edge
x-runtime: 0.071864
server: cloudflare
x-zendesk-api-version: v2
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqmvta31LuIxxL2KGn2puyMZfTNa6JgT8qX4FkXm891lPu8OUcHovulBzKwUib%2FdIIshWvc2YXpgZezwz25%2FCNFSMSGV%2F4WEbHH78fyINJg48f3gzLcBg8aN%2BJPEFBrp237ynUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ajuda.serasa.com.br
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 6f8ab8efde71926e-FRA

POST
H2 200 activity
ajuda.serasa.com.br/hc/ 0
0 203ms
203ms Fetch
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/hc/activity

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4efc38ad11d1e958b2ce305473bc4b9e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-envoy-upstream-service-time: 4
zendesk-api-version: 2022-01-01
x-xss-protection: 1; mode=block
x-request-id: 6f8ab8efe38e926e-FRA, 6f8ab8efe38e926e-FRA
cf-ray: 6f8ab8efde76926e-FRA
x-runtime: 0.001925
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
x-zendesk-zorg: yes
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U90cCapGDakCL7btDnfQoI0uRmWNRnee97FzzMd6xYbCAcIDFm%2B6zUxzl5ehGiZ%2BTnPBuNNNQCI13J42m3X2tWltxRPQPcloJC60cm29zCiYPxFqOr81kr0HaoAZBH6zIbzBsBA%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
content-type: text/html

GET
H2

200

360012553371.json Show response
ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/
Redirect Chain

https://ajuda.serasa.com.br/api/v2/help_center/articles/360012553371.json
https://ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/360012553371.json

4 KB
2 KB

271ms
270ms

XHR
application/json

104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/360012553371.json

Requested by

Protocol

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1a867068048eea5deec3c8d44a316c9bf770f7a770226dbdceeb4db79060ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:27 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-zendesk-origin-server: help-center-unicorn-765954b689-8rnb5
x-envoy-upstream-service-time: 80
zendesk-api-version: 2022-01-01
protocol: HTTP/1.1
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6f8ab8f48e91926e-FRA, 6f8ab8f48e91926e-FRA
x-ua-compatible: IE=edge
x-runtime: 0.077062
server: cloudflare
x-zendesk-api-version: v2
x-frame-options: SAMEORIGIN
etag: W/"3d1a867068048eea5deec3c8d44a316c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUHxC7fRkpi%2BUwxOmWp6DajmVAiF%2BUB29i2A%2F7SRdPKc0IalTORtxjr5oYu7QmPorW4WImALlXislNMJBPNzyeSnBOAxhB2y%2BQE8pCCccN9%2BZJn1FkCBlABWUw0UgGI74IoiCZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: max-age=0, private, must-revalidate
cf-ray: 6f8ab8f48e91926e-FRA

Redirect headers

date: Fri, 08 Apr 2022 11:39:26 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-zendesk-zorg: yes
x-zendesk-origin-server: help-center-unicorn-765954b689-5sjxt
x-envoy-upstream-service-time: 51
zendesk-api-version: 2022-01-01
protocol: HTTP/1.1
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6f8ab8f01ed8926e-FRA, 6f8ab8f01ed8926e-FRA
x-ua-compatible: IE=edge
x-runtime: 0.047442
server: cloudflare
x-zendesk-api-version: v2
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWEIUaRheJjhAkItOACTChZ9MieLrMaXMATCoxe2365lS82AZF8C%2BfDVFNLfSBwavcXhwH12yYQG4B93ngD7xDy%2FBHMjhqNqtuxLCd2NbvFQWVryAhRluNItS1Wfgaj5ZxGQMyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://ajuda.serasa.com.br/api/v2/help_center/pt-br/articles/360012553371.json
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: max-age=0, public, s-maxage=180, stale-while-revalidate=60, stale-if-error=10800
cf-ray: 6f8ab8f01ed8926e-FRA

GET
H2 200 modules.9beafb9ca96c2f868fe2.js Show response
script.hotjar.com/ 236 KB
62 KB 39ms
11ms Script
application/javascript 108.157.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9beafb9ca96c2f868fe2.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2469592.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-86.dus51.r.cloudfront.net

Software

Resource Hash

95f2a2d9bf981b3f923cc601270603e88c14767e7e29310eb2d8b6b1407457f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 242360
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63051
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 16:20:05 GMT
etag: "74214ff5f7e679f43ba048194d7bf23c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: rmv2OfP-_UgTOQznaPVF4Si8IAZ6uYmF4BVXso0GBDdhAoLw1h60LA==

POST
H2 204 result Show response
ajuda.serasa.com.br/cdn-cgi/bm/cv/ 0
511 B 10ms
10ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ajuda.serasa.com.br/cdn-cgi/bm/cv/result?req_id=6f8ab8e57e48926e
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f8ab8f0c806926e-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nch2uNduVY3erFO0%2BNTuCgHrOGdYBLiQsqO1UK0ofve0ekal%2F6oJIv%2BZ7JZ86lxzEufjEktkeS7b9jKB510OCoIkEbq8xTB0PSTgg7da%2F%2FYrevQmj1lgMXkNrOaJ4DezdSHeX7c%3D"}],"group":"cf-nel","max_age":604800}

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame BED6 2 KB
1 KB 40ms
10ms Document
text/html 108.157.4.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2469592.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-7.dus51.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Referer: https://ajuda.serasa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5453240
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Feb 2022 08:52:06 GMT
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
vary: Accept-Encoding
via: 1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
x-amz-cf-id: ZNoCsxLDl-H-tAiEiWHVex0905YLLj5NSveACC_6N7ZlysMlV5aerg==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 204 2469592 Show response
vc.hotjar.io/sessions/ 0
258 B 56ms
33ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2469592?s=0.25&r=0.08012612160821986
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9beafb9ca96c2f868fe2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 1HeqszWYRDMBzpOZ2NyJaJQq64kQ4b97TBGYq2khsBMreExE7IlwgA==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame FBF9 222 KB
62 KB 80ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Fri, 08 Apr 2022 11:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Apr 2023 11:36:34 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame FBF9 16 KB
6 KB 87ms
23ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Fri, 08 Apr 2022 11:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Apr 2023 11:36:34 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame FBF9 96 KB
29 KB 88ms
24ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 08 Apr 2022 11:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Apr 2023 11:36:34 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame FBF9 5 KB
2 KB 92ms
28ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 08 Apr 2022 11:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Apr 2023 11:36:34 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame FBF9 42 KB
13 KB 92ms
29ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Fri, 08 Apr 2022 11:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Apr 2023 11:36:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FBF9 8 KB
1 KB 43ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 10:59:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Apr 2022 11:39:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Apr 2022 11:39:26 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FBF9 3 KB
3 KB 32ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 13:28:14 GMT
x-content-type-options: nosniff
server: cafe
age: 79872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Fri, 08 Apr 2022 13:28:14 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FBF9 344 B
807 B 31ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 67221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 08 Apr 2022 16:59:05 GMT

GET
H3

200

B27337746.329782156;dc_pre=CMzF3t-whPcCFfH7dwod6dcJmg;dc_trk_aid=521819059;dc_trk_cid=167039996;ord=2447946762;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N377801.3435685GOOGLEADS/ Frame FBF9
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N377801.3435685GOOGLEADS/B27337746.329782156;dc_trk_aid=521819059;dc_trk_cid=167039996;ord=2447946762;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
https://ad.doubleclick.net/ddm/trackimp/N377801.3435685GOOGLEADS/B27337746.329782156;dc_pre=CMzF3t-whPcCFfH7dwod6dcJmg;dc_trk_aid=521819059;dc_trk_cid=167039996;ord=2447946762;dc_lat=;dc_rdid=;tag_...

42 B
65 B

39ms
25ms

Image
image/gif

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N377801.3435685GOOGLEADS/B27337746.329782156;dc_pre=CMzF3t-whPcCFfH7dwod6dcJmg;dc_trk_aid=521819059;dc_trk_cid=167039996;ord=2447946762;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Protocol

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N377801.3435685GOOGLEADS/B27337746.329782156;dc_pre=CMzF3t-whPcCFfH7dwod6dcJmg;dc_trk_aid=521819059;dc_trk_cid=167039996;ord=2447946762;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FBF9 0
0 51ms
50ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChpVk7R5QYtHsMqPJ3gPHv7PwDfOqv7tp49f1kNIP9aa8m-IvEAEg4e7KQGCVgoCAmAegAaSvsbkoyAEBqQKd9y12vz2MPuACAKgDAcgDCqoE5gNP0LCybU8fPXQPD4oL-Yo3bsmZhTaN_Ll01FYBBNuKJ4A6dI8BrsFo1_ZB9l7XNF1fcHGNpWbAcHbgQ5sJbLK111UaeCjmaTCbS0XXA9m1K7UByWNJGhTP0c1tSVH4QzCs8WJVSFJc5qXS2bV1rmY6M4GReMKlDQHBaBwz7IHI4l3ZqlgvSWXn-EO6bVKNSXMkI4giKgwBM9qs01j_N_pgIObmyDEL9Lp84wLV-XWtiiTkAg7hHtHuYOvlCzHbSLxKqW-sZmfgDAfKQl2raLqEnAOZ15rW8U88jfff7vBAX-_wZczwCVsffHoFyDt_rsRVpVJyO_ORH5f3YdEK18t6VBVXWW-yIaGyaPWR-qlstFYADvtAvgOCPWc_f4RdebRP7F685a2ISSNnXZV3j0YeB8euxhd1AiAIcyIoFteE5H8maitnFg-RwkdCZG8gn_y8ebl2OfFSKexEBhB0RZJMbEboyN6FS8hAA9uG_uMRCF9VOmKhicY7ndMTQCH55vjuPIrMK-A2K1VAhEUWMVKTUK8ytCxCqS7TQwUhgqkeu0kTYKekLue8ztRT3ryXxrU0zXJnySnx1R9_gYGC_h4NiCZzbHKpt4R3MCXp12ntHr8WSlGbsOV_9EaJ2VFgEZEj_ViBJHbABO-1oKr9A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAek54GZA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEK2gQtIICQiI4YAQEAEYHYAKA8gLAdgTDYgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi05NjUwNDA4OTgwNzkxNTMyGOH-HQ&sigh=99sTv6kQOe8&uach_m=[UACH]
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 sections Show response
ajuda.serasa.com.br/api/v2/help_center/pt-br/categories/360005490232/ 2 KB
1 KB 771ms
771ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajuda.serasa.com.br/api/v2/help_center/pt-br/categories/360005490232/sections

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f3ef7c5c49a1f416744e8f5e22460f0234b2af9f7d007ab56836b7f6f554fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:27 GMT
x-envoy-decorator-operation: help-center-unicorn.help-center.svc.cluster.local:5080/*
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-zendesk-origin-server: help-center-unicorn-765954b689-zclx4
x-envoy-upstream-service-time: 89
zendesk-api-version: 2022-01-01
protocol: HTTP/1.1
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6f8ab8f1794e926e-FRA, 6f8ab8f1794e926e-FRA
x-ua-compatible: IE=edge
x-runtime: 0.085478
server: cloudflare
x-zendesk-api-version: v2
x-frame-options: SAMEORIGIN
etag: W/"6f3ef7c5c49a1f416744e8f5e22460f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZFl4AabRbFkE5Saha7MlKo5CB0rH7TalYhhgxEaYdd7PHiC%2BfMeQ1H3exRDZsFM6ZyxU7VVaHACAxnQCM7EdvY1HoEjer6JrkWRjtB5iriC4EWk3zwRSvnqPkHcTX4Y89pzhRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: max-age=0, public, s-maxage=180, stale-while-revalidate=60, stale-if-error=10800
cf-ray: 6f8ab8f1794e926e-FRA

GET
DATA 200
OK truncated
/ Frame FBF9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65e395cdf922ed34f7fa4e9c71161974cd892521d15f25b680b36ff5938886c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame FBF9 28 KB
28 KB 31ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ajuda.serasa.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 219109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 22:47:37 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame FBF9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

71ms
49ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: H2
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date: Fri, 08 Apr 2022 11:39:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 206
Partial Content notify.mp3
agentcore.s3.amazonaws.com/production/assets/ 25 KB
26 KB 421ms
112ms Media
audio/mpeg 52.217.14.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agentcore.s3.amazonaws.com/production/assets/notify.mp3
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.14.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 87d98603dabb39384e5aecd9614fe72adcf8f60670e5efc1262a2596b680a519

Request headers

Referer: https://ajuda.serasa.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 08 Apr 2022 11:39:27 GMT
Last-Modified: Fri, 04 Nov 2016 18:53:08 GMT
Server: AmazonS3
x-amz-request-id: TV8ZEJJPVEFC0XK4
ETag: "2a368218786dd80e3802ef4e5396686d"
Content-Type: audio/mpeg
Content-Range: bytes 0-26068/26069
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 26069
x-amz-id-2: vDEa2cpHt8WuezxSZW4gkPK8z+aiIu0/ZqMVXrPjvAV5bLKz2MEfwU6i/EJvoGPWZRXBD1yWG7M=

GET
H2 200 u Show response
adapter.aivo.co/api/v1/dea6c07769c06d2043b5cb74146ddb86/settings/ 14 KB
11 KB 189ms
145ms XHR
application/json 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adapter.aivo.co/api/v1/dea6c07769c06d2043b5cb74146ddb86/settings/u?host=https%253A%252F%252Fajuda.serasa.com.br%252Fhc%252Fpt-br%252Farticles%252F360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%2525C3%2525A1-lo-Alerta-Provis%2525C3%2525B3rio%253Fcm_ven%253DExactTarget%2526cm_cat%253DEM_LNO_BAU_ABRIL%2526cm_pla%253DAll%252BSubscribers%2526cm_ite%253Dhttps%25253a%25252f%25252fajuda.serasa.com.br%25252fhc%25252fpt-br%25252farticles%25252f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%252525C3%252525A1-lo-Alerta-Provis%252525C3%252525B3rio%2526cm_ainfo%253D%2526%2526%2526%2526%2526
Requested by: Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: nginx / PHP/7.4.28
Resource Hash: 6325460f601bf8813712459ff79c2e76982cce83d602a011928b3dabbb8add2d

Request headers

Accept: application/json, text/plain, */*
Referer: https://ajuda.serasa.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PHP/7.4.28
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization, X-TS-AJAX-Request, X-Token
x-amz-cf-id: PDpY0X-V_4p5C_rQquvkVFHyd0la-1cgIyjNkhslyVZ4W3jRd6sKSA==
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)

GET
H3 200 container.html Show response
0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 39FD 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ajuda.serasa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 11:39:25 GMT
expires: Sat, 08 Apr 2023 11:39:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7FEA 624 B
299 B 36ms
19ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiJ4NLHATAB&v=APEucNUdXmG6dP6pgLNEB9r-I8I8q7-gkGPA-DdgPunjxQ7j4fDH4c8Rhxvh64rVM4t8cDPPz2qNa2mIUkacC5_9uD2jhNXf7tSb6fvn1GjFJw52WXObN_hM_gGWWkIunM7sjc2l90Fhzh7fvDZ7sN2GN4XgKleJc4nXuFT0XplRO6hFHA02hKI

Requested by

Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 11:39:26 GMT
expires: Fri, 08 Apr 2022 11:39:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 39FD 27 KB
16 KB 60ms
45ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoEe0vZdTHOLd6-53S45UHSEmRdyLD0-33tnc7eaRvVLOvc4qM_hlCf45tT5ZYXJHC04pbzZcN9aEBGCVTR_jSmHB0pm2I44mibYmQ8Uhycdr1yUW7olcLDPxe3AqvwD_Q5OhLg2XiTIii2x9e6xSa7_gtQQ&cry=1&dbm_d=AKAmf-CSqFiWd9UV8dgFMnrU_SYZjO-RU8aZQVXRvRtoynljKCiTk4CrI97XqFxj6KQ7X68g8FgBh1R7Sy282O9v0YZ_CRuCGzCyIaEfq85h755URMhiNTyTa_HOYaSA2GtL5hwPEFYRVazPa26nnALvnaHvLaMelVrUQIMsp8CESvPF8MnmKkhRYPH6KXRX9scOp5DvnTL28UyAO_m9ox5R3bZKHmAJg-LohouCDbXqWzhhtISyiNSs8B73Iga9Vkt-9bfqJiSOXBbFBKsnMK-cI0Z75Qh34pGVP_RDSX7iVgJWH63ma0RiPY3XKQybxszxGFB-lLo5HL5tAY4ZEsYTCPh_hx1cCWhOc9iTBoReTVyhPpuV7qxMfQmrZA_KvqWSdKrICINpw5Y2LAullbHPZrzBoNGvgjQkonTSMOHLY9KoUoz8BXaiJkzHryftH21N-Dh96aIvOMj3Cliwcj1oNtUSYzU47Tc4KHfe_zTw8fLxQRPNU2T0qR6B1Bg1e3jLBSPxmc49yxiKrjavacHhbjoReqsgprPpO-hdo-Ke1ZY2AQgl3Fk-Ahc5eRi52ft1ofW5x_6u1ntxcRikDXghvbQ3eO30V_wUDP4kAWBA1JGI4dXSedJItLWIChhtgFGE3g1GdUIhZ66f1aXrZNRnzLtjufhZyjIwj1JD3uGwAZH5P58E20FKO0lKaojbnoxzZ3v_h_URzn-5sySm4MD99gwDYION-wGII0gQ0A0olFu4e_RHTWjaNHVABYRU0qO0IdT9wEoMc9RoT077Yuz21rFWCgGkrT09ds4BIvXHCqHSzwWC5hrdBv9PnY0lTonLGo5ogRJTi_jSHjPliVfaex-T3sdIX-oo93pj0pVnzltRnoOsPWVGk1KcpWONutD7_pOzO9CtR4cZHFXK8DHkztK3o1vtKMi9IBRVTjeT-wD53FvJ7qN0ApRVf31RnA_5WTqJvUMAGgT26AZrOsBHUUMRABXYwxaoV8R6aI1YsjyUIBcIUYaxUjYf9QqtPbjqwnzhfiQu41YPAuiDiVa2P9DzF74qNx4Zoq-lvIwH_-rAW-TfiF6CWuOetR-C_BfYPSJEB87UfPWa8bg5AB-3UxLfChTiI33EJLm4083cYN0OMEOqHxL04i6URpMGcK6uAgDsfp3Eqgk9Bgk85v62o5lEMQltKm3w4sZh_6RlodY2pZM7O5GzYCBTfV5K-mWijt_o5XAEZbEtI-QpczZq-zJAu6ggbHaAuwzG0mOn2qR1cE5fffQVL0hczpayv_kWnFax7BDRgqArZ4_oS4D8CeYsccGYL_7jCfjcaQHNCOVqOUnsDhZ0-s6uHLAPbNW_PylxmF3FZxSx-zWG1PIfuTuA18q33O8Xx3Ejz-4ySLIW5AQ52_WBNm4eX5qCGoYmVM4fog36aN98eRRhHVe5cxiBzCxxKW660nawyV4N5DjWPD6VygSW92M6B7KUWA4Agv6vOY7Ws-SMd5ZhDgedU3O4CrG0C8jQLq0dvYU6v1mOhONnubou7Mm-CK9jsiOpz3jRQTNGDACU-lrx9rlhmq74WBh1SHMxXDJadVzUBHY7DyN3Qm_GOP0pyYEbWXG8H6Kk4PQYLcoHydIfwxD9fLaK7EIJI8yTbNxP5DLbe2umCeTSQpF4Dx54bEkuGaKrftAbJEQxUYsv_vRd1KnJeqmPlr99k94ikvHDWTWc7xx8fBnPg-DyuqeTar-S1bUc8prDn0nFmr0PAc6uKUXeIzOyNSHbMMhgDPZjWUKCAj70FMT_ZDiG2ZTJoWZJ6X8UOF0Z-3UsFKzgd5EtZF5JytUjOGvTngMQUsn1cDW1ClrKc3AF7MGuEmZ8tQ1VIOhza99fj_vnDF3gVXHVoybpW9yM31jgpHW_NAagLCRVsnZ5I7hu-oBgj_ZoxTaivbODARRqaSZZDYWAf3VIsRcAeJiCi1MSNZj_BDLUhRs-fMt7NkxXW-o4IsTSP7OfGGByCCTcFVrBwjeHgiMYMvkmYDn15ArTPbRW9W_-bgd7sMOyILFWKHTpyW3vjnCl1XK6JdZM0x_m_fFLAEXvPwswStPeFyCMwdd4F05FFB42XNXLE_ikpEZf9jRv-4WrMO_aMO7bJwR6S8LnzkcaXj3h8lVGxmVZQa0H63YgwJk82xivVL1i_XWYJ5XXRxV1Ab_bT7-ayAT2bzEABt5kPLX0dz_UFGDan16PAJvpWhWUexF5tv_-K4WAYot7CCCT1XA5C0EXITSReag9boYzWhl400T-BIIHYgiWheen2vcHvJ82K-mXj8Ac-OhNhVDsjblssod1zf2Ls5XLF_vVpsHXs7qgmHSRLlSK-yWbWYvRGtWga-8q6W_nWJxzKYAfaMzpBIkEctWFpXb1P6j4JrBGiTE5w5MXck6KgGNQ1GA0Tj0g-xrdAr9RXVZgkR_3XQKevZQMTY4GqVoeZ4AWlmcm0pDVvnIBpXTCzxMa7h3YF3GNg8EYxZdgZxn_5qgauzWIon2RMS16nfh1_ChvN5j5QQwznGntpmFI1TTzjh7gz92I3LlsJkUzgxyKENFw1IeFgHjxfrbdiY5B0hP4AWAr3owdfXIemGxuze4LqXkdATneKZ38D5QaDT-I9AE-WtWzDOuDQuWEgB0Za3T_JWR2oxj6Hr3lxXfFYlsIu-n2XRK2RNysgmXdlBtWkVcE1Ws2jTp6C2sTuhtTyVYyah2sdg7xbJYQx1pAmLn0BeNQSKxHd7aDtXjipuqb81NfoWiifBmF1yewontLqbaQ2Skm6iozUncipRr6xe4_4U5OizxEKPElEo0lbPH6MwerCnABk9CKohhIGgl3gkQQpSI3FEyuU01DNsDVevlpH355kgWKQtr6kOm89jR-_Uz1dujpaurpMv44A7Z2kDuZkBkYhzh8ZxenZfNGP1qgZRb525kEzeeMiHFMUrm5_fcd8ajXIUL3nVkCMHMgeKUXYygXgl5u0AsBBG8eQ8jIFzANMBT1kcEzpMnyazZcGRQxzhK-osf_tm5GtBFSOgMn_m-bsTLRpte09Ifuh_WAlnMv8awc2uwhjixG4BxC7Kdj7EeRi3jbsO-zM7v1daChuRFR_gFlupz1huAmjcUpot5X_LjI61aSgWlupGhz3G-czWSMrsEh38IbfA8tzY2RftBzfhEZ2nxrW7b3-Y54YLFTvRSL81mG24akBgWMRouaa_QNgBe1zYmzkJYqeev0ws0zr3pD5HSSkJu9JI8cGtD2B5y3L1CMCliKfxcSXeFCrrbQf1PoS9QcBdHBlATGLUmPYlWdeyoPeBliFh4neEcFegIlVMr21EvlZd4lVjom9ZodsqJv6NGNkEFKQ4hHkg8CRxXNV1GrhlARjRWnWzcHOV82RUwC1We5NqJv3NF_qB7C0ISsoHPjDV25NJyOqLkR5ObPalXWUCVkpXk2f5PuTCvM897V-7Tfc49ccbo1RSVPrPiPRxwzlHbuoqRUZoEKdOlu_SRtSWDHyN4vvtbaoh4Mm8elYPKC7vqbYIjG-K6HCkhhEreQmab8nXb5eTTXqw1GJOK3dZGZW6bnW2-CJW_29G6L3EnWeEKEK6AlDVosRbB75hBRZXIfKHop0-2ERWhvxh8icQF7m7DYcdENUuDIPMmUcstO6kf7vty2eF71odgLUeDbhrgriUOcXSGlMAO9-6zF9UEaZ959q2IPCo6ogrzV9Dq4FnV-D19KtoS5Sxz2VupZZZwpgUFEelpxMCJks83kfg&cid=CAASJ-Rowhm4n0OxK3zbtA4I8wY7bBsMvVcI3yBS4QlEm2VWpx3LOak2vg&rfl=1%2Chttps%253A%252F%252Fajuda.serasa.com.br%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7dcb8f11c3b1eb6bc2f19b59a5d6f3f077edead6a9cde03d5853b5995e48a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16480
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 39FD 42 B
494 B 63ms
39ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B-Y0fo60xiFI-HOSWkCIOqDSTuG1F8W1JMFuTl3Cj56cSykjRZi-8l6Brq0JROIidVfSTK9zqsG3wnybOIDDZxSi-unKJ7IcbWQ3uPX3vRPeSHteU

Requested by

Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 39FD 32 KB
8 KB 49ms
19ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 39FD 3 KB
2 KB 46ms
15ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4285695&kid=2954778&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCu6f_7h5QYvCHDMmi3gOK0beABbWQ1-Fo-Zq3rOUP8C4QASDh7spAYJWCgICYB8gBCakC9dJygq47sj6oAwGqBIECT9CCDVAPxOh3iopeD8VPporE7OJq9uBbxi0MmN9hCeALM_Tab5GeeMV3na3CxgC1yZ1FImxm5JxjwGyt4Tm6aN09xj4xM6EQ-6tNHqI_9TvY4_LZvoiVGoPsIoZMvKgs9jdfaWpiIcLN5OvpIVhhs05H1wL3SsvCSKFRT9AtgEa17mQS4-HBH7sB6JETxWZYRn_wN-83O1HTfkDgQV-6TYMJ1rao0xuj6TYcqxFK24v_8DLqi4IAm7YqhqxlXU6LwlsMnMLM__a8QFf4tbAv3Ssj6EcO5oVm9_c2UXd320iMrurlz0D_CGsxUyO2NqGIUh7w60ZUmo11Xxdjhid67gXABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE92vsQ3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-Rowhm4n0OxK3zbtA4I8wY7bBsMvVcI3yBS4QlEm2VWpx3LOak2vg%26sig%3DAOD64_1a1rzEAcYnL0EcBpEp80VV4xEt9w%26client%3Dca-pub-9650408980791532%26dbm_c%3DAKAmf-CeQ8VjSKeGAADZVt05xx3in6KF5A8yBfqXnlKwfRw-AObwHDuBTPu5hDRYKExTpQal5mxH2NMlGfzPc-zGO0MZDpNamJgscvEhRCYEjtslllVzyKKr-E8G0B6Rs-A1mnD6WTDqeYxJk7H7OJmUbhyYRBZ-Zw%26cry%3D1%26dbm_d%3DAKAmf-DJtwxIbWRKMmNEDpxGy9GZsuxm9G9e0pUCH2LlfR7a8ZC0yJsBRHxq7MGEV45qimuDpHpGkNK3o4ehMLG4vjr3ypZaXOCdCBwcP_jfn9IMzMKxkRfb53wVSzRH9LGB5Aw5lA7XcrF-q6CXjPKFEFQugvQDexLzdjqxgXx_uDtrNG1RLTJpuVbMArgPRYGSvr2LHR-ebmrp4AJ6n-lV0IleuKzc31xBgcl53qr44HYRUEMEqEhYgjarjxTwh9te5TYc7MlkSsqwpxZZ2UfD-LXwGrOQso3Xa7axdaDa0ftSjr5zQwF8A8xPxeYjrqFfzi9eS83ugTzfUcgBGXv1A4kE7sbbgXNT1vNKspp7dRL3pbr8DN0CmqaxS5TObW7L4XzVTLEB6aLMEoyWV_xgalU1mq-6RM3SfKm6bSqyjA2vifERpuwibk9mXX5Q84FpnNlDeahhAHlM0vipRIl302V9Oyl75YbU5qRuEgEDUfM4VGOLHgnajs7DleSNbCcwfFbGK2eEybArqDOyLiJTcKhH7iedmoGYGywzLDfqlYBnr-rENXgZ5AI5zv0nZeC1JDrmeSKjPva1iDD1QTDwoyAHtdVorlt5guuSLoUcFxLJKpKTGUfLUUJp73bqeFnL5vHoAUCu53lMS25mFVl79CzDI3zlng0n991RpoY9wrGj7ked5RDNCjhimr7Z9weiRqaBePySv4-tcimxCb1C1v_I7HOt53Qi5CEoMOM_sB8xTcNH187biDHGS-1N4QGHPg4Old5gQn9pGq0YdusgQtS1W0R1hQYJSIG0LtwUyDxylWYu7LetcZJcaJT4DgqMTdoj7DNE%26adurl%3D
Requested by: Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: f62b6cdb65a9a8cef899775a7e2d12b0e2337a2e48f00a7f5f7ce266ba87f507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 13:39:26 +0200
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
cache-control: max-age=600
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 39FD 3 KB
2 KB 308ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 11:38:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 39FD 119 KB
37 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 11:39:26 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 39FD 15 KB
6 KB 308ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:35:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 11:35:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 39FD 0
0 15ms
14ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAwjfwnSLBAKDRlr-Jnio8QXYw4tpWij97-EH4nudvBUi2V9cbIgXhcYO1Ja1055QRjYZeeMm4qkUUlVoRT4gL_GYVAQ
Requested by: Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1 200
OK core.10.9e97a1b6a7cdde34a848.js Show response
cdn.agentbot.net/core/6.6.0/ 15 KB
4 KB 98ms
98ms Script
application/javascript 104.236.60.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.agentbot.net/core/6.6.0/core.10.9e97a1b6a7cdde34a848.js

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.236.60.225 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a79823d2f8bafee2203c97bc65c9ccd8db935bec598b3f66aa07b1874b282adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 11:39:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Mar 2022 20:09:48 GMT
Server: nginx
ETag: "3b2f-5dae84fbc7ba4-gzip"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 4103

GET
H/1.1 200
OK core.9.9e97a1b6a7cdde34a848.js Show response
cdn.agentbot.net/core/6.6.0/ 7 KB
3 KB 197ms
98ms Script
application/javascript 104.236.60.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.agentbot.net/core/6.6.0/core.9.9e97a1b6a7cdde34a848.js

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.236.60.225 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

147081d0991bf7a44054f9336f60082a2af9637d551c3a02e1536ae292252a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 11:39:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Mar 2022 20:09:52 GMT
Server: nginx
ETag: "1c74-5dae84ff3befc-gzip"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 2307

GET
H3 200 icon
fonts.googleapis.com/ 569 B
366 B 32ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 11:39:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Apr 2022 11:39:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Apr 2022 11:39:26 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
627 B 32ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 10:55:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Apr 2022 11:39:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Apr 2022 11:39:26 GMT

GET
H3 200 css2
fonts.googleapis.com/ 3 KB
641 B 40ms
26ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@600&display=swap

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abbd3d9df6edb6982ac43bbeb61514366582e777e1b501e55f3f9071ffd15f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 11:04:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Apr 2022 11:39:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Apr 2022 11:39:26 GMT

GET
H3 200 emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ 192 B
873 B 70ms
37ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1563435
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19138-FRA, cache-mxp6940-MXP
timing-allow-origin: *
server: cloudflare
etag: W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNreMRLTVITiZCm8rAKT%2FphhpCB%2B0A9Y7X78xNvn%2FpGInhtB9rX250TSoDRC80j85y5CRLUurITtQNfQyH%2FOdg%2Bkx7LRNsHaoD0C0d9KB28bp3g2iC6O81l4lnumQd%2BABZuHI2aXAiGbJA%2BOJhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f8ab8f49ba4374c-MXP

GET
H2 200 / Show response
apibot.agentbot.net/REST/loadscript/ 16 B
232 B 298ms
101ms XHR
application/json 52.86.137.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apibot.agentbot.net/REST/loadscript/?token=dea6c07769c06d2043b5cb74146ddb86&hash=088e440a5f8491826bff765e8763f7ee&_=MYEILYRG-NNPY-UOJJ-JSTV-1649417966099
Requested by: Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.137.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-137-10.compute-1.amazonaws.com
Software: Apache /
Resource Hash: fba8081592823cd3fc4cf67ce7b816c03e9937eab2a96be9796d2b9c5bbad553

Request headers

Accept: application/json, text/plain, */*
Referer: https://ajuda.serasa.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:27 GMT
server: Apache
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://ajuda.serasa.com.br
access-control-allow-headers: Content-Type
content-length: 16

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7FEA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpOjNvEMPVQxkNZXfW-ZMw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpOjNvEMPVQxkNZXfW-ZMw&google_cver=1&C=1

43 B
1014 B

57ms
56ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpOjNvEMPVQxkNZXfW-ZMw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiJ4NLHATAB&v=APEucNUdXmG6dP6pgLNEB9r-I8I8q7-gkGPA-DdgPunjxQ7j4fDH4c8Rhxvh64rVM4t8cDPPz2qNa2mIUkacC5_9uD2jhNXf7tSb6fvn1GjFJw52WXObN_hM_gGWWkIunM7sjc2l90Fhzh7fvDZ7sN2GN4XgKleJc4nXuFT0XplRO6hFHA02hKI
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 11:39:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 08 Apr 2022 11:39:26 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 11:39:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpOjNvEMPVQxkNZXfW-ZMw&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 08 Apr 2022 11:39:26 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7FEA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlAe7qbxJL12sWRW1KEhZQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpOjNvEMPVQxkNZXfW-ZMw&google_cver=1

43 B
894 B

31ms
30ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpOjNvEMPVQxkNZXfW-ZMw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiJ4NLHATAB&v=APEucNUdXmG6dP6pgLNEB9r-I8I8q7-gkGPA-DdgPunjxQ7j4fDH4c8Rhxvh64rVM4t8cDPPz2qNa2mIUkacC5_9uD2jhNXf7tSb6fvn1GjFJw52WXObN_hM_gGWWkIunM7sjc2l90Fhzh7fvDZ7sN2GN4XgKleJc4nXuFT0XplRO6hFHA02hKI
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 11:39:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 08 Apr 2022 11:39:26 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpOjNvEMPVQxkNZXfW-ZMw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 7FEA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED0mmLP3CUWNH2eiahACjT0&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED0mmLP3CUWNH2eiahACjT0%26google_cver%3D1

43 B
1 KB

122ms
122ms

Image
image/gif

185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED0mmLP3CUWNH2eiahACjT0%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiJ4NLHATAB&v=APEucNUdXmG6dP6pgLNEB9r-I8I8q7-gkGPA-DdgPunjxQ7j4fDH4c8Rhxvh64rVM4t8cDPPz2qNa2mIUkacC5_9uD2jhNXf7tSb6fvn1GjFJw52WXObN_hM_gGWWkIunM7sjc2l90Fhzh7fvDZ7sN2GN4XgKleJc4nXuFT0XplRO6hFHA02hKI

Protocol

HTTP/1.1

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 11:39:26 GMT
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2e6899fd-fc00-46d8-9224-9257c3f47190
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 11:39:26 GMT
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: edc4b42f-b65a-4a4b-92fd-7648f3d77d9a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED0mmLP3CUWNH2eiahACjT0%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FEA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ5ODEwMzc0MzAzMjAzMTU0Mg%3D%3D

170 B
188 B

33ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ5ODEwMzc0MzAzMjAzMTU0Mg%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 11:39:26 GMT
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 28655486-69c9-4ce5-a1e0-d06ff8edf2c3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ5ODEwMzc0MzAzMjAzMTU0Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 39FD 25 KB
10 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoEe0vZdTHOLd6-53S45UHSEmRdyLD0-33tnc7eaRvVLOvc4qM_hlCf45tT5ZYXJHC04pbzZcN9aEBGCVTR_jSmHB0pm2I44mibYmQ8Uhycdr1yUW7olcLDPxe3AqvwD_Q5OhLg2XiTIii2x9e6xSa7_gtQQ&cry=1&dbm_d=AKAmf-CSqFiWd9UV8dgFMnrU_SYZjO-RU8aZQVXRvRtoynljKCiTk4CrI97XqFxj6KQ7X68g8FgBh1R7Sy282O9v0YZ_CRuCGzCyIaEfq85h755URMhiNTyTa_HOYaSA2GtL5hwPEFYRVazPa26nnALvnaHvLaMelVrUQIMsp8CESvPF8MnmKkhRYPH6KXRX9scOp5DvnTL28UyAO_m9ox5R3bZKHmAJg-LohouCDbXqWzhhtISyiNSs8B73Iga9Vkt-9bfqJiSOXBbFBKsnMK-cI0Z75Qh34pGVP_RDSX7iVgJWH63ma0RiPY3XKQybxszxGFB-lLo5HL5tAY4ZEsYTCPh_hx1cCWhOc9iTBoReTVyhPpuV7qxMfQmrZA_KvqWSdKrICINpw5Y2LAullbHPZrzBoNGvgjQkonTSMOHLY9KoUoz8BXaiJkzHryftH21N-Dh96aIvOMj3Cliwcj1oNtUSYzU47Tc4KHfe_zTw8fLxQRPNU2T0qR6B1Bg1e3jLBSPxmc49yxiKrjavacHhbjoReqsgprPpO-hdo-Ke1ZY2AQgl3Fk-Ahc5eRi52ft1ofW5x_6u1ntxcRikDXghvbQ3eO30V_wUDP4kAWBA1JGI4dXSedJItLWIChhtgFGE3g1GdUIhZ66f1aXrZNRnzLtjufhZyjIwj1JD3uGwAZH5P58E20FKO0lKaojbnoxzZ3v_h_URzn-5sySm4MD99gwDYION-wGII0gQ0A0olFu4e_RHTWjaNHVABYRU0qO0IdT9wEoMc9RoT077Yuz21rFWCgGkrT09ds4BIvXHCqHSzwWC5hrdBv9PnY0lTonLGo5ogRJTi_jSHjPliVfaex-T3sdIX-oo93pj0pVnzltRnoOsPWVGk1KcpWONutD7_pOzO9CtR4cZHFXK8DHkztK3o1vtKMi9IBRVTjeT-wD53FvJ7qN0ApRVf31RnA_5WTqJvUMAGgT26AZrOsBHUUMRABXYwxaoV8R6aI1YsjyUIBcIUYaxUjYf9QqtPbjqwnzhfiQu41YPAuiDiVa2P9DzF74qNx4Zoq-lvIwH_-rAW-TfiF6CWuOetR-C_BfYPSJEB87UfPWa8bg5AB-3UxLfChTiI33EJLm4083cYN0OMEOqHxL04i6URpMGcK6uAgDsfp3Eqgk9Bgk85v62o5lEMQltKm3w4sZh_6RlodY2pZM7O5GzYCBTfV5K-mWijt_o5XAEZbEtI-QpczZq-zJAu6ggbHaAuwzG0mOn2qR1cE5fffQVL0hczpayv_kWnFax7BDRgqArZ4_oS4D8CeYsccGYL_7jCfjcaQHNCOVqOUnsDhZ0-s6uHLAPbNW_PylxmF3FZxSx-zWG1PIfuTuA18q33O8Xx3Ejz-4ySLIW5AQ52_WBNm4eX5qCGoYmVM4fog36aN98eRRhHVe5cxiBzCxxKW660nawyV4N5DjWPD6VygSW92M6B7KUWA4Agv6vOY7Ws-SMd5ZhDgedU3O4CrG0C8jQLq0dvYU6v1mOhONnubou7Mm-CK9jsiOpz3jRQTNGDACU-lrx9rlhmq74WBh1SHMxXDJadVzUBHY7DyN3Qm_GOP0pyYEbWXG8H6Kk4PQYLcoHydIfwxD9fLaK7EIJI8yTbNxP5DLbe2umCeTSQpF4Dx54bEkuGaKrftAbJEQxUYsv_vRd1KnJeqmPlr99k94ikvHDWTWc7xx8fBnPg-DyuqeTar-S1bUc8prDn0nFmr0PAc6uKUXeIzOyNSHbMMhgDPZjWUKCAj70FMT_ZDiG2ZTJoWZJ6X8UOF0Z-3UsFKzgd5EtZF5JytUjOGvTngMQUsn1cDW1ClrKc3AF7MGuEmZ8tQ1VIOhza99fj_vnDF3gVXHVoybpW9yM31jgpHW_NAagLCRVsnZ5I7hu-oBgj_ZoxTaivbODARRqaSZZDYWAf3VIsRcAeJiCi1MSNZj_BDLUhRs-fMt7NkxXW-o4IsTSP7OfGGByCCTcFVrBwjeHgiMYMvkmYDn15ArTPbRW9W_-bgd7sMOyILFWKHTpyW3vjnCl1XK6JdZM0x_m_fFLAEXvPwswStPeFyCMwdd4F05FFB42XNXLE_ikpEZf9jRv-4WrMO_aMO7bJwR6S8LnzkcaXj3h8lVGxmVZQa0H63YgwJk82xivVL1i_XWYJ5XXRxV1Ab_bT7-ayAT2bzEABt5kPLX0dz_UFGDan16PAJvpWhWUexF5tv_-K4WAYot7CCCT1XA5C0EXITSReag9boYzWhl400T-BIIHYgiWheen2vcHvJ82K-mXj8Ac-OhNhVDsjblssod1zf2Ls5XLF_vVpsHXs7qgmHSRLlSK-yWbWYvRGtWga-8q6W_nWJxzKYAfaMzpBIkEctWFpXb1P6j4JrBGiTE5w5MXck6KgGNQ1GA0Tj0g-xrdAr9RXVZgkR_3XQKevZQMTY4GqVoeZ4AWlmcm0pDVvnIBpXTCzxMa7h3YF3GNg8EYxZdgZxn_5qgauzWIon2RMS16nfh1_ChvN5j5QQwznGntpmFI1TTzjh7gz92I3LlsJkUzgxyKENFw1IeFgHjxfrbdiY5B0hP4AWAr3owdfXIemGxuze4LqXkdATneKZ38D5QaDT-I9AE-WtWzDOuDQuWEgB0Za3T_JWR2oxj6Hr3lxXfFYlsIu-n2XRK2RNysgmXdlBtWkVcE1Ws2jTp6C2sTuhtTyVYyah2sdg7xbJYQx1pAmLn0BeNQSKxHd7aDtXjipuqb81NfoWiifBmF1yewontLqbaQ2Skm6iozUncipRr6xe4_4U5OizxEKPElEo0lbPH6MwerCnABk9CKohhIGgl3gkQQpSI3FEyuU01DNsDVevlpH355kgWKQtr6kOm89jR-_Uz1dujpaurpMv44A7Z2kDuZkBkYhzh8ZxenZfNGP1qgZRb525kEzeeMiHFMUrm5_fcd8ajXIUL3nVkCMHMgeKUXYygXgl5u0AsBBG8eQ8jIFzANMBT1kcEzpMnyazZcGRQxzhK-osf_tm5GtBFSOgMn_m-bsTLRpte09Ifuh_WAlnMv8awc2uwhjixG4BxC7Kdj7EeRi3jbsO-zM7v1daChuRFR_gFlupz1huAmjcUpot5X_LjI61aSgWlupGhz3G-czWSMrsEh38IbfA8tzY2RftBzfhEZ2nxrW7b3-Y54YLFTvRSL81mG24akBgWMRouaa_QNgBe1zYmzkJYqeev0ws0zr3pD5HSSkJu9JI8cGtD2B5y3L1CMCliKfxcSXeFCrrbQf1PoS9QcBdHBlATGLUmPYlWdeyoPeBliFh4neEcFegIlVMr21EvlZd4lVjom9ZodsqJv6NGNkEFKQ4hHkg8CRxXNV1GrhlARjRWnWzcHOV82RUwC1We5NqJv3NF_qB7C0ISsoHPjDV25NJyOqLkR5ObPalXWUCVkpXk2f5PuTCvM897V-7Tfc49ccbo1RSVPrPiPRxwzlHbuoqRUZoEKdOlu_SRtSWDHyN4vvtbaoh4Mm8elYPKC7vqbYIjG-K6HCkhhEreQmab8nXb5eTTXqw1GJOK3dZGZW6bnW2-CJW_29G6L3EnWeEKEK6AlDVosRbB75hBRZXIfKHop0-2ERWhvxh8icQF7m7DYcdENUuDIPMmUcstO6kf7vty2eF71odgLUeDbhrgriUOcXSGlMAO9-6zF9UEaZ959q2IPCo6ogrzV9Dq4FnV-D19KtoS5Sxz2VupZZZwpgUFEelpxMCJks83kfg&cid=CAASJ-Rowhm4n0OxK3zbtA4I8wY7bBsMvVcI3yBS4QlEm2VWpx3LOak2vg&rfl=1%2Chttps%253A%252F%252Fajuda.serasa.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9790
x-xss-protection: 0
server: cafe
etag: 8169034061967891973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 11:37:23 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 39FD 41 KB
15 KB 261ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 20:04:01 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 39FD 568 B
723 B 14ms
14ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4285695&adjsver=3&fvers=&iframe=1&ref=https%3A//ajuda.serasa.com.br/&ro=https%3A//0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/100.0.4896.75%20Safari/537.36&os=17&browser=11&userid=0&kid=2954778&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu6f%5F7h5QYvCHDMmi3gOK0beABbWQ1%2DFo%2DZq3rOUP8C4QASDh7spAYJWCgICYB8gBCakC9dJygq47sj6oAwGqBIECT9CCDVAPxOh3iopeD8VPporE7OJq9uBbxi0MmN9hCeALM%5FTab5GeeMV3na3CxgC1yZ1FImxm5JxjwGyt4Tm6aN09xj4xM6EQ%2D6tNHqI%5F9TvY4%5FLZvoiVGoPsIoZMvKgs9jdfaWpiIcLN5OvpIVhhs05H1wL3SsvCSKFRT9AtgEa17mQS4%2DHBH7sB6JETxWZYRn%5FwN%2D83O1HTfkDgQV%2D6TYMJ1rao0xuj6TYcqxFK24v%5F8DLqi4IAm7YqhqxlXU6LwlsMnMLM%5F%5Fa8QFf4tbAv3Ssj6EcO5oVm9%5Fc2UXd320iMrurlz0D%5FCGsxUyO2NqGIUh7w60ZUmo11Xxdjhid67gXABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE92vsQ3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ%2DRowhm4n0OxK3zbtA4I8wY7bBsMvVcI3yBS4QlEm2VWpx3LOak2vg%26sig%3DAOD64%5F1a1rzEAcYnL0EcBpEp80VV4xEt9w%26client%3Dca%2Dpub%2D9650408980791532%26dbm%5Fc%3DAKAmf%2DCeQ8VjSKeGAADZVt05xx3in6KF5A8yBfqXnlKwfRw%2DAObwHDuBTPu5hDRYKExTpQal5mxH2NMlGfzPc%2DzGO0MZDpNamJgscvEhRCYEjtslllVzyKKr%2DE8G0B6Rs%2DA1mnD6WTDqeYxJk7H7OJmUbhyYRBZ%2DZw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDJtwxIbWRKMmNEDpxGy9GZsuxm9G9e0pUCH2LlfR7a8ZC0yJsBRHxq7MGEV45qimuDpHpGkNK3o4ehMLG4vjr3ypZaXOCdCBwcP%5Fjfn9IMzMKxkRfb53wVSzRH9LGB5Aw5lA7XcrF%2Dq6CXjPKFEFQugvQDexLzdjqxgXx%5FuDtrNG1RLTJpuVbMArgPRYGSvr2LHR%2Debmrp4AJ6n%2DlV0IleuKzc31xBgcl53qr44HYRUEMEqEhYgjarjxTwh9te5TYc7MlkSsqwpxZZ2UfD%2DLXwGrOQso3Xa7axdaDa0ftSjr5zQwF8A8xPxeYjrqFfzi9eS83ugTzfUcgBGXv1A4kE7sbbgXNT1vNKspp7dRL3pbr8DN0CmqaxS5TObW7L4XzVTLEB6aLMEoyWV%5FxgalU1mq%2D6RM3SfKm6bSqyjA2vifERpuwibk9mXX5Q84FpnNlDeahhAHlM0vipRIl302V9Oyl75YbU5qRuEgEDUfM4VGOLHgnajs7DleSNbCcwfFbGK2eEybArqDOyLiJTcKhH7iedmoGYGywzLDfqlYBnr%2DrENXgZ5AI5zv0nZeC1JDrmeSKjPva1iDD1QTDwoyAHtdVorlt5guuSLoUcFxLJKpKTGUfLUUJp73bqeFnL5vHoAUCu53lMS25mFVl79CzDI3zlng0n991RpoY9wrGj7ked5RDNCjhimr7Z9weiRqaBePySv4%2DtcimxCb1C1v%5FI7HOt53Qi5CEoMOM%5FsB8xTcNH187biDHGS%2D1N4QGHPg4Old5gQn9pGq0YdusgQtS1W0R1hQYJSIG0LtwUyDxylWYu7LetcZJcaJT4DgqMTdoj7DNE%26adurl%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4285695&kid=2954778&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCu6f_7h5QYvCHDMmi3gOK0beABbWQ1-Fo-Zq3rOUP8C4QASDh7spAYJWCgICYB8gBCakC9dJygq47sj6oAwGqBIECT9CCDVAPxOh3iopeD8VPporE7OJq9uBbxi0MmN9hCeALM_Tab5GeeMV3na3CxgC1yZ1FImxm5JxjwGyt4Tm6aN09xj4xM6EQ-6tNHqI_9TvY4_LZvoiVGoPsIoZMvKgs9jdfaWpiIcLN5OvpIVhhs05H1wL3SsvCSKFRT9AtgEa17mQS4-HBH7sB6JETxWZYRn_wN-83O1HTfkDgQV-6TYMJ1rao0xuj6TYcqxFK24v_8DLqi4IAm7YqhqxlXU6LwlsMnMLM__a8QFf4tbAv3Ssj6EcO5oVm9_c2UXd320iMrurlz0D_CGsxUyO2NqGIUh7w60ZUmo11Xxdjhid67gXABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE92vsQ3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-Rowhm4n0OxK3zbtA4I8wY7bBsMvVcI3yBS4QlEm2VWpx3LOak2vg%26sig%3DAOD64_1a1rzEAcYnL0EcBpEp80VV4xEt9w%26client%3Dca-pub-9650408980791532%26dbm_c%3DAKAmf-CeQ8VjSKeGAADZVt05xx3in6KF5A8yBfqXnlKwfRw-AObwHDuBTPu5hDRYKExTpQal5mxH2NMlGfzPc-zGO0MZDpNamJgscvEhRCYEjtslllVzyKKr-E8G0B6Rs-A1mnD6WTDqeYxJk7H7OJmUbhyYRBZ-Zw%26cry%3D1%26dbm_d%3DAKAmf-DJtwxIbWRKMmNEDpxGy9GZsuxm9G9e0pUCH2LlfR7a8ZC0yJsBRHxq7MGEV45qimuDpHpGkNK3o4ehMLG4vjr3ypZaXOCdCBwcP_jfn9IMzMKxkRfb53wVSzRH9LGB5Aw5lA7XcrF-q6CXjPKFEFQugvQDexLzdjqxgXx_uDtrNG1RLTJpuVbMArgPRYGSvr2LHR-ebmrp4AJ6n-lV0IleuKzc31xBgcl53qr44HYRUEMEqEhYgjarjxTwh9te5TYc7MlkSsqwpxZZ2UfD-LXwGrOQso3Xa7axdaDa0ftSjr5zQwF8A8xPxeYjrqFfzi9eS83ugTzfUcgBGXv1A4kE7sbbgXNT1vNKspp7dRL3pbr8DN0CmqaxS5TObW7L4XzVTLEB6aLMEoyWV_xgalU1mq-6RM3SfKm6bSqyjA2vifERpuwibk9mXX5Q84FpnNlDeahhAHlM0vipRIl302V9Oyl75YbU5qRuEgEDUfM4VGOLHgnajs7DleSNbCcwfFbGK2eEybArqDOyLiJTcKhH7iedmoGYGywzLDfqlYBnr-rENXgZ5AI5zv0nZeC1JDrmeSKjPva1iDD1QTDwoyAHtdVorlt5guuSLoUcFxLJKpKTGUfLUUJp73bqeFnL5vHoAUCu53lMS25mFVl79CzDI3zlng0n991RpoY9wrGj7ked5RDNCjhimr7Z9weiRqaBePySv4-tcimxCb1C1v_I7HOt53Qi5CEoMOM_sB8xTcNH187biDHGS-1N4QGHPg4Old5gQn9pGq0YdusgQtS1W0R1hQYJSIG0LtwUyDxylWYu7LetcZJcaJT4DgqMTdoj7DNE%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: a7d4139a86f5c5467ae6cb400f0ae7b95995f6ed3da681d17ce1cf8fdc6a0ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 13:39:26 +0200
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-type: text/javascript
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 0s3p1fkb96mt Show response
ad.ad-srv.net/zone/ Frame 39FD 10 KB
3 KB 64ms
12ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/0s3p1fkb96mt?subid=&redirectClick=
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: fd23d571031140bbe7872061ff610c33c6c61000604c4a3e353dc513004c881b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 11:39:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2657
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad4.ad-srv.net/ Frame 39FD
Redirect Chain

https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=ab63a4ab67&subid=&uid=930642a09b4ee92c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90...
https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=ab63a4ab67&subid=&uid=930642a09b4ee92c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90...

2 KB
1 KB

54ms
32ms

Script
application/x-javascript

138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=ab63a4ab67&subid=&uid=930642a09b4ee92c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fajuda.serasa.com.br%2F&ancestorOrigins=https%3A%2F%2Fajuda.serasa.com.br&random=720280380975&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 097a4f4472810469cad47b44b742f4e1238b62f4aed87da5b416ccfa3316de68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 11:39:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 46881300088464200383828011923004
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 754
Expires: Fri, 08 Apr 2022 12:39:27 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 11:39:26 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=ab63a4ab67&subid=&uid=930642a09b4ee92c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fajuda.serasa.com.br%2F&ancestorOrigins=https%3A%2F%2Fajuda.serasa.com.br&random=720280380975&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 08 Apr 2022 12:39:26 +0200

GET
H3 200 container.html Show response
0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5DB7 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ajuda.serasa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 11:39:25 GMT
expires: Sat, 08 Apr 2023 11:39:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A30A 640 B
318 B 18ms
18ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCS6EoYrvOMbDAB&v=APEucNW_OlkRjtGkqK3pbDm9Er7i8lHTYeweXAhMRWJUT_AuASOzbWbZeNN6MD0GzIS_xtviP1Biso4DHwBSGfK7IPOQgoWIj7LPykdQ0QCT3rYCSRbVmfM3vNbRkxf33_TkCQS8Fkkvg7tgIIcUqsEuQdF0J_fVmgZ-JMY5lEqJJ4rrkrYPt1I

Requested by

Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 11:39:27 GMT
expires: Fri, 08 Apr 2022 11:39:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5DB7 27 KB
16 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8DTuhSau17PBewjnopu1JNvJmGCpJHC9bFTyBBTP333FBZMGL_3euttaSzRJcE7roiuwBvOpUEUBDyx_ez-BIaLqVL3MQGc4P6pUe7YtuTmikpH6MWOVTqFOlE98ySKLGWkdVLtIsm-SEyp2HS5PLT0ozdA&cry=1&dbm_d=AKAmf-C4waMK4OXoA3EZaeDtoY0m0zdQtjLNx9j7ccXofjesSBsx8IY1NxhhCbsGRp8OMuc8Rjpp10Rt419H0r51QNN4RjRW_wC_WfHDEDbyF4K6i3E6hb_kuPWFyKg1w9UamPHPIOgOYnpnkQ4W2URNdyJN1XcCF-rrL_OijInBhLUmsxS3tbQEWPF__s4-Bc8dbhuud19ikW8g0H9X5rMKGq3Q3wbW5XNIUbuLDP6gRoPH7BKqP1pwNRTzVx4p1_qBgrPmMTfEEw2DYpLQFIAT0CbJ9CB1bsq31K8XVEvQYsnZnWcFQ6RVG7rla8d05ddpIRQdhpDAA3yl2KGHPELjIuo-hbU3MD_wliM38s7kxzru0veUKUA__S6boZOOZQPI9U1nqS3Gui089DQxPn669kB4TdYpbQO8ZSdLCcFq0dcd3Lutq12PhdTJC7EjMtpWOh_QldIUFA5mKCGygBmqRLtLfazC2mdch0g0GTiI6oDLVy26MR-V8j5dGJFQdYmeXv9T6McrFY6FpnoFTOsbJkQh-U5zABATkjeRTmAkxZrUFWMOyR1Ya0TzRf5nWO2wRmgE00PKPNhEBSne7n4GZoRfS0Bjiy8jzhrtg7kfnZTnzJZHQKvrM-JPat8mcnwF3ldl3HaalnWNeiFf0H52NpKRGFMIppYZ5u5eX1Vdgmj8xiL97cDzKgCg4h-a0VsMLGHHRLQcmQn8obQzvzXp8rBUtLs1e1OV4cbvOQ6TMPC3wBcYHYSY1jUh-AoQciHymqhlNfCZ-QFtUO6U5hgHxKs6egxY8QGVS9Jx8siKz3W8b11iIAYRZP66F9F2LtT7Ri7JK_hI8hMT-vcxM8Bt_3e4wY5jNLpw6156wVsFGdh41OhXGza2j4Gu79_j7gPIwLdIOGeq4rsGz_rY8Zm6tmvusBdsbj9a-xUKCsQuyonNm-o1sLAG2xjuS12WMle17Q2dHKx6Cjcbeg0FZ6wqMK7hRgJlOBN3afhkJiRuBikTja0h2d7-gpRR65kpPJXmY78ejurPi2khVHA450ixUyWAz-Rk-vcmXOdLZmUobBg1UP3chl859r33CEZ7givtF57045rJplnNC1keLj9kmNXnr4Gi84sM_rB-LB1Cf3TjG12JPNcwiCSY8DQ_wLzYzq2J8tlMDInxoKwmqhRV_r0sTSx0_pq4c1WbYO-bwlL8zeSxPq6IG42NAKgGo0e1W_RMZXGO8Z-GP90xj4-cb0NHlF3-o__7RELbuP3G3rXe3h2403YtoKUhf1bl7h3kC9K6pek9gqhdrKOFtf7ZgAwMikxqg09rOSvfChaNa-DBok41fs1Zg-kXFWF3VTrkBkcUd8I6b29kv_OqSy3whYqcapafT8We5BT9vKUgu2Cqy73w_2C_GqV_SJJkYTBS9LRAy3NGJIcIYUwvg32_EUbDZtCHL9_HrIc-kBOTnN713cMfuGC8R-NrjkMxVgWeJLI174cu5-fji-9z12ZAgem5oXrMx4RVzOfYpu7uzDGuSEEXQy4ohJXqAaYJRa52AIlbB5AjDnNCOVUDNfQ83z9oPFZVmVJjYwVeMb9zq0sKpo_cyPGiWpju4v0Yrproe2_SLaaGjvPCZuDANtmLhy1OTplu17vLLzm3Kpo2T9id2-6VyNaAHGNgPELZjoPLzo8tq-jgM-UKucqNgJmoeWso2kVU_jFJMzSrZb4avEHT8uuZ21fljnVl9cwCH8FCR47atxMgA_TX85H0ziaHIPiczc4e5m3wbnzUbFUiT9p-c_t432RWLWoNz_d8E548eb8t0CNV6u5O81RNwze5qZ-7tTddj4n4ql-pvm0-Q1f78lW4vS0a_oPpBK0m_0aszlZacx0BEQvXauaiG5wc_azHFdkTjGcOXLNj7CZo3W588NuY7ieUj2FXhC6KQZWXWBClKV7Dan9u7aRF2nnFLZvogFtFtuMEW1h2Vy82ZHSYRI2C9oyvo4bxzCNnXr9jCn5_0IA2UVZJXQnK2aNOAinQ4AAEWw7Y0JstRrWgffaUHz5upr3YurqLId58F2xpy-FlK-wdbKqOHb6BaoJgQxBBY6us1Bxj3N0IwFXHD8j8M-wDxIeADgAVo3BzHhg_VdF8EmrYYIaP9OoBt_hUtAgHNeR_uN46ni30QXe3aHU1ylhvZYE5QoG4lv3adPaVVAZkI0BJd0jalmzIT25O9GvS3rcGyuUM0PUgXgexYlHKJebsQxgvjfwfwbcxvnsTQMSRmba7jvN2um2NtyDuHjWn5aOkeg3UJkrrCxjduS66ebN9Nlap8f75nuWFdNUp_f3KNDkExj6-pJPiawgs9dTvwbdzVx9W10C_LkOHjL35-2i5Vkd0PtCxjZEMn2qZe_n_vmRRFOxloxXIS0nz-5HLYtCUfjes5D0utqUXM7d6RPo8O_RrJRga_gZJcFtPV3bQRMRcnRw8XLbYNrHKls9HCDZBdP8tBLSulETltlNHYxInlej_ec0QavcwQsq1BPLawRf7K_t-6045AKJYlyhvnw4sMEryxP4BciE39929XnFo6_Znvglhkz-7wW9hr-sg-MqAyoTHwRk_9_wuJvrhHVO5xcEi1d7Yatcy4s7IFy64bsDJZyCfqMGaj2BLxVdiJNZ6-eYciqiPFgxN94LlVh6jcw1L1yMnufNe9Qx_SnXSeaZIc-lkJuKaOPuiyjOd5-oAv0Cq0_JVGd7gn-rG_4lo0_b47tYxhzjZSQQXImdQ3EiL_sMPaeAEiUuy1-0BkM7wENyzqO7yeLDcdg2QfXEi_OTviuWwPgmSPXNA2SThnyJzLiH9EA-DaHOm32tV6yEwjlBicSUff3lE_r-ZSwOZGF-OR19K7VE13bmBGWnVBx85TwtSjknPf7EWulzZYFlqGNgeZ-dY_ijcMDwqbz--PjkWU_nzOvSzLDNiLRNiwD9mSM1-3z_7gVoIz_uEIc-iJQJHrIKrz132Bp8eqBJbrNGPSnX9-Nv0psa6KrEuIIwwhHmv15itfRZByzxCgtCgfgxhRfqrPJSD3cFZ8IPTQcQcUBWeLU8AujT-s3qlYTtjbdZ0THFUUxerSjVKOoxj_G62v8POeZulW22LpPBSkfdbf2zTQXbn5D3pFuMB4Qp9USqkMHdowRt7Griy9-rRfdsre64Hb5iFGFeoJANX1N7hZ-SSXV7ccs52jw_VW-IuhCiX07OeNcyZe0WLKRzPhT-vIhYDgN6neuof9HzCrXGIVlHS1rtS5hU90mc5B-_plfP6dZY1vt5l7y6hZ54S1QyIbOu4hHX4TKvPROZKxBzUMDzF3ZyOi3vQ2j6NVipEtnYUklfM60F_EsKFJBYQC_2p7tvaxGQIPpeHt8nfFELTLhE7ckIMMznIlQWMqcdWG68r0cIHYvsfBc03AGUL9GHcUkUCulW1C8_IXg4myWqgO-gCcwSdLaA1AErOAIK0heEWDPWdoS9xa83D5T_Gox-qsLU9E3ai9nL2r3bQhI7-NXDcG24gLh8vLrtxd6DaGKCgOFIxTfHhIxSSBkEIgBpzhGSFHfFEET9EdBpqa3ndbjjndW09cxPvXCCg_uGcdUC-M1jMqgw0yoAQxR5S6Ut1lbZoM9MQnb5GcYl-XexivJ0kFqTKMqpY8kkqneiaq0WQHR0UyqYZ3JAV12I5bMNZaauvKcl1vF2Yhf7UJrch55nTz_Pd00Z3BC7b8no&cid=CAASJ-Ro7GZKgAYrjpfP2fqNYCGngy4gHgANwhOol9NoG9sl12w2AAqJFQ&rfl=1%2Chttps%253A%252F%252Fajuda.serasa.com.br%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

689b3cc5dc2dbb83bbde91077b0a1f69b2b767bc203010560643efbcce003be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16451
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DB7 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZLzKtOmMfA78FZ0sOCmXZ56DohL5ujrNX4068-pFKMbRqPpGlWTObWScdUgiJO3jR0jZsHmkrZuTCM-zWt6L2MOliDtcglcvbeVMjsGVAKgewZfI

Requested by

Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 5DB7 35 KB
13 KB 591ms
41ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=RQuziQ==, md5=aEKpUkwBcgJ5WaD3yT+HcA==
date: Fri, 08 Apr 2022 11:39:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85683
x-guploader-uploadid: ADPycdsjbbGwoClAviClI_b-RVGsj419bRsgc2aQTBcPeuotIInjk03xCTJ5ZFya9lTCf2IXRkywzizAjOFu7NjVd8qPMQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 05 Apr 2022 11:51:07 GMT
server: cloudflare
etag: W/"6842a9524c0172027959a0f7c93f8770"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07O5YLnhRiUppT93PyLSEjDP4XOJ7Nrw6Wj3eN7UiJawDqMsN5UHGh0ezvzqmKmHeYXdSGZ47bzTyYRRKCOYSMAYf2odLRkysNpIg38jjjPJ3ammUeiut88moNAxhxa%2B%2FIaupvU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1649159467260020
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11886
cf-ray: 6f8ab8f969da59ad-MXP
expires: Thu, 07 Apr 2022 11:51:24 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 5DB7 3 KB
1 KB 54ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 11:38:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 5DB7 15 KB
6 KB 50ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:35:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 11:35:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5DB7 0
0 31ms
31ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQljov8Grps_sMv8lutJjVP8fYP8GVV74o4GrRTt5QnFSbNV-m0xuOiVF7OsEVLwLdVwyYkffSAq8KlE31MlajFK8KH8Q
Requested by: Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DB7 119 KB
36 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
URL: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 11:39:27 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A30A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF-a9yJhBIqQVoEzB9u7pmg&google_cver=1

43 B
114 B

23ms
22ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF-a9yJhBIqQVoEzB9u7pmg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCS6EoYrvOMbDAB&v=APEucNW_OlkRjtGkqK3pbDm9Er7i8lHTYeweXAhMRWJUT_AuASOzbWbZeNN6MD0GzIS_xtviP1Biso4DHwBSGfK7IPOQgoWIj7LPykdQ0QCT3rYCSRbVmfM3vNbRkxf33_TkCQS8Fkkvg7tgIIcUqsEuQdF0J_fVmgZ-JMY5lEqJJ4rrkrYPt1I
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:27 GMT
via: 1.1 google
server: OXGW/18.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF-a9yJhBIqQVoEzB9u7pmg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame A30A 43 B
305 B 57ms
24ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCS6EoYrvOMbDAB&v=APEucNW_OlkRjtGkqK3pbDm9Er7i8lHTYeweXAhMRWJUT_AuASOzbWbZeNN6MD0GzIS_xtviP1Biso4DHwBSGfK7IPOQgoWIj7LPykdQ0QCT3rYCSRbVmfM3vNbRkxf33_TkCQS8Fkkvg7tgIIcUqsEuQdF0J_fVmgZ-JMY5lEqJJ4rrkrYPt1I
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:27 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame A30A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEM8d3BcaAI5ifWMqDzIvBKk&google_cver=1

23 B
172 B

33ms
33ms

Image
image/gif

104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEM8d3BcaAI5ifWMqDzIvBKk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCS6EoYrvOMbDAB&v=APEucNW_OlkRjtGkqK3pbDm9Er7i8lHTYeweXAhMRWJUT_AuASOzbWbZeNN6MD0GzIS_xtviP1Biso4DHwBSGfK7IPOQgoWIj7LPykdQ0QCT3rYCSRbVmfM3vNbRkxf33_TkCQS8Fkkvg7tgIIcUqsEuQdF0J_fVmgZ-JMY5lEqJJ4rrkrYPt1I
Protocol: H2
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:27 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 08 Apr 2022 11:39:27 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEM8d3BcaAI5ifWMqDzIvBKk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame A30A 23 B
172 B 75ms
31ms Image
image/gif 104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCS6EoYrvOMbDAB&v=APEucNW_OlkRjtGkqK3pbDm9Er7i8lHTYeweXAhMRWJUT_AuASOzbWbZeNN6MD0GzIS_xtviP1Biso4DHwBSGfK7IPOQgoWIj7LPykdQ0QCT3rYCSRbVmfM3vNbRkxf33_TkCQS8Fkkvg7tgIIcUqsEuQdF0J_fVmgZ-JMY5lEqJJ4rrkrYPt1I
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:27 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 08 Apr 2022 11:39:27 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

ztpv.php Show response
www.conrad.de/ Frame 58E9
Redirect Chain

https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pv=1&pref1=46881300088464200383828011923004
https://www.zenaps.com/cshow.php?pvr=8bb3c390-b730-11ec-ba92-2231672bdcd1&v=11354&r=473322&q=371931&s=2470208&viewref=46881300088464200383828011923004&pv=1
https://www.conrad.de/ztpv.php?awc=11354_473322_1649417967_8bb3c390-b730-11ec-ba92-2231672bdcd1&insert=AW

0
731 B

181ms
116ms

Document
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.conrad.de/ztpv.php?awc=11354_473322_1649417967_8bb3c390-b730-11ec-ba92-2231672bdcd1&insert=AW

Requested by

Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=ab63a4ab67&subid=&uid=930642a09b4ee92c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fajuda.serasa.com.br%2F&ancestorOrigins=https%3A%2F%2Fajuda.serasa.com.br&random=720280380975&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 6f8ab8fa398c599b-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Apr 2022 11:39:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: -1
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
server: cloudflare
server-timing: intid;desc=c4c1f487d8928cf6
strict-transport-security: max-age=15552000
via: 1.1 varnish (Varnish/6.6)
x-varnish: 315180051

Redirect headers

Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0
Date: Fri, 08 Apr 2022 11:39:27 GMT
Location: https://www.conrad.de/ztpv.php?awc=11354_473322_1649417967_8bb3c390-b730-11ec-ba92-2231672bdcd1&insert=AW
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security: max-age=86400

GET
H/1.1

200
OK

view.aspx Show response
www.media01.eu/ Frame A0DD
Redirect Chain

https://www.awin1.com/cshow.php?s=2840015&v=20646&q=409071&r=473322&pv=1&pref1=46881300088464200383828011923004
https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_473322_1649417967_8bb7bb30-b730-11ec-956f-22655f6734d7&d...

0
904 B

56ms
19ms

Document
text/html

85.10.231.200
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_473322_1649417967_8bb7bb30-b730-11ec-956f-22655f6734d7&dt_mode=iframe&dt_url=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.10.231.200 Kassel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

85-10-231-200.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Apr 2022 11:39:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 08 Apr 2022 01:39:27 GMT
p3p: policyref="http://www.media01.eu/www.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0
Date: Fri, 08 Apr 2022 11:39:27 GMT
Location: https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_473322_1649417967_8bb7bb30-b730-11ec-956f-22655f6734d7&dt_mode=iframe&dt_url=
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK request_content.php Show response
ad4.ad-srv.net/ Frame AC98 4 KB
2 KB 33ms
11ms Document
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.ad-srv.net/request_content.php?s=46881300088464200383828011923004&a=4716afee
Requested by: Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=ab63a4ab67&subid=&uid=930642a09b4ee92c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fajuda.serasa.com.br%2F&ancestorOrigins=https%3A%2F%2Fajuda.serasa.com.br&random=720280380975&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: eb2b0a50c564803376dc26f10afa5d3c0efe0119b2870e17b8c3f384d625ed88

Request headers

Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1470
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Apr 2022 11:39:27 GMT
Expires: Fri, 08 Apr 2022 12:39:27 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 39FD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22d8603c17ab045451b17ad66d730c5c287a36f3956f96422c5941a64ff27710

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 5DB7 25 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8DTuhSau17PBewjnopu1JNvJmGCpJHC9bFTyBBTP333FBZMGL_3euttaSzRJcE7roiuwBvOpUEUBDyx_ez-BIaLqVL3MQGc4P6pUe7YtuTmikpH6MWOVTqFOlE98ySKLGWkdVLtIsm-SEyp2HS5PLT0ozdA&cry=1&dbm_d=AKAmf-C4waMK4OXoA3EZaeDtoY0m0zdQtjLNx9j7ccXofjesSBsx8IY1NxhhCbsGRp8OMuc8Rjpp10Rt419H0r51QNN4RjRW_wC_WfHDEDbyF4K6i3E6hb_kuPWFyKg1w9UamPHPIOgOYnpnkQ4W2URNdyJN1XcCF-rrL_OijInBhLUmsxS3tbQEWPF__s4-Bc8dbhuud19ikW8g0H9X5rMKGq3Q3wbW5XNIUbuLDP6gRoPH7BKqP1pwNRTzVx4p1_qBgrPmMTfEEw2DYpLQFIAT0CbJ9CB1bsq31K8XVEvQYsnZnWcFQ6RVG7rla8d05ddpIRQdhpDAA3yl2KGHPELjIuo-hbU3MD_wliM38s7kxzru0veUKUA__S6boZOOZQPI9U1nqS3Gui089DQxPn669kB4TdYpbQO8ZSdLCcFq0dcd3Lutq12PhdTJC7EjMtpWOh_QldIUFA5mKCGygBmqRLtLfazC2mdch0g0GTiI6oDLVy26MR-V8j5dGJFQdYmeXv9T6McrFY6FpnoFTOsbJkQh-U5zABATkjeRTmAkxZrUFWMOyR1Ya0TzRf5nWO2wRmgE00PKPNhEBSne7n4GZoRfS0Bjiy8jzhrtg7kfnZTnzJZHQKvrM-JPat8mcnwF3ldl3HaalnWNeiFf0H52NpKRGFMIppYZ5u5eX1Vdgmj8xiL97cDzKgCg4h-a0VsMLGHHRLQcmQn8obQzvzXp8rBUtLs1e1OV4cbvOQ6TMPC3wBcYHYSY1jUh-AoQciHymqhlNfCZ-QFtUO6U5hgHxKs6egxY8QGVS9Jx8siKz3W8b11iIAYRZP66F9F2LtT7Ri7JK_hI8hMT-vcxM8Bt_3e4wY5jNLpw6156wVsFGdh41OhXGza2j4Gu79_j7gPIwLdIOGeq4rsGz_rY8Zm6tmvusBdsbj9a-xUKCsQuyonNm-o1sLAG2xjuS12WMle17Q2dHKx6Cjcbeg0FZ6wqMK7hRgJlOBN3afhkJiRuBikTja0h2d7-gpRR65kpPJXmY78ejurPi2khVHA450ixUyWAz-Rk-vcmXOdLZmUobBg1UP3chl859r33CEZ7givtF57045rJplnNC1keLj9kmNXnr4Gi84sM_rB-LB1Cf3TjG12JPNcwiCSY8DQ_wLzYzq2J8tlMDInxoKwmqhRV_r0sTSx0_pq4c1WbYO-bwlL8zeSxPq6IG42NAKgGo0e1W_RMZXGO8Z-GP90xj4-cb0NHlF3-o__7RELbuP3G3rXe3h2403YtoKUhf1bl7h3kC9K6pek9gqhdrKOFtf7ZgAwMikxqg09rOSvfChaNa-DBok41fs1Zg-kXFWF3VTrkBkcUd8I6b29kv_OqSy3whYqcapafT8We5BT9vKUgu2Cqy73w_2C_GqV_SJJkYTBS9LRAy3NGJIcIYUwvg32_EUbDZtCHL9_HrIc-kBOTnN713cMfuGC8R-NrjkMxVgWeJLI174cu5-fji-9z12ZAgem5oXrMx4RVzOfYpu7uzDGuSEEXQy4ohJXqAaYJRa52AIlbB5AjDnNCOVUDNfQ83z9oPFZVmVJjYwVeMb9zq0sKpo_cyPGiWpju4v0Yrproe2_SLaaGjvPCZuDANtmLhy1OTplu17vLLzm3Kpo2T9id2-6VyNaAHGNgPELZjoPLzo8tq-jgM-UKucqNgJmoeWso2kVU_jFJMzSrZb4avEHT8uuZ21fljnVl9cwCH8FCR47atxMgA_TX85H0ziaHIPiczc4e5m3wbnzUbFUiT9p-c_t432RWLWoNz_d8E548eb8t0CNV6u5O81RNwze5qZ-7tTddj4n4ql-pvm0-Q1f78lW4vS0a_oPpBK0m_0aszlZacx0BEQvXauaiG5wc_azHFdkTjGcOXLNj7CZo3W588NuY7ieUj2FXhC6KQZWXWBClKV7Dan9u7aRF2nnFLZvogFtFtuMEW1h2Vy82ZHSYRI2C9oyvo4bxzCNnXr9jCn5_0IA2UVZJXQnK2aNOAinQ4AAEWw7Y0JstRrWgffaUHz5upr3YurqLId58F2xpy-FlK-wdbKqOHb6BaoJgQxBBY6us1Bxj3N0IwFXHD8j8M-wDxIeADgAVo3BzHhg_VdF8EmrYYIaP9OoBt_hUtAgHNeR_uN46ni30QXe3aHU1ylhvZYE5QoG4lv3adPaVVAZkI0BJd0jalmzIT25O9GvS3rcGyuUM0PUgXgexYlHKJebsQxgvjfwfwbcxvnsTQMSRmba7jvN2um2NtyDuHjWn5aOkeg3UJkrrCxjduS66ebN9Nlap8f75nuWFdNUp_f3KNDkExj6-pJPiawgs9dTvwbdzVx9W10C_LkOHjL35-2i5Vkd0PtCxjZEMn2qZe_n_vmRRFOxloxXIS0nz-5HLYtCUfjes5D0utqUXM7d6RPo8O_RrJRga_gZJcFtPV3bQRMRcnRw8XLbYNrHKls9HCDZBdP8tBLSulETltlNHYxInlej_ec0QavcwQsq1BPLawRf7K_t-6045AKJYlyhvnw4sMEryxP4BciE39929XnFo6_Znvglhkz-7wW9hr-sg-MqAyoTHwRk_9_wuJvrhHVO5xcEi1d7Yatcy4s7IFy64bsDJZyCfqMGaj2BLxVdiJNZ6-eYciqiPFgxN94LlVh6jcw1L1yMnufNe9Qx_SnXSeaZIc-lkJuKaOPuiyjOd5-oAv0Cq0_JVGd7gn-rG_4lo0_b47tYxhzjZSQQXImdQ3EiL_sMPaeAEiUuy1-0BkM7wENyzqO7yeLDcdg2QfXEi_OTviuWwPgmSPXNA2SThnyJzLiH9EA-DaHOm32tV6yEwjlBicSUff3lE_r-ZSwOZGF-OR19K7VE13bmBGWnVBx85TwtSjknPf7EWulzZYFlqGNgeZ-dY_ijcMDwqbz--PjkWU_nzOvSzLDNiLRNiwD9mSM1-3z_7gVoIz_uEIc-iJQJHrIKrz132Bp8eqBJbrNGPSnX9-Nv0psa6KrEuIIwwhHmv15itfRZByzxCgtCgfgxhRfqrPJSD3cFZ8IPTQcQcUBWeLU8AujT-s3qlYTtjbdZ0THFUUxerSjVKOoxj_G62v8POeZulW22LpPBSkfdbf2zTQXbn5D3pFuMB4Qp9USqkMHdowRt7Griy9-rRfdsre64Hb5iFGFeoJANX1N7hZ-SSXV7ccs52jw_VW-IuhCiX07OeNcyZe0WLKRzPhT-vIhYDgN6neuof9HzCrXGIVlHS1rtS5hU90mc5B-_plfP6dZY1vt5l7y6hZ54S1QyIbOu4hHX4TKvPROZKxBzUMDzF3ZyOi3vQ2j6NVipEtnYUklfM60F_EsKFJBYQC_2p7tvaxGQIPpeHt8nfFELTLhE7ckIMMznIlQWMqcdWG68r0cIHYvsfBc03AGUL9GHcUkUCulW1C8_IXg4myWqgO-gCcwSdLaA1AErOAIK0heEWDPWdoS9xa83D5T_Gox-qsLU9E3ai9nL2r3bQhI7-NXDcG24gLh8vLrtxd6DaGKCgOFIxTfHhIxSSBkEIgBpzhGSFHfFEET9EdBpqa3ndbjjndW09cxPvXCCg_uGcdUC-M1jMqgw0yoAQxR5S6Ut1lbZoM9MQnb5GcYl-XexivJ0kFqTKMqpY8kkqneiaq0WQHR0UyqYZ3JAV12I5bMNZaauvKcl1vF2Yhf7UJrch55nTz_Pd00Z3BC7b8no&cid=CAASJ-Ro7GZKgAYrjpfP2fqNYCGngy4gHgANwhOol9NoG9sl12w2AAqJFQ&rfl=1%2Chttps%253A%252F%252Fajuda.serasa.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9790
x-xss-protection: 0
server: cafe
etag: 8169034061967891973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 11:37:23 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5DB7 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 20:04:01 GMT

GET
H2

200

boschaktion_234x60
asset.conrad.com/media10/isa/160267/c1/-/de/ Frame AC98
Redirect Chain

https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pref1=46881300088464200383828011923004
https://www.zenaps.com/cshow.php?pvr=8bb8a590-b730-11ec-956f-22655f6734d7&v=11354&r=473322&q=371931&s=2470208&viewref=46881300088464200383828011923004
https://asset.conrad.com/media10/isa/160267/c1/-/de/boschaktion_234x60?format=gif

22 KB
22 KB

78ms
7ms

Image
image/gif

178.79.242.245
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.conrad.com/media10/isa/160267/c1/-/de/boschaktion_234x60?format=gif

Requested by

Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=46881300088464200383828011923004&a=4716afee

Protocol

Server

178.79.242.245 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-242-245.fra.llnw.net

Software

Cliplister GmbH /

Resource Hash

c195a2b46a2566d4f7c6bb1baf2e94ff9414e6bf5bdd5d19842c1c5aaa619f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad4.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
etag: "62457b78-57d6"
last-modified: Thu, 31 Mar 2022 09:59:20 GMT
server: Cliplister GmbH
age: 5681
date: Fri, 08 Apr 2022 11:39:27 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=172800
x-server: c20
reporting: eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjc1MnROaEluM3kwSThOTU9TdnQ4dUk4QVQiLCJ1dWlkIjoiMmQ2MWRmMTVmNDgxNDUxNDhkZDI4ZGU2Mjk4NzI1MTUiLCJhc3NldHR5cGUiOiJwaWN0dXJlIn0=
x-llid: 891383e457a0c66e86d9f0c70915cd69
content-length: 22486
accept-ranges: bytes
expires: Sun, 10 Apr 2022 10:04:46 GMT

Redirect headers

Date: Fri, 08 Apr 2022 11:39:27 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://asset.conrad.com/media10/isa/160267/c1/-/de/boschaktion_234x60?format=gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 69250fcfc588cf5d8ffbc24dca91a6f6 Show response
pv.medialead.de/trck/epv/ Frame AC98 959 B
1 KB 151ms
96ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/69250fcfc588cf5d8ffbc24dca91a6f6?subid=46881300088464200383828011923004&ctrack=https%3A%2F%2Fad4.ad-srv.net%2Fc%2Fcwct2vhunfhbsl5%3Ftprde%3D

Requested by

Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=46881300088464200383828011923004&a=4716afee

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

cc6f3ef6a5dcd4d93ef80a2a9762bdbb8f43e52f286e3212f81ae247a97e00e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad4.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 11:39:27 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: C11B0E14:DA18_91EFC182:01BB_62501EEF_1AE8191A:F723
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript; charset=utf-8
Cache-control: private
Keep-Alive: timeout=20
Content-Length: 959
Proxy-Host: pv.medialead.de

GET
H/1.1

200
OK

stihl_affiliate_werbemittel_usp_234x60.gif
cdn.ad-sun.de/STIHL/Werbemittel/Homepage/ Frame AC98
Redirect Chain

https://www.awin1.com/cshow.php?s=2869893&v=20646&q=411817&r=473322&pref1=46881300088464200383828011923004
https://cdn.ad-sun.de/STIHL/Werbemittel/Homepage/stihl_affiliate_werbemittel_usp_234x60.gif

13 KB
14 KB

342ms
15ms

Image
image/gif

164.132.182.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ad-sun.de/STIHL/Werbemittel/Homepage/stihl_affiliate_werbemittel_usp_234x60.gif
Requested by: Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=46881300088464200383828011923004&a=4716afee
Protocol: HTTP/1.1
Server: 164.132.182.207 , France, ASN16276 (OVH, FR),
Reverse DNS: ip207.ip-164-132-182.eu
Software: Apache /
Resource Hash: c7262812eaf9126567d8c4cd219a595f4087c8acbd37a4df57a6377d69a95f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad4.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 11:39:27 GMT
Last-Modified: Thu, 20 May 2021 10:30:27 GMT
Server: Apache
ETag: "3577-5c2c06e80debc"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13687

Redirect headers

Date: Fri, 08 Apr 2022 11:39:27 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://cdn.ad-sun.de/STIHL/Werbemittel/Homepage/stihl_affiliate_werbemittel_usp_234x60.gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 4 KB
4 KB 57ms
28ms Image
image/gif 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ajax-loader.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3687932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3208
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-1052"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOe38T6WtAOBqj4CP3aw3Ua9giqPVYdQAdB0y9fqb4I%2BST%2B%2FLlTgvEpYbXmDXr7LDluMtdXEEHytRA0ZjbgzC8K3%2F686pN5VKh337Vrx8ZBHwJ%2FPQ1uXx5x5dnEOuGwqKGmC8Cl4nGmmkeeUrY0KP2nV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f8ab8f6ded60e1e-MXP
expires: Wed, 29 Mar 2023 11:39:27 GMT

GET
H2 200 423b2a2f27be647a532fe57e1fc052e93c5bce98.png
theme.zdassets.com/theme_assets/2029595/ 2 KB
3 KB 650ms
650ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/423b2a2f27be647a532fe57e1fc052e93c5bce98.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5233929039629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127f03b6729e14e0ed48502ac5cb34ea1b858594f47dea8ea39e24034ec9f756

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:27 GMT
via: 1.1 e0aa94490518a16fb0034508d4ae8a60.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 2339
last-modified: Wed, 03 Mar 2021 02:58:37 GMT
server: cloudflare
etag: "0571c549a0293cb5a17dd928d2973982"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQDLm8iaVhkpSOuFU78HQXF6vWeFwYuxMTHP9jhyxsTdKOP3bSLeKQlJovb4IdUK7kE80JIioSxvdZKbfVpbf6UoqFXpBtt2fSiO7%2BA6N%2FhX47%2FYH5jiLInRKmQNCSDcKtxPNw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: _vw06X4Zp2pqcmvcQT9dSe0eQSUbp06y
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6f8ab8f6a81199d9-CDG
x-amz-cf-id: 7gJKZd8pZ4347KS1hnrTIKthZEcrsxQca5KFBa_00RNEdBcVgQXa_w==

GET
H2 200 1d3dfd3e88566f7b1c6dbbb0df09f85236327821.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
3 KB 58ms
57ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/1d3dfd3e88566f7b1c6dbbb0df09f85236327821.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5233929039629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48a7dafc3dc6e75c331de0c900aedfa5fc0f245ecdd9ef3db24c08f4667a59c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:27 GMT
via: 1.1 c910b8c55aaa61323d46558eaf519fe4.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG3-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 2724
last-modified: Wed, 03 Mar 2021 02:12:21 GMT
server: cloudflare
etag: "5f64035063ade89cbe2fa9b46e1a11b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=he8xI05bIBWJ59pfl8MhleOpR%2B4kR6MCTSv9ONfR2X8WoHAy9EFI5HG%2FRbCSIWm4ZeJ9h7hvFgDitQdQa%2FcxsDjT96tI8VPS%2FY%2FaP8%2BpK23QMxLhk4FkoCb7X2WppFT9p8ipug%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: zQQXfGXKDb2LHBKSq2C9XKK1.2vHsF9W
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6f8ab8f6a81899d9-CDG
x-amz-cf-id: 5uiB8cPLBhn75R6RICqEYqRkdOH9qgieN0Z_u9O2Zp1tiCcuWQqxnQ==

GET
H2 200 674efaec9bd1854e446f5deb1e416e5d35afe155.png
theme.zdassets.com/theme_assets/2029595/ 3 KB
4 KB 663ms
663ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/2029595/674efaec9bd1854e446f5deb1e416e5d35afe155.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/2029595/114094504791/style.css?digest=5233929039629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8e6d6bbf0a18dbc3bc9e0ebf9854ca1342401af1117b9c493758a86286751a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p13.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:27 GMT
via: 1.1 7526a0b7bfa848d05d560d12a314a7c8.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG3-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
access-control-allow-methods: HEAD, GET
strict-transport-security: max-age=0
content-length: 3023
last-modified: Wed, 03 Mar 2021 02:15:39 GMT
server: cloudflare
etag: "9214ef5b6821e5a8fa2838a4b9afcf99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FpsN3g2%2Bd%2Fq1CZlzzMddRroJ67u5ewDVb5wfkWxhSi11Cuvuj%2FjtRj0Z4py19j02knl3pq%2BXGW58cvsZuZOg3jeqqWqbf5CH1jgUZL53g%2F9WtkWD2HVppzoqHQXZ3P695QMeA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: fShspVxKrAJcbyZSKEw2w7PhqLqCd1lV
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6f8ab8f6a81999d9-CDG
x-amz-cf-id: YsG6nlylJOilW7OL7vhpje6hF34odvNfBAXTDZQVzbRWN6mpUAr_fQ==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 95A4 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 142526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 20:04:01 GMT
expires: Thu, 06 Apr 2023 20:04:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
ad4.ad-srv.net/ Frame AC98 0
150 B 39ms
12ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.ad-srv.net/viewability?s=46881300088464200383828011923004&a=a382bb58&vb=m
Requested by: Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=46881300088464200383828011923004&a=4716afee
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad4.ad-srv.net/request_content.php?s=46881300088464200383828011923004&a=4716afee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 11:39:27 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK triple_layout3_animiert.gif
cdn.contentspread.net/kupona/creatives/ Frame AC98 8 KB
9 KB 425ms
12ms Image
image/gif 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/kupona/creatives/triple_layout3_animiert.gif
Requested by: Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=46881300088464200383828011923004&a=4716afee
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Rheinfelden, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 5d8e1362d3d67ed6e74c3104f3ab8609d179081387ea36e71940914a86350f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad4.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 11:39:27 GMT
Last-Modified: Fri, 27 May 2011 12:36:57 GMT
Server: nginx
ETag: "4ddf9ae9-21b3"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 8627

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2AA4 22 KB
8 KB 11ms
11ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 142526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 20:04:01 GMT
expires: Thu, 06 Apr 2023 20:04:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js Show response
pagead2.googlesyndication.com/bg/ Frame 95A4 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 10:30:24 GMT

GET
H2 200 view.aspx Show response
pb.media01.eu/ Frame 3870 0
629 B 61ms
24ms Document
text/html 88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50099&dt_subid2=46881300088464200383828011923004&actionid=981741&produktid=&dt_url=

Requested by

Host: pv.medialead.de
URL: https://pv.medialead.de/trck/epv/69250fcfc588cf5d8ffbc24dca91a6f6?subid=46881300088464200383828011923004&ctrack=https%3A%2F%2Fad4.ad-srv.net%2Fc%2Fcwct2vhunfhbsl5%3Ftprde%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ad4.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Apr 2022 11:39:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 08 Apr 2022 01:39:27 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK pb_ratenkredit_234x60.gif
ad-server.eu/wm/pb/rate/aktion/ Frame AC98 12 KB
12 KB 356ms
32ms Image
image/gif 54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_234x60.gif
Requested by: Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=46881300088464200383828011923004&a=4716afee
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: a8128a12543e5c8871a4c26ed1aec5db7c0621f30fea1d478d179c501f42daf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad4.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 11:44:50 GMT
Last-Modified: Tue, 22 Feb 2022 10:16:30 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "6214b7fe-2ff7"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12279

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FBF9 42 B
64 B 43ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuevBoATm6xAQoOI8F_j6e0u7GGqaOXZxXhv_nqEkXt8dYa3iMOQWLbBd1enP0NY7bpGtYYdcLaIhQiYJKytzozhD7F5DuAij5b_XbNhAbaDPcacRRI7Q&sai=AMfl-YRBSDli_C0Uv8mzGOziRSIeqUdr2FzokjEmVajDIrq9Vt7JCRwSISriv-cqrTiaT6YmFWmTbnw43gUHtOaGAOqP6CqJ8Glf1rs2wdkWFAJ5ngoHFlles1jErfY6uq3o&sig=Cg0ArKJSzOa05NXjEzODEAE&id=ampim&o=315,309&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=185&tls=1185&g=100&h=100&tt=1185&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3968775647

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AA4 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 10:30:24 GMT

GET
DATA 200
OK truncated
/ Frame 5DB7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d194cd43f565219c86572b0283450dc9fa860a53d3ccf3569c694e17134e127c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame 4927 2 KB
2 KB 56ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 99049
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 6f8ab8fa7b56375b-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 08 Apr 2022 11:39:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 08 Apr 2022 12:39:27 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Gxjbw4iCbo%2BTyC%2BEbWAG0EWo9pTCyNMRhpTdMTxl6VPJApe%2BnMkKEBOKbZiJVRZcF0WImKXH3xvZBFpS1ZO%2BdIa7tK85alKYfqlI%2FeTeJuoA9K0JXWAyqt9%2FRwrZZ1EBhD5zkw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycdv52_NJo-ZIB-AMR2rAqp0FkTFwSccsR0cj1uP_MRM6lKNAP7hz0_LBrBX9l5Ll24BdZdJYkDz3DM5wszYbADxFVddfo7tS

GET
H/1.1 200
OK cta_icon.png
agentcore.s3.amazonaws.com/production/assets/ 3 KB
4 KB 108ms
107ms Image
image/png 52.217.14.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agentcore.s3.amazonaws.com/production/assets/cta_icon.png
Requested by: Host: ajuda.serasa.com.br
URL: https://ajuda.serasa.com.br/hc/pt-br/articles/360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%C3%A1-lo-Alerta-Provis%C3%B3rio?cm_ven=ExactTarget&cm_cat=EM_LNO_BAU_ABRIL&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fajuda.serasa.com.br%2fhc%2fpt-br%2farticles%2f360012553371--Acho-que-perdi-meu-documento-ou-cheque-mas-logo-vou-encontr%25C3%25A1-lo-Alerta-Provis%25C3%25B3rio&cm_ainfo=&&&&&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.14.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe9000c6bb9ceb2b14e71f018a2dbed0ac8d3b572b2a932ba5f216841c3d6faf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 11:39:28 GMT
Last-Modified: Thu, 22 Mar 2018 18:03:40 GMT
Server: AmazonS3
x-amz-request-id: BYMCQ09PQN5TQ0XH
ETag: "c595c26dd8a406dbc990dce963f42abb"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 3427
x-amz-id-2: qSMyYk6TTjc/rRz/0TmkvtAtDv4OdgUNEB+qpUCXF48Pvn3xSvnrGCVoKXo6yCPTwcOyQwZwK0Q=

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 16 KB
16 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ajuda.serasa.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 22:49:09 GMT
x-content-type-options: nosniff
age: 219018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16712
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:06:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 22:49:09 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 48ms
23ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040401&st=env

Requested by

Host: cdn.agentbot.net
URL: https://cdn.agentbot.net/core/latest/core.js?djMuNi42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684a604e1aaf541f40b66886cd035d2a32400ca362bfe9e2a463b165bf909af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 11:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10432
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 95A4 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHs2s7h5QYrjcL4Dh7_UPueaYuAkAAAAAOAHgBAI&bg=!xcalxoLNAAZAkm7qYJI7ACkAdvg8WoAMP0ch9AG1Lk7MTqbPycxtJzbNmgOm9g0sUBcreimcLFdvFAIAAAFSUgAAAAJoAQcKAJZcJEAff5RjIdVUuCyfSqMYMYXQ7XAIqVg8J2JbI1-4xVfr8I_xeDmR5wSQIsn4gnFsHa_Qpe63k_TdkbHTgAwA7nmHRhg7FwVvnE_d-UrgVsGJR_XwI47qVyRay_lxrOkUlbc_z94AGT9K1kkOPEuGM9cZ0QVKqYhinyuHw3iozXdDkoUbAC_fl7thdi98LX1B6in-PqSZAuVcHmVJ-6VDw4rUnXUGHpe8DsnQSKFw7L3kWQ50dDANiAhf8jMj3mfTy91rTrC3zdLAdquTdh3dk85HN9iRM4zP545NflG29z4dC8h2spuBQO9HoFNoYeDuEGWK3glkQpe6oXnA4tlps2N6MJW3DD8XBshKbBuj0mw8-2y7Pcp60CfNdSVQpvznp0H8ZhE6QSXVZeDuSJt0ZkgJOp2QikUJI3sz-sLDtDEj-PKg1iM-cipVP8WLR1UaAtIOSysM5NMehpl8jsZjLKHkQ7WIMxPtOCNsNR7mXWQp8Y2bzC3Dt2vqMgsIjbRBA2wT3iRYr2HS0xlnxMVKZBs5z0l6rgRkvwi4CbXPIH-WILj2cb_CEa065cedtXeLlALeicddOnJ_Spky5FvLxf-BFxPzM0A90s2acAe2UDDEjOsJ1XJfm4SE8qXgDfBgX1WqrbdX6nHEC-5sEUnli06drkjCQpN6f3Ju1FELHkdOCSi_gxNoHCImFfBcuIXEJy7_xIFyP79uk3xysC0sCD1ctqB3mcFRWTItBR9QVtemj3vY5-3SiQdEBDsDGMRz0hLpSodsPdHHI4pI3FOmQUrW1_k9cx3GUeDdzTwfvTD02GiOq81vaDYFJNfsvKpqXu_uV-cJuid45u4V3yeTImbGqNu7EoIxND1cBgNv6VIu175R0hkzUCHqgFkTNaqVkHujlrJn47Jr-0Uxv1SlYHyi6SfCe_Bia1-PUNSqT-rBFTa7wiPx4WIDRN0PDFk8s-u9Dx38oPtFV2Xk_D7tMTNqprWjjaEmIjTiDpF7qtaA52UsOH8mqeVvk7R9IQVvqsk2fP8X-SoGaxz886OvGKqpPJj8Dzg0Vd8LUplorOqJLxyfJCUdXl_WjbRq0QI8r6Mr8rQzCmc5A7B1sa_ZbbjMeAmMdBKn0S8p4CRyd8LZasGxN5AvMg9r1OHPRBQ2iMrEkOhWsnFt67eeqc2FAB_2FqGwtTyOYcSmmNM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 5DB7 2 KB
2 KB 90ms
90ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ca3928b40e5e5b4a68a8f9ec18e9155b069196d219e7c49f2998caf41ecdd25

Request headers

Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6f8ab8fc9bef83a3-MXP
date: Fri, 08 Apr 2022 11:39:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDZg7AWFmJQXM6J45vx5Qr79NKY0%2FBQEIEg0dkc%2BmM34ZwElgWbj5MR1nJmK0XxxkDwrRu3vgDkLOtlcXgdV5R5PPo%2B9jxWWO9t00%2FQbH4dZePcttzUbP5UmMf02IPbhUfygoQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-66nv

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 120ms
96ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6f8ab8fbfa2483a3-MXP
content-length: 24
content-type: text/plain
date: Fri, 08 Apr 2022 11:39:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZerFAuD6GioPg%2Fcg0FyDG81Y7%2FEBq%2FjmDd2k0%2BqLoDGu6O2m1pe9zAtB%2FKxKEonKN0k88Qm5slln46Y8lT9MBV7uzoq0XI6uxG%2FY9klOOrEdo50Xk5JOVLQjTd5rUCPcrRDIEQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-66nv

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AA4 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_hXJ7x5QYru_Apaq3wPOsreADgAAAAA4AeAEAg&bg=!bW6lbirNAAZAkm7qYJI7ACkAdvg8WqSGPUBekjaCMo-C6AM7xYc-wu614rIz2iV6tLbjOBWiJqv9bQIAAAFQUgAAAAloAQcKAGE6bk7VWd5H54jkHq8HaMGX2gWbUcICdwYIJTEFP5H8KnqVzsUgPr24DLGA0M7h4Mk2r308mJLB2Wxk0WGx6tv0AYk0XbxCrCqG8o4PxboD9BfeI2o8OSVhzD1SBl2k-kTemQLnaMPxNxovq5tPMd21F1YqnOGcXdTS82jaHjrcbPdB8IzhNwJfte6KiokA7aauheEoy7-2HbmXSnKUvh3HAu9Urx8uT1o6LTF5jr9In7Qqea5dnfAc5FDtlFTtQj9HAVn2zhJJtlAmN1Zc9aNIr6CN3Rovjg5Dj3q0ravcIdR7sBAtJTqZtayXeW3LtwORTAFCIXHqPcVwP4MzmW04U88xM4-83upkfZ-netWlepf4tyl_v8-ApHYQsM-PM1jAx6GgLCOOWgrzZZmd0icEnHCDhRASkJOYk9fUdUf8Z-y6tVGXSXMpX6T4Dew-tnKHKb0wP2zMs1ws6F91-y1GU8jGf6-6K6-FiskoKmPaolpOuviFQEVe8kydKcZ7IdrjxUL6JkEiSKZVgqT1bdKPRsLD26_CUU297oLtwIhqloMQG-2DHcZPYgTCJhFT8-u4DJzwb_f9SLuCnwr7cdfMlSGqrStZ10-8TtYq6R4f1UnRVqgV0RafUFJNDL-6HX2EM1hlJIdFkajYsijwH-0xVJHos4DCws93fGvf1Za48MZN9kOQO3poLVMKg-y2SnUAn0_ra0CAyhhAFSFz-Zo8lGr9kwHt7I3nwWrJIsDSS4AhYP_HATFdWDmFwlANYmEqMokSYdLd9FzyHLFugzUIPW84KlNQjIoIGbgXOnMBtpiFmzrqEn3RXCJqC06yTo4IfkOEABwzJms-vI4oNDIKxe7BWUtVl60wv1_pFrGPm9Dn1ew7JpuFLU0ETiBuhItPBHPZWK_7km9oaJnGHWh8iQOuJ6IGNc9uT9WJrT0s1dguuPHhaqVD8ijkjWivOHY8OUmRGKFr72re875TF-M71lfuhIKFPcE93GwHsLStFeNe29iP2mUnlTy6JD94bR_E4xTqwPbYekvkd87eexiovY5yYitKk7IkznFfmhFg5I4DcKl3ePj0lp8omEM_ILglwSml5ttz-HzwjCeGqMbEBylnmipNPPc-yv4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 11:39:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0A9C 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ajuda.serasa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 10:58:02 GMT
expires: Sat, 08 Apr 2023 10:58:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1A14 783 B
535 B 19ms
18ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bea04035a2c0c5735c5afc55beb6ffc3d50b3d3054984c75343c7a8de2436dd0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iI3MF0quKKLfH3cyZfL08w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ajuda.serasa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-iI3MF0quKKLfH3cyZfL08w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 11:39:28 GMT
expires: Fri, 08 Apr 2022 11:39:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A9C 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 10:30:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1A14 0
0 55ms
54ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040401&jk=3878864729388047&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 39FD 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXYvvOHlFpSk85fjQ25ZdCIb6AnUiZJXcJo-7X9b_halORnAzpwnuQ1HxH-i-sj1aIEBHroXGyaGxwgxitZW0XZSvhNJKUTDmrklC4&sai=AMfl-YSNQl5T8pOytMiOMstHgWAW-6b-b1srF4fUMub4MLaszaIwXC7AO4QHweIq8KL1j0wezTV9Ap4M7KiMQ3xyys72LC2723S3eRF6e5g1Bt9Y02MzPn3Bu5orj_tzrqo&sig=Cg0ArKJSzJlLyhosnUFHEAE&cid=CAASJ-Rowhm4n0OxK3zbtA4I8wY7bBsMvVcI3yBS4QlEm2VWpx3LOak2vg&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3781204470&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649417966009&rpt=413&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0A9C 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?frQZHA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK viewability Show response
ad4.ad-srv.net/ Frame AC98 0
150 B 33ms
12ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.ad-srv.net/viewability?s=46881300088464200383828011923004&a=a382bb58&vb=v
Requested by: Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=46881300088464200383828011923004&a=4716afee
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad4.ad-srv.net/request_content.php?s=46881300088464200383828011923004&a=4716afee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 11:39:28 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 33AC 3 KB
3 KB 93ms
83ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=24411&b=Yxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcr&f=q4gUmfBDeXt79WaZH3C1HRCQVEUPTgTZRU3&c=160&d=600&e=ZQIHifWby-GqjvmE1ueAOOwqcJhTTjFz&g=4dc035707b9945f17da8754df361c1e4%2F8735007909180105330&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&r=1649417968143&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC1Yal7h5QYpq2KMGD3gPS173oBsnR-oli9sukzqwM8C4QASDh7spAYJWCgICYB8gBCakCSyvHseQ4sj6oAwGqBIECT9BBi-puNKVCpS7l3nTf4WA7-_AKUX9ZiV8y-C_jokKHj5N33VabhhOsQeDmC2IFBmq4Yy3yx-wKi2oSc25_uJsWJ1W0OLNOll5txXjNPt_KpSaBcsjx47K1g7Z7-oetwxOsXmpVDYw2u6hsLfmLS_wMV6txMoNruRf2vfawL760ftHsPB7Afi1lE80PliLcPpmpieAtz1RGSfT2fPiNljmftdCfp0i2DcVqu8pX0lWr9hVScTqP92_zG8N0NDVpiK5iZZDBZeePLQOGUx1r2NHgdLmUGo1XKvUUmfCTWglsxbGEAXOmUNz4Nb9P1oOGMBJeHMAYXCzcGM-HNNUz863ABPe83OKeA-AEA5AGAaAGTYAH6sHBXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATop_TBtATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-Ro7GZKgAYrjpfP2fqNYCGngy4gHgANwhOol9NoG9sl12w2AAqJFQ%2526sig%253DAOD64_0J5-EkK22r2AjdgBcvRMrKPbtGLA%2526client%253Dca-pub-9650408980791532%2526dbm_c%253DAKAmf-CnPJ9cAN_3tJENRR4NaBeZDowePv2REgSlAhxHrPMBg63pHa6l1_Mu_6QL82tMdCPpPhtTeMf__rmYXBK7vP7hD3cP42ZkEq-fuUm9gAGqcHQCOO_caHX5TXfhVNTO61C4W4qeMpcfsfD0ke-487zVd2bdEw%2526cry%253D1%2526dbm_d%253DAKAmf-AFGpcVr1DSZOaVChnzShLTbTbTMWdD92lr02IY0Vzsid9-X5wt_2Y2Evi16y47sfEkrcZ2VmDtJrmCc_JAzeQFRYEAqs2pjUilIyqAQ7ferRMOE3TjrYF_GI9BqwdpPSaDVAWYziRKrt18v8-Od60c3QWkI43eV6UK__tUF2cwXvlb_pxOymMxnniF-1tYfLFBUGP42qTAJ_J_HhD2pWS1qCFqDWWignPFMmdjV4PqLXTDFlV0CaNjfa7BWOaVCo6u_aHc7hVz9ZkQWKSBQiX1uXoYmH5AepblF0Q7lNH7fXz_GjUyUI53sJzJldY3xZg3NW1kmUuRoXUHlomVkgonrgOrGWRG2o096VNGtPCWuAXpi4Q3QoER8zCAUwSLe4lQDrhHVjxrwZe30iLRzlD77f2dDhWJycSoxG91iowFJ3qG6MQKnSESpMLsTyVuU5R7uOE0BG7zsYzoAbboLXX96xecWvbqZemSmkn5enPeihnPuIHeqC_PsDGcWeG9KVdMuGNVatMic9ziwG4xxpTofRPZhhGk6MzR3jw3oFa8-oseWUgYDo4oPD1DYOMyO5q0TLBV5Eap88s_Ggqt16qvhbYE9L-tNxxaa3QczkqJVAHtabmTvxx7NvITxrJyFfUUAoRK_IlXgAkScAZcs_yHjEyeDktJf8IW0puir0KJnZXM52q8hs3Nr-4kJCxx6wfBFNAhfnrPSX4jmQN356PZV49A65f_vDzrF2htkzLessiXFh0-90dM52FJzPbQ3QtQ7MZPjYXQHfg76ZzZocXZD66_8kOpyYBvAnbPbU3G4Xg9J4g%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9b982f64f58599035403d69d54b6cd430187188a380dcadfb79ad536a5f376

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6f8ab8fd6c9d59ad-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 11:39:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 33AC 81 KB
11 KB 41ms
40ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24411&b=Yxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcr&f=q4gUmfBDeXt79WaZH3C1HRCQVEUPTgTZRU3&c=160&d=600&e=ZQIHifWby-GqjvmE1ueAOOwqcJhTTjFz&g=4dc035707b9945f17da8754df361c1e4%2F8735007909180105330&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&r=1649417968143&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC1Yal7h5QYpq2KMGD3gPS173oBsnR-oli9sukzqwM8C4QASDh7spAYJWCgICYB8gBCakCSyvHseQ4sj6oAwGqBIECT9BBi-puNKVCpS7l3nTf4WA7-_AKUX9ZiV8y-C_jokKHj5N33VabhhOsQeDmC2IFBmq4Yy3yx-wKi2oSc25_uJsWJ1W0OLNOll5txXjNPt_KpSaBcsjx47K1g7Z7-oetwxOsXmpVDYw2u6hsLfmLS_wMV6txMoNruRf2vfawL760ftHsPB7Afi1lE80PliLcPpmpieAtz1RGSfT2fPiNljmftdCfp0i2DcVqu8pX0lWr9hVScTqP92_zG8N0NDVpiK5iZZDBZeePLQOGUx1r2NHgdLmUGo1XKvUUmfCTWglsxbGEAXOmUNz4Nb9P1oOGMBJeHMAYXCzcGM-HNNUz863ABPe83OKeA-AEA5AGAaAGTYAH6sHBXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATop_TBtATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-Ro7GZKgAYrjpfP2fqNYCGngy4gHgANwhOol9NoG9sl12w2AAqJFQ%2526sig%253DAOD64_0J5-EkK22r2AjdgBcvRMrKPbtGLA%2526client%253Dca-pub-9650408980791532%2526dbm_c%253DAKAmf-CnPJ9cAN_3tJENRR4NaBeZDowePv2REgSlAhxHrPMBg63pHa6l1_Mu_6QL82tMdCPpPhtTeMf__rmYXBK7vP7hD3cP42ZkEq-fuUm9gAGqcHQCOO_caHX5TXfhVNTO61C4W4qeMpcfsfD0ke-487zVd2bdEw%2526cry%253D1%2526dbm_d%253DAKAmf-AFGpcVr1DSZOaVChnzShLTbTbTMWdD92lr02IY0Vzsid9-X5wt_2Y2Evi16y47sfEkrcZ2VmDtJrmCc_JAzeQFRYEAqs2pjUilIyqAQ7ferRMOE3TjrYF_GI9BqwdpPSaDVAWYziRKrt18v8-Od60c3QWkI43eV6UK__tUF2cwXvlb_pxOymMxnniF-1tYfLFBUGP42qTAJ_J_HhD2pWS1qCFqDWWignPFMmdjV4PqLXTDFlV0CaNjfa7BWOaVCo6u_aHc7hVz9ZkQWKSBQiX1uXoYmH5AepblF0Q7lNH7fXz_GjUyUI53sJzJldY3xZg3NW1kmUuRoXUHlomVkgonrgOrGWRG2o096VNGtPCWuAXpi4Q3QoER8zCAUwSLe4lQDrhHVjxrwZe30iLRzlD77f2dDhWJycSoxG91iowFJ3qG6MQKnSESpMLsTyVuU5R7uOE0BG7zsYzoAbboLXX96xecWvbqZemSmkn5enPeihnPuIHeqC_PsDGcWeG9KVdMuGNVatMic9ziwG4xxpTofRPZhhGk6MzR3jw3oFa8-oseWUgYDo4oPD1DYOMyO5q0TLBV5Eap88s_Ggqt16qvhbYE9L-tNxxaa3QczkqJVAHtabmTvxx7NvITxrJyFfUUAoRK_IlXgAkScAZcs_yHjEyeDktJf8IW0puir0KJnZXM52q8hs3Nr-4kJCxx6wfBFNAhfnrPSX4jmQN356PZV49A65f_vDzrF2htkzLessiXFh0-90dM52FJzPbQ3QtQ7MZPjYXQHfg76ZzZocXZD66_8kOpyYBvAnbPbU3G4Xg9J4g%2526adurl%253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=24411&b=Yxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcr&f=q4gUmfBDeXt79WaZH3C1HRCQVEUPTgTZRU3&c=160&d=600&e=ZQIHifWby-GqjvmE1ueAOOwqcJhTTjFz&g=4dc035707b9945f17da8754df361c1e4%2F8735007909180105330&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&r=1649417968143&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC1Yal7h5QYpq2KMGD3gPS173oBsnR-oli9sukzqwM8C4QASDh7spAYJWCgICYB8gBCakCSyvHseQ4sj6oAwGqBIECT9BBi-puNKVCpS7l3nTf4WA7-_AKUX9ZiV8y-C_jokKHj5N33VabhhOsQeDmC2IFBmq4Yy3yx-wKi2oSc25_uJsWJ1W0OLNOll5txXjNPt_KpSaBcsjx47K1g7Z7-oetwxOsXmpVDYw2u6hsLfmLS_wMV6txMoNruRf2vfawL760ftHsPB7Afi1lE80PliLcPpmpieAtz1RGSfT2fPiNljmftdCfp0i2DcVqu8pX0lWr9hVScTqP92_zG8N0NDVpiK5iZZDBZeePLQOGUx1r2NHgdLmUGo1XKvUUmfCTWglsxbGEAXOmUNz4Nb9P1oOGMBJeHMAYXCzcGM-HNNUz863ABPe83OKeA-AEA5AGAaAGTYAH6sHBXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATop_TBtATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-Ro7GZKgAYrjpfP2fqNYCGngy4gHgANwhOol9NoG9sl12w2AAqJFQ%2526sig%253DAOD64_0J5-EkK22r2AjdgBcvRMrKPbtGLA%2526client%253Dca-pub-9650408980791532%2526dbm_c%253DAKAmf-CnPJ9cAN_3tJENRR4NaBeZDowePv2REgSlAhxHrPMBg63pHa6l1_Mu_6QL82tMdCPpPhtTeMf__rmYXBK7vP7hD3cP42ZkEq-fuUm9gAGqcHQCOO_caHX5TXfhVNTO61C4W4qeMpcfsfD0ke-487zVd2bdEw%2526cry%253D1%2526dbm_d%253DAKAmf-AFGpcVr1DSZOaVChnzShLTbTbTMWdD92lr02IY0Vzsid9-X5wt_2Y2Evi16y47sfEkrcZ2VmDtJrmCc_JAzeQFRYEAqs2pjUilIyqAQ7ferRMOE3TjrYF_GI9BqwdpPSaDVAWYziRKrt18v8-Od60c3QWkI43eV6UK__tUF2cwXvlb_pxOymMxnniF-1tYfLFBUGP42qTAJ_J_HhD2pWS1qCFqDWWignPFMmdjV4PqLXTDFlV0CaNjfa7BWOaVCo6u_aHc7hVz9ZkQWKSBQiX1uXoYmH5AepblF0Q7lNH7fXz_GjUyUI53sJzJldY3xZg3NW1kmUuRoXUHlomVkgonrgOrGWRG2o096VNGtPCWuAXpi4Q3QoER8zCAUwSLe4lQDrhHVjxrwZe30iLRzlD77f2dDhWJycSoxG91iowFJ3qG6MQKnSESpMLsTyVuU5R7uOE0BG7zsYzoAbboLXX96xecWvbqZemSmkn5enPeihnPuIHeqC_PsDGcWeG9KVdMuGNVatMic9ziwG4xxpTofRPZhhGk6MzR3jw3oFa8-oseWUgYDo4oPD1DYOMyO5q0TLBV5Eap88s_Ggqt16qvhbYE9L-tNxxaa3QczkqJVAHtabmTvxx7NvITxrJyFfUUAoRK_IlXgAkScAZcs_yHjEyeDktJf8IW0puir0KJnZXM52q8hs3Nr-4kJCxx6wfBFNAhfnrPSX4jmQN356PZV49A65f_vDzrF2htkzLessiXFh0-90dM52FJzPbQ3QtQ7MZPjYXQHfg76ZzZocXZD66_8kOpyYBvAnbPbU3G4Xg9J4g%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:39:28 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 155657
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Wed, 06 Apr 2022 16:25:11 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6f8ab8fdca9f375b-MXP
cf-bgj: minify

GET
H2 200 26CEA506EFE2FB34103F6C85D24297FB4D2C5989D752CD2966E32B4C22B7DE97AD3B76A69A7C26B0A3A19DAF4D636C73FAA4B6DA9A291B8EF900DC73CABBAC38
assets.ad4m.at/ Frame 33AC 13 KB
14 KB 70ms
60ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/26CEA506EFE2FB34103F6C85D24297FB4D2C5989D752CD2966E32B4C22B7DE97AD3B76A69A7C26B0A3A19DAF4D636C73FAA4B6DA9A291B8EF900DC73CABBAC38
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24411&b=Yxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcr&f=q4gUmfBDeXt79WaZH3C1HRCQVEUPTgTZRU3&c=160&d=600&e=ZQIHifWby-GqjvmE1ueAOOwqcJhTTjFz&g=4dc035707b9945f17da8754df361c1e4%2F8735007909180105330&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&r=1649417968143&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC1Yal7h5QYpq2KMGD3gPS173oBsnR-oli9sukzqwM8C4QASDh7spAYJWCgICYB8gBCakCSyvHseQ4sj6oAwGqBIECT9BBi-puNKVCpS7l3nTf4WA7-_AKUX9ZiV8y-C_jokKHj5N33VabhhOsQeDmC2IFBmq4Yy3yx-wKi2oSc25_uJsWJ1W0OLNOll5txXjNPt_KpSaBcsjx47K1g7Z7-oetwxOsXmpVDYw2u6hsLfmLS_wMV6txMoNruRf2vfawL760ftHsPB7Afi1lE80PliLcPpmpieAtz1RGSfT2fPiNljmftdCfp0i2DcVqu8pX0lWr9hVScTqP92_zG8N0NDVpiK5iZZDBZeePLQOGUx1r2NHgdLmUGo1XKvUUmfCTWglsxbGEAXOmUNz4Nb9P1oOGMBJeHMAYXCzcGM-HNNUz863ABPe83OKeA-AEA5AGAaAGTYAH6sHBXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATop_TBtATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-Ro7GZKgAYrjpfP2fqNYCGngy4gHgANwhOol9NoG9sl12w2AAqJFQ%2526sig%253DAOD64_0J5-EkK22r2AjdgBcvRMrKPbtGLA%2526client%253Dca-pub-9650408980791532%2526dbm_c%253DAKAmf-CnPJ9cAN_3tJENRR4NaBeZDowePv2REgSlAhxHrPMBg63pHa6l1_Mu_6QL82tMdCPpPhtTeMf__rmYXBK7vP7hD3cP42ZkEq-fuUm9gAGqcHQCOO_caHX5TXfhVNTO61C4W4qeMpcfsfD0ke-487zVd2bdEw%2526cry%253D1%2526dbm_d%253DAKAmf-AFGpcVr1DSZOaVChnzShLTbTbTMWdD92lr02IY0Vzsid9-X5wt_2Y2Evi16y47sfEkrcZ2VmDtJrmCc_JAzeQFRYEAqs2pjUilIyqAQ7ferRMOE3TjrYF_GI9BqwdpPSaDVAWYziRKrt18v8-Od60c3QWkI43eV6UK__tUF2cwXvlb_pxOymMxnniF-1tYfLFBUGP42qTAJ_J_HhD2pWS1qCFqDWWignPFMmdjV4PqLXTDFlV0CaNjfa7BWOaVCo6u_aHc7hVz9ZkQWKSBQiX1uXoYmH5AepblF0Q7lNH7fXz_GjUyUI53sJzJldY3xZg3NW1kmUuRoXUHlomVkgonrgOrGWRG2o096VNGtPCWuAXpi4Q3QoER8zCAUwSLe4lQDrhHVjxrwZe30iLRzlD77f2dDhWJycSoxG91iowFJ3qG6MQKnSESpMLsTyVuU5R7uOE0BG7zsYzoAbboLXX96xecWvbqZemSmkn5enPeihnPuIHeqC_PsDGcWeG9KVdMuGNVatMic9ziwG4xxpTofRPZhhGk6MzR3jw3oFa8-oseWUgYDo4oPD1DYOMyO5q0TLBV5Eap88s_Ggqt16qvhbYE9L-tNxxaa3QczkqJVAHtabmTvxx7NvITxrJyFfUUAoRK_IlXgAkScAZcs_yHjEyeDktJf8IW0puir0KJnZXM52q8hs3Nr-4kJCxx6wfBFNAhfnrPSX4jmQN356PZV49A65f_vDzrF2htkzLessiXFh0-90dM52FJzPbQ3QtQ7MZPjYXQHfg76ZzZocXZD66_8kOpyYBvAnbPbU3G4Xg9J4g%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7623ad0799030ffe48e9077e1e9cd938059e0b4c7ded57955aeee3be9d344c08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=85ebfQ==, md5=IAFIQRbkXAJFo4DOgH6xJA==
date: Fri, 08 Apr 2022 11:39:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 323441
cf-polished: qual=85, origFmt=jpeg, origSize=28042
x-guploader-uploadid: ADPycdsPnqvzi_8KOIMjOZ0vPKmzinpB0hYft7dj_P6xqLVItXAIb6qfn0Mo-p9QrURXlTdt0Y2GHmHm5Qn3qREhMWTvfWX8Vw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12908
last-modified: Mon, 04 Apr 2022 17:07:28 GMT
server: cloudflare
etag: "2001484116e45c0245a380ce807eb124"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Itj9D9gQRd%2BAWAXIbOl6DQGPbkcaf8CxjGwq7GthNaWFP4kG6FjEH%2BMlBW397g0deMnuxfYgWSk%2BH5BCFDFkjGkpNxmrPJeAfF7nJNQ%2F%2BZU%2BRYWQU%2BWSWhgsyTHjej9vnysP5aEhQiCATpI"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1649092048337600
content-type: image/webp
expires: Sat, 09 Apr 2022 11:39:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 28042
accept-ranges: bytes
cf-ray: 6f8ab8fddde059ad-MXP
cf-bgj: imgq:85,h2pri

GET
H3

200

3786
lenovo.7eer.net/i/1197007/815242/ Frame 33AC
Redirect Chain

https://lenovo.7eer.net/i/1197007/815242/3786?subId1=oneidYxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcroneid__asuidZQIHifWby-GqjvmE1ueAOOwqcJhTTjFzasuid__dbmRTXL&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.ojrq.net/p/?return=https%3A%2F%2Flenovo.7eer.net%2Fi%2F1197007%2F815242%2F3786%3FsubId1%3DoneidYxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcroneid__asuidZQIHifWby-GqjvmE1ueAOOwqcJhTTjFzasuid__dbmR...
https://lenovo.7eer.net/i/1197007/815242/3786?subId1=oneidYxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcroneid__asuidZQIHifWby-GqjvmE1ueAOOwqcJhTTjFzasuid__dbmRTXL&gdpr_consent=&gdpr=0&gdpr_pd=0&level=1&brwsr=...

50 B
67 B

25ms
16ms

Image
image/gif

35.186.240.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lenovo.7eer.net/i/1197007/815242/3786?subId1=oneidYxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcroneid__asuidZQIHifWby-GqjvmE1ueAOOwqcJhTTjFzasuid__dbmRTXL&gdpr_consent=&gdpr=0&gdpr_pd=0&level=1&brwsr=8c66e783-b730-11ec-a7e0-ab4671ed77cf&brwsrsig=wpyUUuWXd27iU9HSOIW3PxLkSvZ1pc
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24411&b=Yxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcr&f=q4gUmfBDeXt79WaZH3C1HRCQVEUPTgTZRU3&c=160&d=600&e=ZQIHifWby-GqjvmE1ueAOOwqcJhTTjFz&g=4dc035707b9945f17da8754df361c1e4%2F8735007909180105330&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&r=1649417968143&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC1Yal7h5QYpq2KMGD3gPS173oBsnR-oli9sukzqwM8C4QASDh7spAYJWCgICYB8gBCakCSyvHseQ4sj6oAwGqBIECT9BBi-puNKVCpS7l3nTf4WA7-_AKUX9ZiV8y-C_jokKHj5N33VabhhOsQeDmC2IFBmq4Yy3yx-wKi2oSc25_uJsWJ1W0OLNOll5txXjNPt_KpSaBcsjx47K1g7Z7-oetwxOsXmpVDYw2u6hsLfmLS_wMV6txMoNruRf2vfawL760ftHsPB7Afi1lE80PliLcPpmpieAtz1RGSfT2fPiNljmftdCfp0i2DcVqu8pX0lWr9hVScTqP92_zG8N0NDVpiK5iZZDBZeePLQOGUx1r2NHgdLmUGo1XKvUUmfCTWglsxbGEAXOmUNz4Nb9P1oOGMBJeHMAYXCzcGM-HNNUz863ABPe83OKeA-AEA5AGAaAGTYAH6sHBXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATop_TBtATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-Ro7GZKgAYrjpfP2fqNYCGngy4gHgANwhOol9NoG9sl12w2AAqJFQ%2526sig%253DAOD64_0J5-EkK22r2AjdgBcvRMrKPbtGLA%2526client%253Dca-pub-9650408980791532%2526dbm_c%253DAKAmf-CnPJ9cAN_3tJENRR4NaBeZDowePv2REgSlAhxHrPMBg63pHa6l1_Mu_6QL82tMdCPpPhtTeMf__rmYXBK7vP7hD3cP42ZkEq-fuUm9gAGqcHQCOO_caHX5TXfhVNTO61C4W4qeMpcfsfD0ke-487zVd2bdEw%2526cry%253D1%2526dbm_d%253DAKAmf-AFGpcVr1DSZOaVChnzShLTbTbTMWdD92lr02IY0Vzsid9-X5wt_2Y2Evi16y47sfEkrcZ2VmDtJrmCc_JAzeQFRYEAqs2pjUilIyqAQ7ferRMOE3TjrYF_GI9BqwdpPSaDVAWYziRKrt18v8-Od60c3QWkI43eV6UK__tUF2cwXvlb_pxOymMxnniF-1tYfLFBUGP42qTAJ_J_HhD2pWS1qCFqDWWignPFMmdjV4PqLXTDFlV0CaNjfa7BWOaVCo6u_aHc7hVz9ZkQWKSBQiX1uXoYmH5AepblF0Q7lNH7fXz_GjUyUI53sJzJldY3xZg3NW1kmUuRoXUHlomVkgonrgOrGWRG2o096VNGtPCWuAXpi4Q3QoER8zCAUwSLe4lQDrhHVjxrwZe30iLRzlD77f2dDhWJycSoxG91iowFJ3qG6MQKnSESpMLsTyVuU5R7uOE0BG7zsYzoAbboLXX96xecWvbqZemSmkn5enPeihnPuIHeqC_PsDGcWeG9KVdMuGNVatMic9ziwG4xxpTofRPZhhGk6MzR3jw3oFa8-oseWUgYDo4oPD1DYOMyO5q0TLBV5Eap88s_Ggqt16qvhbYE9L-tNxxaa3QczkqJVAHtabmTvxx7NvITxrJyFfUUAoRK_IlXgAkScAZcs_yHjEyeDktJf8IW0puir0KJnZXM52q8hs3Nr-4kJCxx6wfBFNAhfnrPSX4jmQN356PZV49A65f_vDzrF2htkzLessiXFh0-90dM52FJzPbQ3QtQ7MZPjYXQHfg76ZzZocXZD66_8kOpyYBvAnbPbU3G4Xg9J4g%2526adurl%253D&y=1&z=0
Protocol: H3
Server: 35.186.240.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.240.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:28 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
expires: Fri, 08 Apr 2022 11:39:28 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:28 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location: https://lenovo.7eer.net/i/1197007/815242/3786?subId1=oneidYxqtrfz14YfpeWSVHpC3HQtQVkUAT1Tmbcroneid__asuidZQIHifWby-GqjvmE1ueAOOwqcJhTTjFzasuid__dbmRTXL&gdpr_consent=&gdpr=0&gdpr_pd=0&level=1&brwsr=8c66e783-b730-11ec-a7e0-ab4671ed77cf&brwsrsig=wpyUUuWXd27iU9HSOIW3PxLkSvZ1pc
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 08 Apr 2022 11:39:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040401&jk=3878864729388047&bg=!ExClEFTNAAZAkm7qYJI7ACkAdvg8Wky6Rmayr1pxlKjhZ20wmAF3Wa7aYGzR3cGes08jhPPFJ9waAQIAAABwUgAAAAFoAQeZAppfNG-ycQC60DrOVmWEOvoUjy3iO_9as3byCVohd5v7fFh-OlPTdQxO45BkgU9jtQxWBY3ecvW59vcKC3eo4dpdDQDPgWPv3AYzSR2_Yn2MDg-aRfBJch7WFhgJS0gwb1Hl0OKWlOKGU2OF8T1fs2QO6rlO6q68h-mFy5vktDo-fvj_T5fCJu0PlLoe7R9h0c4TURIKbFnTiX50-dI7MZB2d1FAX1_5xkiLMGwfYgb4kH9io11vJUt1GvykKtl3g_fV2jn7wqKP45xMLao-l2THY6MBrOcSxuALhnVj_YVCBDUjTl5Em6KWXUySagen1hV3qJ01AGJu2HuK22uk5Q_taralUIh6qdLh-X1Ehq-Iebm2QvagQhhbDPvgnVqCjt4IBWwQL1vr5gqWg-n-VhbEMmZ5KWmqbp5fSlzFk-Rn6EDi1BlHaVb5suFyXsPs9OTHXraDJRL7XVrHWXEz_xaCl6BwHA5_HLZueNWMIdtfe8dfIOK_9e8aqyPgBL79cDBvtlU3wJFboN2nn4AEAs2rx_tu6gQO1Y2uIEnrxfN4W9g9uh5N3HpZrGqUYUHDDTtbQS8JA-uyphN3xqMyHDmeAPGwIPiVgQk5k7J4fSYDxVPRbgiqxlw69TfQ2C4VU3lvwdjLIgjBsKKc3ukcLTOW2ChiqZHyaC91HQHlZpoDaUEhlwlvLxT2DZKfPOjLfZNsHlQiMZrB-kR1KWvnKnupfCUmVHBUNQr_F1RGi_-suCC3IUbO8StlIHz5Lt9vY_DAwBAeI2qeb1exkSU9GGKoI1UhAOmbEwqiR8OHWiXDz7y0slB8ZLkYf3-VBTc4EqEkefOJYORF-jswrvI598E5aFNMuFWckuGVj4T9kARtRtnOYR7bMICp_UQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajuda.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5DB7 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshZMOIbgAMgeoDiIs3lL9h3Xi4EFm8A-pMnZj-TZyh2_9HIY1aVpRqL4AaSle6L3jN733CHF5_RoeaArdB7cJOiXO9ZxTofk6uBpYH&sai=AMfl-YSzP0nR72HIySF4voWK66A3oKYWl7rsq552FbDNTm6xqPTr6zx-LPj1X4LLaRZQds0x-GbDsCDuhrCIl3RuQqCtlma-4i1LjA3UdhV_0DyQpeA9ikUjWrA1XeymEro&sig=Cg0ArKJSzMySpk3uTLnTEAE&cid=CAASJ-Ro7GZKgAYrjpfP2fqNYCGngy4gHgANwhOol9NoG9sl12w2AAqJFQ&id=lidar2&mcvt=1000&p=974,375,1014,416&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1661103190&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649417966330&rpt=697&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 11:39:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ajuda.serasa.com.br/	1969-12-31 23:59:59	Name: __cfruid Value: 1d7e4ce8cb867054ab23dbc0f2ade597d86db914-1649417965
.serasa.com.br/	1970-01-20 19:41:29	Name: _ga Value: GA1.3.43521287.1649417965
.serasa.com.br/	1970-01-20 02:11:44	Name: _gid Value: GA1.3.200326458.1649417965
.serasa.com.br/	1970-01-20 02:10:18	Name: _gat Value: 1
.serasaconsumidor.zendesk.com/	1969-12-31 23:59:59	Name: __cfruid Value: 1d7e4ce8cb867054ab23dbc0f2ade597d86db914-1649417965
.ajuda.serasa.com.br/	1970-01-20 02:10:19	Name: __cf_bm Value: 5eKFP45.YDFl2jTHdXTDNN2pDT_LbbGgqGqmJiKnibc-1649417966-0-AVrb5rYz8fJchK72wHef/RaSR9S6YobW6BJyfs88mqdlGPMVX0sQBnybhu+/JZGXxinvG3WlwE/MFRkXaTBdUZv1jY8b73TSnjCI6+QObsfO90rstW2fIJQ0niiu/2b6yg==
.serasa.com.br/	1970-01-20 10:55:53	Name: _hjSessionUser_2469592 Value: eyJpZCI6ImQ0MDI3ZDcwLTc5MGItNWU1ZC04Y2QyLTEwOTVhZGRiNzBlZSIsImNyZWF0ZWQiOjE2NDk0MTc5NjU1NDMsImV4aXN0aW5nIjpmYWxzZX0=
.serasa.com.br/	1970-01-20 02:10:19	Name: _hjFirstSeen Value: 1
ajuda.serasa.com.br/	1970-01-20 02:10:18	Name: _hjIncludedInSessionSample Value: 0
.serasa.com.br/	1970-01-20 02:10:19	Name: _hjSession_2469592 Value: eyJpZCI6IjZkOGRmODY5LTRlZDItNGNiYS1iZmQxLThmMDM2YWE1YWJmMyIsImNyZWF0ZWQiOjE2NDk0MTc5NjU1ODAsImluU2FtcGxlIjpmYWxzZX0=
.serasa.com.br/	1970-01-20 02:10:19	Name: _hjAbsoluteSessionInProgress Value: 1
.doubleclick.net/	1970-01-20 11:31:53	Name: IDE Value: AHWqTUmIdSKzUJ5kAUhuxIgwg5WAlVfeGvqc0SQc-PT8iN2hobiDYAlSESGnhlt_q8A
.doubleclick.net/	1970-01-20 02:10:21	Name: DSID Value: NO_DATA
.adfarm1.adition.com/	1970-01-20 04:19:53	Name: UserID1 Value: 7084196221440296166
.casalemedia.com/	1970-01-20 04:19:53	Name: CMPS Value: 3224
.casalemedia.com/	1970-01-20 02:11:44	Name: CMST Value: YlAe7mJQHu4A
.casalemedia.com/	1970-01-20 10:55:53	Name: CMRUM3 Value: 2d62501eee2760CAESEJpOjNvEMPVQxkNZXfW-ZMw
.casalemedia.com/	1970-01-20 10:55:53	Name: CMID Value: YlAe7qbxJL12sWRW1KEhZQAA
.casalemedia.com/	1970-01-20 04:19:53	Name: CMPRO Value: 1145
.serasa.com.br/	1970-01-20 11:31:53	Name: __gads Value: ID=7dfa327379be3f2f-22db969372cd00f7:T=1649417965:S=ALNI_Mag1BGIx55y8-m307ha1fGBqrWW_A
.adnxs.com/	1970-01-20 04:19:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?dKNi@#!@wnfH8K6pQK`!5=E<L5?%Lz.C1s#cy>^lx@pi5+Cz+i8edv8nGNX#0dDdbpRzqF1`b_U>'?5)
.adnxs.com/	1970-01-20 04:19:53	Name: uuid2 Value: 2212108656406968445
.ad-srv.net/	1970-01-20 04:19:53	Name: pwzdy6wsn8n7_uid Value: b75addb78b0e4ad8
.awin1.com/	1970-01-20 02:14:37	Name: awpv11354 Value: 473322\|1649417967\|8bb8a590-b730-11ec-956f-22655f6734d7
.awin1.com/	1970-01-20 02:14:37	Name: awpv20646 Value: 473322\|1649417967\|8bbc7620-b730-11ec-b304-2261978923a5
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 411817:2869893
www.media01.eu/	1970-01-20 19:42:56	Name: DTU Value: F2C59F30E9D6B918D79EB7B02A99809C
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: q5x3xi2burzjsb10s2c2vjav
pb.media01.eu/	1970-01-20 19:42:56	Name: DTU Value: 8C933716678CBC47DB81EA307F1692F3
.zenaps.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377134:2470208
.zenaps.com/	1970-01-20 02:14:37	Name: awpv11354 Value: 473322\|1649417967\|8bb8a590-b730-11ec-956f-22655f6734d7
www.conrad.de/	1970-01-20 02:17:29	Name: HTLP_timestamp Value: 1649417967
www.conrad.de/	1970-01-20 02:17:29	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 02:10:19	Name: __cf_bm Value: VKWmyZFDJLfDYIrG7HDUJrU12YUU1pJFGMtJBSxNz9g-1649417967-0-AYjf7RoQXJN/OPFTtTWDkgJwnjwmNiEN4Y9U2TCas0h2rjjr9CTk7yBhNP9z0QOU5ocHN4Q4ZteL7xGRQDzGXQE=
.ojrq.net/	1970-01-20 19:27:05	Name: brwsr Value: 8c66e783-b730-11ec-a7e0-ab4671ed77cf
.7eer.net/	1970-01-20 19:27:05	Name: brwsr Value: 8c66e783-b730-11ec-a7e0-ab4671ed77cf

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0689b9d68d8bfa07826082abaa80e3b8.safeframe.googlesyndication.com
ad-server.eu
ad.ad-srv.net
ad.doubleclick.net
ad13.adfarm1.adition.com
ad4.ad-srv.net
ad4m.at
adapter.aivo.co
adservice.google.com
adservice.google.de
agentcore.s3.amazonaws.com
ajuda.serasa.com.br
apibot.agentbot.net
as.ad4m.at
asset.conrad.com
assets.ad4m.at
assets.zendesk.com
cdn.ad-sun.de
cdn.agentbot.net
cdn.ampproject.org
cdn.contentspread.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cl.s11.exct.net
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
imagesrv.adition.com
lenovo.7eer.net
p13.zdassets.com
pagead2.googlesyndication.com
pb.media01.eu
pv.medialead.de
script.hotjar.com
securepubads.g.doubleclick.net
serasaconsumidor.zendesk.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
sync.teads.tv
theme.zdassets.com
tpc.googlesyndication.com
us-u.openx.net
vars.hotjar.com
vc.hotjar.io
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.media01.eu
www.ojrq.net
www.zenaps.com
104.111.239.217
104.16.51.111
104.16.53.111
104.18.70.113
104.18.72.113
104.236.60.225
104.92.106.130
108.157.4.113
108.157.4.7
108.157.4.86
13.111.71.12
138.201.63.116
142.250.181.230
142.250.185.226
142.250.186.98
143.204.98.102
145.239.193.130
164.132.182.207
178.79.242.245
18.66.112.19
185.33.220.216
2001:4de0:ac18::1:a:1a
217.79.188.11
217.79.188.54
2606:4700:20::ac43:4a81
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6812:7e05
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2001
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9d
34.95.127.121
35.186.240.205
35.244.159.8
52.217.14.252
52.86.137.10
54.76.176.197
78.46.23.46
85.10.231.200
85.114.131.235
88.198.250.30
92.122.147.230
006aabd877ee1ccdc2bd16cee536f4536a4f3981d9cb76ae6cfd1d3f25129a29
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
05ad3b768943f707a28a890757381563494068df29222c803cb43baba65488b3
097a4f4472810469cad47b44b742f4e1238b62f4aed87da5b416ccfa3316de68
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1a64732de92fe691f38055f446c114cba9df7e63b2ccc35015e57c7513fc34
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127f03b6729e14e0ed48502ac5cb34ea1b858594f47dea8ea39e24034ec9f756
147081d0991bf7a44054f9336f60082a2af9637d551c3a02e1536ae292252a33
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1f41c1bfd9141177523d3ba40196be30dc3056fd1fdc5067eca64e9b1b915bad
1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9
204110acea6098a6adc43156ed2e81914c59ba21abe2cdfdd9a6270f7fc91bba
20df98277c86a9a13b8baa9a0ca32f27171c43759e1906950ad3333d452b71ab
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
22d8603c17ab045451b17ad66d730c5c287a36f3956f96422c5941a64ff27710
26186ef31ef35679017179c6639f347c58e4eb941ba9a262a4b8584dcb4e8ac9
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
30d8b7673f41672185843f69b79543c5eb50d57eecd92fdec573244a8e413ad9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
3d1a867068048eea5deec3c8d44a316c9bf770f7a770226dbdceeb4db79060ec
3edcd35f57ed9849a3f18522017d304c843e75d4c0195b763222ccb06b003313
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
46f51dfa02a9f96c84032f9ba066f3881096781bc142b26c98a3e4b947566468
48a7dafc3dc6e75c331de0c900aedfa5fc0f245ecdd9ef3db24c08f4667a59c6
48f06ee1e5c731e2cb399cbb155bf6ddddf9e446b949908ea1a0f94860097903
49adad57c43159e3b07daf3f0ae19e1f31d973bc3859ec4dcb647784f0677736
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579
5d8e1362d3d67ed6e74c3104f3ab8609d179081387ea36e71940914a86350f7c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6325460f601bf8813712459ff79c2e76982cce83d602a011928b3dabbb8add2d
65e395cdf922ed34f7fa4e9c71161974cd892521d15f25b680b36ff5938886c8
66d301290c1e9b6e4c9732d4d200f8a33f750f97a75b734fcc82c2ee605b073a
684a604e1aaf541f40b66886cd035d2a32400ca362bfe9e2a463b165bf909af4
689b3cc5dc2dbb83bbde91077b0a1f69b2b767bc203010560643efbcce003be3
6f3ef7c5c49a1f416744e8f5e22460f0234b2af9f7d007ab56836b7f6f554fd2
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
7623ad0799030ffe48e9077e1e9cd938059e0b4c7ded57955aeee3be9d344c08
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7ae56b65ec006cba7103d4755cad1ba299c460a5e44b1b0cdb66a186a77f8c25
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
81ac0780714c8aef309cea2eff23b216535d2c9b70290920da16d65165e8d9a6
838823d4fc5054d84fbde32bbeb6cd22f18ea7d96edad521aacf170b0ebca411
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87d98603dabb39384e5aecd9614fe72adcf8f60670e5efc1262a2596b680a519
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ca3928b40e5e5b4a68a8f9ec18e9155b069196d219e7c49f2998caf41ecdd25
8cdf19d3403a42f8a84bdf023368c392d65b247cd6fff587dd308c430cd640df
8fd6d97c5e1e295a7c66bceaff39daf165a8e65ae8a8dd7228443caaf05f2b50
95e3ff0fbf7dbf5df571f6f69b1d4afafa00c320f7bd38c26e5d9e270e6b962e
95f2a2d9bf981b3f923cc601270603e88c14767e7e29310eb2d8b6b1407457f1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f0c11a70973083a31465b27bd503c6cbcf216f208a2bde6862460a38cf01c9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5abb09db0c5e8b3bdef42c4eaed45cf4a6d660586942f5cb7998a9df6e428da
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79823d2f8bafee2203c97bc65c9ccd8db935bec598b3f66aa07b1874b282adf
a7d4139a86f5c5467ae6cb400f0ae7b95995f6ed3da681d17ce1cf8fdc6a0ca1
a8128a12543e5c8871a4c26ed1aec5db7c0621f30fea1d478d179c501f42daf1
a972b4d1cdb31c6ed98e2b2cdb37aeaf482dedf022c278e8579b44d545b87d8d
abbd3d9df6edb6982ac43bbeb61514366582e777e1b501e55f3f9071ffd15f68
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ab87b85f9b4fe02797c9ff8dafbded313b0bde855d1535678619b001be0ffa
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b826baf4b1c464fb6f997c20dd47e496f30a58d1efc8432e3b33fb0872a90862
b8597bd147a5decfba88e3cdc9c8179319328c238e8f012deb158b3d6ac4250c
b877318e6b04ae287105d3a6b85090f387711c17fb4b2528a26f61f0700c07f5
b94ca272a3d8a1846e379ff4ca560dc846a49310a1f64b737f89c99aeb3b6a0c
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bea04035a2c0c5735c5afc55beb6ffc3d50b3d3054984c75343c7a8de2436dd0
c195a2b46a2566d4f7c6bb1baf2e94ff9414e6bf5bdd5d19842c1c5aaa619f9d
c7262812eaf9126567d8c4cd219a595f4087c8acbd37a4df57a6377d69a95f1c
cc6f3ef6a5dcd4d93ef80a2a9762bdbb8f43e52f286e3212f81ae247a97e00e9
ce61e05539704fb07f314ebadf3e65416ffa784626a3cda98623b84c1cafefe1
ce8e6d6bbf0a18dbc3bc9e0ebf9854ca1342401af1117b9c493758a86286751a
cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1685e8b9b7e03eaba14cbd0cfb0c55a175a500e009bfeb5837f648e230fb388
d194cd43f565219c86572b0283450dc9fa860a53d3ccf3569c694e17134e127c
d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815
d7dcb8f11c3b1eb6bc2f19b59a5d6f3f077edead6a9cde03d5853b5995e48a03
dc477ab682fe2729d0dc4fadc416897b131f9209cef31fe5c8b675bdb99663e5
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e26590014d3d13154389b9625a653d9d7713d43165c3361150e54123ac99eba0
e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
eb2b0a50c564803376dc26f10afa5d3c0efe0119b2870e17b8c3f384d625ed88
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ed5210ae0e4bff21331c4c9cdc7ca22276aefe687fb9f49c3215917dfbdb04a5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5cd0d0af73325ea04c9b99435d3d4018dc0a048a41987cc94fcf3eb8a06e698
f62b6cdb65a9a8cef899775a7e2d12b0e2337a2e48f00a7f5f7ce266ba87f507
f89cfa0193094d175fce0382c11fef8a731816251d128f43d08eec02a5e60aa1
fba8081592823cd3fc4cf67ce7b816c03e9937eab2a96be9796d2b9c5bbad553
fc9b982f64f58599035403d69d54b6cd430187188a380dcadfb79ad536a5f376
fd23d571031140bbe7872061ff610c33c6c61000604c4a3e353dc513004c881b
fe32d9e8c5b91d60410c08d8fa519796439792744528d5a01bde953a60428712
fe9000c6bb9ceb2b14e71f018a2dbed0ac8d3b572b2a932ba5f216841c3d6faf
ffd0f1a8998b84c05b08ff0e234e5b02d69f4fd5982def489be7dc36ed72b44f

ajuda.serasa.com.br Open in urlscan Pro 104.16.53.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

163 Requests

91 %HTTPS

35 %IPv6

39 Domains

58 Subdomains

49 IPs

8 Countries

2237 kBTransfer

5789 kBSize

36 Cookies

6 Outgoing links

Page URL History

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ajuda.serasa.com.br Open in urlscan Pro
104.16.53.111 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

91 %
HTTPS

35 %
IPv6

39
Domains

58
Subdomains

49
IPs

8
Countries

2237 kB
Transfer

5789 kB
Size

36
Cookies

163 HTTP transactions
3 data transactions