utua.com.br Open in urlscan Pro
2606:4700:10::6816:29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://utua.com.br/gt-emp-bam-vivienda-p2/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-em...
Submission: On August 24 via api (August 24th 2023, 11:05:56 pm UTC) from JP — Scanned from JP

Summary HTTP 125 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 22 domains to perform 125 HTTP transactions. The main IP is 2606:4700:10::6816:29, located in United States and belongs to CLOUDFLARENET, US. The main domain is utua.com.br. The Cisco Umbrella rank of the primary domain is 643260.
TLS certificate: Issued by E1 on July 18th 2023. Valid for: 3 months.

This is the only time utua.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:10:... 2606:4700:10::6816:29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
3 10	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4004:822::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:480b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2404:6800:400... 2404:6800:4004:80b::2003	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:20c... 2600:9000:20c4:c600:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	99.84.133.82 99.84.133.82	16509 (AMAZON-02) (AMAZON-02)
5	2404:6800:400... 2404:6800:4004:821::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	54.255.46.102 54.255.46.102	16509 (AMAZON-02) (AMAZON-02)
1	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
6	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4008:c13::9b	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:451	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2001:4860:480... 2001:4860:4802:38::35	15169 (GOOGLE) (GOOGLE)
23	2404:6800:400... 2404:6800:4004:810::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:822::200e	15169 (GOOGLE) (GOOGLE)
3 26	2404:6800:400... 2404:6800:4004:827::2001	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81d::2004	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
9	2404:6800:400... 2404:6800:4004:825::2003	15169 (GOOGLE) (GOOGLE)
6	142.251.222.34 142.251.222.34	15169 (GOOGLE) (GOOGLE)
125	34

4 2606:4700:10::6816:29 (United States)

ASN13335 (CLOUDFLARENET, US)

utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:824::2002 (Australia) 3 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:129 (United States)

ASN13335 (CLOUDFLARENET, US)

bucket.utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:480b (United States)

ASN13335 (CLOUDFLARENET, US)

assets.begrowth.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:80b::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c4:c600:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.133.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-82.nrt57.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:821::2001 (Australia)

ASN15169 (GOOGLE, US)

e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::b (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.255.46.102 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-46-102.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4008:c13::9b (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:812::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:451 (United States)

ASN13335 (CLOUDFLARENET, US)

location.begrowth.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::35 (United States)

ASN15169 (GOOGLE, US)

growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2404:6800:4004:810::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2404:6800:4004:827::2001 (Australia) 3 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81d::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:825::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.222.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com 3 redirects e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	297 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	168 KB
12	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 93	276 KB
8	google.com analytics.google.com — Cisco Umbrella Rank: 166 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 150
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	5 KB
5	utua.com.br utua.com.br — Cisco Umbrella Rank: 643260 bucket.utua.com.br	25 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	227 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 435 mug.criteo.com — Cisco Umbrella Rank: 2707	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1331 google-bidout-d.openx.net — Cisco Umbrella Rank: 1336	821 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
2	run.app growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app	76 B
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 22678	515 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 852 bcp.crwdcntrl.net — Cisco Umbrella Rank: 813	13 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 795 id5-sync.com — Cisco Umbrella Rank: 411	27 KB
2	begrowth.com.br assets.begrowth.com.br — Cisco Umbrella Rank: 965673 location.begrowth.com.br	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	169 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1677	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1478	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 334	902 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1496	8 KB
125	22

	Domain	Requested by
26	tpc.googlesyndication.com	3 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com utua.com.br
23	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com utua.com.br www.gstatic.com e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com www.googletagservices.com
10	securepubads.g.doubleclick.net	3 redirects utua.com.br securepubads.g.doubleclick.net
9	www.gstatic.com	e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com utua.com.br
6	www.googleadservices.com
6	analytics.google.com	www.googletagmanager.com
6	fonts.googleapis.com	utua.com.br e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
5	e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagservices.com	e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com utua.com.br
4	fonts.gstatic.com	fonts.googleapis.com
4	utua.com.br	utua.com.br
2	www.google.com	tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app	assets.begrowth.com.br
2	www.google.co.jp	utua.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects utua.com.br
2	www.googletagmanager.com	utua.com.br www.googletagmanager.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	location.begrowth.com.br	assets.begrowth.com.br
1	mug.criteo.com	utua.com.br
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	assets.begrowth.com.br	utua.com.br
1	bucket.utua.com.br	utua.com.br
125	33

This site contains links to these domains. Also see Links.

Domain
www.bam.com.gt

Subject Issuer	Validity	Valid
utua.com.br E1	`2023-07-18` - `2023-10-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-25` - `2024-05-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
begrowth.com.br GTS CA 1P5	`2023-07-15` - `2023-10-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.a.run.app GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://utua.com.br/gt-emp-bam-vivienda-p2/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-ag&utm_term=gt-utua-ct-email-emp-ag-1014
Frame ID: BCA2B492AE7C71808F4762C45B852B8A
Requests: 44 HTTP requests in this frame

Frame: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 911C01970C9DA27E42A4E4F862F96BA0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=utua.com.br
Frame ID: DCD9BCFA14CF55CFF6EEAF8E13B4A248
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 8B565EE58E36AFC32DC5334F8348CE49
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21091784418F3433F7BABBE9796F29EC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 222ECF421A435DBA798B27BBA3F79B63
Requests: 2 HTTP requests in this frame

Frame: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EA19178FD6A8AEA1422E64E55865ED34
Requests: 14 HTTP requests in this frame

Frame: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2134065EFFD59084088063A9462AFBC
Requests: 13 HTTP requests in this frame

Frame: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 47603D3E238547DF77AEBBBEC5CB56E4
Requests: 14 HTTP requests in this frame

Frame: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA2B7000C9B03AF310306E7F0FA79D7F
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019
Frame ID: A053A9449C071FCD5B13EA31D03CEA25
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: 9194913748A13CECF8FEC36DE7935C39
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: 19DE756A8061E5C7D4FA1419F61F3BAF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: 715CE0E3CB9B1AB56E7466100FC7142D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: 6B76CC86DD7E3550731BEE8BDF6D9E9B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cómo Solicitar El Préstamo de Vivienda de bam

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

125
Requests

94 %
HTTPS

73 %
IPv6

22
Domains

33
Subdomains

34
IPs

6
Countries

1282 kB
Transfer

4061 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bam.com.gt/personas/prestamos/bam-hogar-sostenible/formulario/
Title: SOLICITAR AHORA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_content%3Dgt-utua-ct-email-emp-ag%26amp%3Butm_term%3Dgt-utua-ct-email-emp-ag-1014&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_content%3Dgt-utua-ct-email-emp-ag%26amp%3Butm_term%3Dgt-utua-ct-email-emp-ag-1014&rid=esp&cc=1

Request Chain 25

https://gum.criteo.com/sid/json?origin=publishertagids&domain=utua.com.br&sn=ChromeSyncframe&so=0&topUrl=utua.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Uk7lD3xoekhsZUN1aVdaUC9RTkZ0MkZUckhERE5iVXR2TU5tbkoyQ0JNWFJkZ0U5aGdGWFZxTVdnbGdzdlYvQjRQVSt4R2p6Nk82MVJvTzFwdm0wQkJUNk9MeHR2YnNnMzlpT3BsdXo0YUlRNk8wK3J5RmdpSSsxTHNQWURzTUxhMGpIbnhlWUhkd3NZR0Urd1RMamRWUFJxNUJyOUZIdWJzdksxUzlnZE1CUm5NdTRMbkVaRytadW5WTWtxSmVrdUJ5RWp3Uld2QXNuVzJTc010Y2J1MklFcXl3anI4WDB1Qzdmb1MycUNtZzNpaVUzZWxUSjZ0RDVOTzhlTSs1U1dGWC9XcElHQm9WdHpZQWw1SGhpNUhmN1h6dz09fA&cppv=2

Request Chain 59

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCniujDkwEQlQgYlQgyCPzSd_1051oX HTTP 301
https://tpc.googlesyndication.com/simgad/17074353085174600638

Request Chain 69

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCniujDkwEQlQgYlQgyCPzSd_1051oX HTTP 301
https://tpc.googlesyndication.com/simgad/17074353085174600638

Request Chain 81

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCniujDkwEQlQgYlQgyCPzSd_1051oX HTTP 301
https://tpc.googlesyndication.com/simgad/17074353085174600638

Request Chain 110

https://securepubads.g.doubleclick.net/pagead/adview?ai=CBZZAT-LnZILcCK-8vcAPjNaEkAP4rfnYb4DsmvLjDGQQASCfzvZ9YInzxYT0E6AB1ez10APIAQmpAkkf1IF6J7I-4AIAqAMByAPLBKoEnwNP0F2RJSWGc5jc4TvBlWUroIsTxLkxnpogwDVUm22ZZ2prRk_ZcT5gxIJOaAr332LgyPr8NVvnB41AZw3y8H7v-ddYK7a0iXpirJxvJqV_ky8ceandTr0pQi3s12jNUzEsk34MKxnVGT4zbxTIpue-ogdS7o-xv00uR4MtQzjXaW6wTkBHGBUKiF0NhQrGrjzAWREOejuTnuQ81Juk3CQAi_kl10YgHMd3lOC5a_REdUk0I5sFOjoFhOUNb-T4qetb7KQfZz0ub43olD4Q_YYEZJuD-JYgp7YZtMr1K6jS41kPzxd4I75dPj8y-J25t2h4CuIYPngXZuFylDuCYtsbLIut8TmEsdA5mYybP-gnU6CfRqEolOEP9SvcQq7VyIY9xf-22vZm00c0iRdY0FLFPQwdxY1sVGNl7Egxwqz6S4m14ghAxAJ8zbuYiBfEQW2_BYNlN3PBHkihnJjIVHGugNAwf5U1CdIwLHcNp3FItjyxs8O2-qwFoQ928LNbVfLF8d2Qy3INeE_f1g5IkCGg1lwBsbophFZbWx7EeRXCwATG6MGhlgPgBAGIBZvQ6fEpkgUECAQYAZIFBAgFGASgBi6AB4PAnYYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEMWvM9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mgk0aHR0cHM6Ly91cy5qZXRjb3N0LmNvbS9lcz9hd19jYW1wYWlnbl9pZD0xMTI0NDU2MjQ1OYAKA8gLAdoMEAoKENDuvdXbj--kFxICAQPYEwyIFAPQFQGAFwGyFx4KHAgAEhRwdWItNDk3OTk3NzQ2MzgzMzAyNBiZgXQ&sigh=JmNZ6ctDDoY&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWsI-eg_WNw0PvE6FZ692JdPJ_TsGWZqHbbSAgwHAnLyHefoqkSP0djn1fPv5Z66PIxCYlNlSWngbs95NZEDyUJB1kchYbJhgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa5fae1bab7c553980000000000000000%22,%222%22:%220x5115ebcf4e09d64a0000000000000000%22,%223%22:%220xbe2b01fc20b6b3c90000000000000000%22,%224%22:%220xf1c94c556f51f2de0000000000000000%22,%225%22:%220x80d617e551b7c560000000000000000%22},%22debug_key%22:%222208210794898881465%22,%22debug_reporting%22:true,%22destination%22:%22https://jetcost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22975009365%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215086652975948924945%22}&andc=true

Request Chain 116

https://securepubads.g.doubleclick.net/pagead/adview?ai=CLVheT-LnZIPcCK-8vcAPjNaEkAP4rfnYb6jsmvLjDGQQASCfzvZ9YInzxYT0E6AB1ez10APIAQmpAkkf1IF6J7I-4AIAqAMByAPLBKoEogNP0Fow239_-z5EJ5Tb3ZJxVFktzgEnNLWwg342NS3XTIkgEIb9ZP426c-Bplyr6eH1OgnufE-Nshx4wutvzVKVJcKyd4lBBoUETtfHpYfUiwYLAqdkmsGT9MlUc8yCm2iKqypmIBDb4Bo33bYpasYgoevVYGZnE5Efl4Dnqt1kbW8S3nu988Qe3QPUk9gaf1eVwTdmaXnGRornzPj29maiqp3mCugScYt5D_-45SZkJrIVSO2Ze77RswRpnWqbKigR4ZiZ2vPiTaOpu0a-wGpMJxNRZC6x7J7Mh7AjpXsZJMD4euD72RSy5CkJII8uUrGVWrW0ZCSG-y8jIhMz8qziuFd0D8GCXvLotx3jMBL5KkZ-wS3s-MKgFBv_oCFg9YjPpHhuh5n8t1GO_WAXcW8ZYCLcvlpPcKxjyBWzlKN6XwwI50LvDiEwye5VtcwJjC8fJUH7YE6znDBoOgU-Wcunjl82qouJkOV8YYj9QRMpn97Wxx6ddW2umU4ttGkZlEl7qIw7b0cBIQpDniX63GfXGj5G72jBm8REtTckSVCDrmzgwATG6MGhlgPgBAGIBZvQ6fEpkgUECAQYAZIFBAgFGASgBi6AB4PAnYYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJa6EdIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgk0aHR0cHM6Ly91cy5qZXRjb3N0LmNvbS9lcz9hd19jYW1wYWlnbl9pZD0xMTI0NDU2MjQ1OYAKA8gLAdoMEAoKEIDc0a6z4cv9RBICAQPYEwyIFAPQFQGAFwGyFx4KHAgAEhRwdWItNDk3OTk3NzQ2MzgzMzAyNBiZgXQ&sigh=DVf9HtX8eQM&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWsI-eg_WNw0PvE6FZ692JdPJ_TsGWZqHbbSAgwHAnLyHefoqkSP0djn1fPv5Z66PIxCYlNlSWngbs95NZEDyUJB1kchYbJhgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa5fae1bab7c553980000000000000000%22,%222%22:%220x5115ebcf4e09d64a0000000000000000%22,%223%22:%220xbe2b01fc20b6b3c90000000000000000%22,%224%22:%220xf1c94c556f51f2de0000000000000000%22,%225%22:%220x80d617e551b7c560000000000000000%22},%22debug_key%22:%2213180988179828735106%22,%22debug_reporting%22:true,%22destination%22:%22https://jetcost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22975009365%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221405235128393427777%22}&andc=true

Request Chain 118

https://securepubads.g.doubleclick.net/pagead/adview?ai=CdDNLT-LnZITcCK-8vcAPjNaEkAP4rfnYb4DsmvLjDGQQASCfzvZ9YInzxYT0E6AB1ez10APIAQmpAkkf1IF6J7I-4AIAqAMByAPLBKoEogNP0CECeXHvhXwvNj0vtw84TSoUY83xJCP1GuSXGLapXNhS6KKwU_VmZ7Ev1xWikPIcnw87xA8U2RYEaH3MfwV_oD79MzLiYbfi6FPqK-iKoyAmYtiq-SjVisTLEPw-mnBK5JNFJ7yrNTNwwaKdKWPrIaOhKN6JNaOjDm_2Ph7Tz2CF_xoKPGcBNryfkgsw3gTEp8FX3wIpW6Au0olZuBZJqbT6qsegapJz_Ebcnqn5aI73U5kfzAfi0rhYpUtZQsBelbVWFu5up9UmlUe3PGfTe1qDvO2XSAsfIVlli4Vdy9L8ks_cMJd9OPDbJ6e_-OrXEeOSGTthkVzTA1i37gjzPFAz5nIqN-tRn8UbyrpZqrzgvgEjqK0RpTiMUtnMJ2Osyn0m2bPN9z3bz_On2rNZmqwQbe9j2T35BB0gAPgKjc2U250JGgV39M4TQBe-DAuofcL-YkAMtHS5o03TIUNLdMHFDiNilJ9DDqsLRdqKyjIyLHtbv1FL7TWl-vkceJnNKULAgKiN5fNI58Jw7h5_C0q-gLF1Drex3NKjBjWVqRNPwATG6MGhlgPgBAGIBZvQ6fEpkgUECAQYAZIFBAgFGASgBi6AB4PAnYYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEP3SCtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgk0aHR0cHM6Ly91cy5qZXRjb3N0LmNvbS9lcz9hd19jYW1wYWlnbl9pZD0xMTI0NDU2MjQ1OYAKA8gLAdoMEAoKELDGl478s9fCCxICAQPYEwyIFAPQFQGAFwGyFx4KHAgAEhRwdWItNDk3OTk3NzQ2MzgzMzAyNBiZgXQ&sigh=Z62tU-VrPxA&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWsI-eg_WNw0PvE6FZ692JdPJ_TsGWZqHbbSAgwHAnLyHefoqkSP0djn1fPv5Z66PIxCYlNlSWngbs95NZEDyUJB1kchYbJhgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa5fae1bab7c553980000000000000000%22,%222%22:%220x5115ebcf4e09d64a0000000000000000%22,%223%22:%220xbe2b01fc20b6b3c90000000000000000%22,%224%22:%220xf1c94c556f51f2de0000000000000000%22,%225%22:%220x80d617e551b7c560000000000000000%22},%22debug_key%22:%2216786636898094709775%22,%22debug_reporting%22:true,%22destination%22:%22https://jetcost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22975009365%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212563440966140419057%22}&andc=true

125 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
utua.com.br/gt-emp-bam-vivienda-p2/ 67 KB
16 KB 450ms
14ms Document
text/html 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/gt-emp-bam-vivienda-p2/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-ag&utm_term=gt-utua-ct-email-emp-ag-1014
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 0e38107b41df7cf36acde6215c124d88e4cfd1002e9840d71b5a4dc7c0709275

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 985
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=300
cf-cache-status: HIT
cf-ray: 7fbf3e0ccb25f671-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 23:05:50 GMT
last-modified: Thu, 24 Aug 2023 22:49:25 GMT
link: <https://utua.com.br/wp-json/>; rel="https://api.w.org/" <https://utua.com.br/wp-json/wp/v2/posts/25084>; rel="alternate"; type="application/json" <https://utua.com.br/?p=25084>; rel=shortlink
server: cloudflare
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-cloud-trace-context: c983e31765a061645a5f239b4247cf7c;o=1
x-powered-by: PHP/7.4.33

GET
H2 200 css2
fonts.googleapis.com/ 848 B
827 B 86ms
43ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans&display=swap

Requested by

Host: utua.com.br
URL: https://utua.com.br/gt-emp-bam-vivienda-p2/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-ag&utm_term=gt-utua-ct-email-emp-ag-1014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b7b259a87df556c5752105da739eaaf0142a9b2c83fec6fd092501f90bc5817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 23:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 23:05:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 23:05:50 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 119ms
79ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

278ddf57c73907ec8b2a5ca6e88c02c7f20fa4c75d128e9bb37c39df322a5530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29075
x-xss-protection: 0
server: cafe
etag: 512 / 19593 / 31077296 / config-hash: 11948005394286062217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 23:05:50 GMT

GET
H2 200 classic-themes.min.css
utua.com.br/wp-includes/css/ 291 B
304 B 20ms
19ms Stylesheet
text/css 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-bam-vivienda-p2/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-ag&utm_term=gt-utua-ct-email-emp-ag-1014
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/gt-emp-bam-vivienda-p2/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-ag&utm_term=gt-utua-ct-email-emp-ag-1014
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:50 GMT
via: 1.1 google, 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Jul 2023 17:03:10 GMT
server: cloudflare
age: 985
etag: W/"123-600756c650f80-gzip"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: e97bdc084e0ba3bc7cca5526645d2b35
cache-control: private, max-age=300
cf-ray: 7fbf3e0ceb40f671-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.post.css
utua.com.br/wp-content/themes/clean-n-beauty-theme/css/ 20 KB
5 KB 13ms
12ms Stylesheet
text/css 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/style.post.css?ver=24082023194925
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-bam-vivienda-p2/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-ag&utm_term=gt-utua-ct-email-emp-ag-1014
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e298baccf7bccebe558cd80c7473a2c6910bd2b2ec674e63079bc8adfef527

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/gt-emp-bam-vivienda-p2/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-ag&utm_term=gt-utua-ct-email-emp-ag-1014
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:50 GMT
via: 1.1 google, 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 985
cf-polished: origSize=25759
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 14 Jul 2023 17:03:09 GMT
server: cloudflare
etag: W/"649f-600756c55cd40-gzip"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: ebbe9706563dadafd3a97b885b4f63d1
cache-control: private, max-age=300
cf-ray: 7fbf3e0ceb42f671-NRT

GET
H2 200 22d2bd37-design-sem-nome-84-442x332.png
bucket.utua.com.br/img/2022/10/ 1 KB
2 KB 417ms
15ms Image
image/webp 2606:4700:10::6816:129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2022/10/22d2bd37-design-sem-nome-84-442x332.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-bam-vivienda-p2/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-ag&utm_term=gt-utua-ct-email-emp-ag-1014
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 889a240e94c3bd6d200a5f8389bd0294fdbb50265f44c62adbe36247601334f8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
cf-cache-status: HIT
age: 986
cf-polished: origFmt=png, origSize=3477
x-guploader-uploadid: ADPycduahL-Muh3EEStkpMWtghdxW2isD1iMi4lkp2Nfdv2XAsiYOxnM3wIpRO-taAM-LuOhAE4gZ-2FG2rOqut1eQW8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="22d2bd37-design-sem-nome-84-442x332.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1454
x-goog-meta-height: 332
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Oct 2022 21:23:09 GMT
server: cloudflare
x-goog-meta-child-of: 25012
etag: "1ea9f3fd50d6773c4ed77e5dd7f971ec"
vary: Accept
x-goog-generation: 1665091389527019
content-type: image/webp
x-goog-hash: crc32c=yehGuA==, md5=Hqnz/VDWdzxO135d1/lx7A==
x-goog-meta-width: 442
cache-control: public, max-age=36000, must-revalidate
x-goog-stored-content-length: 3477
accept-ranges: bytes
cf-ray: 7fbf3e0fff52affa-NRT
x-goog-meta-size: img-442
expires: Fri, 25 Aug 2023 08:34:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
86 KB 95ms
48ms Script
application/javascript 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

954c01547bb5044fc3717e401411dce0a71267414b82944499a49a38ec1be818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87159
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Aug 2023 23:05:51 GMT

GET
H2 200 growthcontrol-lite-ltv.build.js Show response
assets.begrowth.com.br/growthcontrol/ 72 KB
19 KB 416ms
11ms Script
text/javascript 2606:4700:20::ac43:480b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-bam-vivienda-p2/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-ag&utm_term=gt-utua-ct-email-emp-ag-1014
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:480b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd0757f023e0bbda7f4bbd2c5d84103681c9ce2b771337534d31066853e248d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3239
cf-polished: origSize=73954
x-guploader-uploadid: ADPycdsvNzxJhD5317x3Q53GNed6lavkufhM5lihcfr1hdiy0IkYpOga5pO-SWxlTnP-KPTDgX80jDs6XVgW13778c6gkw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Fri, 17 Mar 2023 19:37:01 GMT
server: cloudflare
etag: W/"bdee3d3f971900ba215ddd16446ef924"
vary: Accept-Encoding
x-goog-generation: 1679081821460101
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=ur+DTg==, md5=ve49P5cZALohXd0WRG75JA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwfl8FbVeaKwrMtVIG6ZoXgjUtkoyMlNVgAUqvsrXBgCCkowMwJY%2BjNIpyI2NkEi0Fo8yS4jiWHByVYkLsA%2F5O1eIXKM9ecXlv4KF1yX0NQPLer27tyQ%2BiWaRdDTH1hsey247XG32Fep7Se2fsiOwFswevE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 73954
cf-ray: 7fbf3e10084e80ad-NRT
expires: Thu, 24 Aug 2023 22:12:52 GMT

GET
H3 200 spritesheet.png
utua.com.br/wp-content/themes/clean-n-beauty-theme/images/ 1 KB
2 KB 12ms
12ms Image
image/webp 2606:4700:10::6816:29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/images/spritesheet.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/style.post.css?ver=24082023194925
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 729fdd056968891a9b7a1eb8fa6365f58a7da10fd953e837feec3bea6501b585

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/style.post.css?ver=24082023194925
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:50 GMT
via: 1.1 google, 1.1 google
cf-cache-status: HIT
age: 55401
cf-polished: origFmt=png, origSize=3567
content-disposition: inline; filename="spritesheet.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1366
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Jul 2023 17:03:09 GMT
server: cloudflare
etag: "def-600756c55cd40"
vary: Accept
content-type: image/webp
x-cloud-trace-context: 1ac7f92a3829d3e14ae895717ac7b654
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 7fbf3e0d88fef6e1-NRT

GET
H2 200 rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2
fonts.gstatic.com/s/dmsans/v14/ 14 KB
14 KB 48ms
3ms Font
font/woff2 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b99e2ac0acd1e779f2db8aa9fc92e5901207ad6150689a5318163a70ee667157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://utua.com.br
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:43:03 GMT
x-content-type-options: nosniff
age: 465768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14132
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 22:06:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 13:43:03 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/ 403 KB
127 KB 3ms
2ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8165d8e2771d30c1a2baf2e6ebb58ce49c3b9dc575676b6f1aa7afeb2e5efe86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:40:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41105
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129871
x-xss-protection: 0
server: cafe
etag: 10423821264569162327
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 23 Aug 2024 11:40:46 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 11ms
2ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:56:46 GMT
content-encoding: gzip
age: 2372945
x-guploader-uploadid: ADPycdv7A7UlWyYoEyZZoWvQBDDrkDzEu0ZQbVaiQ0BdyzAm2l6Swj2UdrPvIsv9evCEWrLn9kVxK_gwlKfCpKa0zhMjdw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 27 Jul 2024 11:56:46 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 15ms
4ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 23:05:51 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
902 B 7ms
1ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Aug 2023 23:05:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 42329
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-nrt-rjtf7700054-NRT
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 119 KB
26 KB 21ms
11ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: 5Q1B5BPRKTWF0GXZ
age: 3195
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7fbf3e0e5d2ff706-NRT
x-amz-id-2: c6brGKKodhAvUG3Ckoq+NrO7cuX5wF5nuLiTevlhilvTIbgSWoTPw941PEH7Ju3Q5iJNqaor3nI=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 248ms
239ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 153404b5a6f1c733705f7890983a8d9c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 20ms
2ms Script
text/javascript 2600:9000:20c4:c600:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c4:c600:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: null
Date: Thu, 24 Aug 2023 09:47:47 GMT
Via: 1.1 591d8121e6c7795f14aa600cdccbe2d2.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: NRT57-C2
Age: 47885
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: sKqejz_x4DBedGJoNgXK9J8YHxaA66CwrgMe1PP0HmCDIbiFAkmnnw==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 16ms
2ms Script
text/javascript 99.84.133.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.133.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-133-82.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 08:45:25 GMT
content-encoding: gzip
via: 1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 15:52:21 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C3
age: 51627
etag: W/"abaee4c7a9cdd5e5098ecb24384e9e09"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: B0LSt7_8uyYh4lavRi-SKTTzEBOLYhHcFKERyK6A1MxZ2zK6yohxkA==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 588 KB
106 KB 939ms
939ms Fetch
text/plain 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=362798861520402&correlator=4156857222156858&eid=31077296&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fifs&iu_parts=21862753527%2Cutua_desk_top%2Cutua_desk_content%2Cutua_desk_sidebar%2Cutua_desk_interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x250%7C970x250%7C980x90%2C320x50%7C300x250%7C336x280%2C120x600%7C160x600%7C300x600%7C300x250%2C1x1&fluid=0%2Cheight%2C0%2C0&ifi=1&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C8&sc=1&cookie_enabled=1&abxe=1&dt=1692918351080&lmt=1692884965&adxs=436%2C650%2C1468%2C-9&adys=98%2C584%2C122%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_content%3Dgt-utua-ct-email-emp-ag%26amp%3Butm_term%3Dgt-utua-ct-email-emp-ag-1014&vis=1&psz=1600x1200%7C800x0%7C120x250%7C0x-1&msz=1600x0%7C800x0%7C120x250%7C0x-1&fws=4%2C4%2C516%2C2&ohw=1600%2C1600%2C1600%2C0&ga_vid=689598793.1692918351&ga_sid=1692918351&ga_hid=627270141&ga_fc=false&dlt=1692918350867&idt=188&cust_params=request_uri%3D%252Fgt-emp-bam-vivienda-p2%252F%26utm_source%3Dclevertap%26utm_medium%3Ddirect%26utm_campaign%3Ddirect%26utm_content%3Ddirect%26utm_term%3Ddirect%26placement%3Ddirect%26hour%3D08%26dayshifts%3Dmorning&adks=3399986936%2C1558435176%2C695725469%2C687659283&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e0a0ff5eda1dd5d00542212712434a4a8ebdcd208c13546368bbebff3676adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108945
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 911C 6 KB
3 KB 137ms
58ms Document
text/html 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 23:05:51 GMT
expires: Fri, 23 Aug 2024 23:05:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/ 37 KB
13 KB 3ms
2ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl_page_level_ads.js?cb=31077296

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15c0cb78027116295adacf008a60f665640f4f4ce04fd85aa7aa0cdc7c3a57f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41065
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13164
x-xss-protection: 0
server: cafe
etag: 6816594145109493849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 23 Aug 2024 11:41:26 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_cont...
https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_cont...

85 B
203 B

154ms
152ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_content%3Dgt-utua-ct-email-emp-ag%26amp%3Butm_term%3Dgt-utua-ct-email-emp-ag-1014&rid=esp&cc=1
Requested by: Host: utua.com.br
URL: https://utua.com.br/gt-emp-bam-vivienda-p2/?utm_source=clevertap&utm_medium=email&utm_campaign=gt-utua-ct-email-emp&utm_content=gt-utua-ct-email-emp-ag&utm_term=gt-utua-ct-email-emp-ag-1014
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: eeed705db54da68cf87179a8c2cc3886303e781fed6ff2de562ae27757a5866c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-V0rxXyqJu4EDAmznjpZh+DAxSho"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://utua.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 24 Aug 2023 23:05:51 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://utua.com.br
location: /esp?url=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_content%3Dgt-utua-ct-email-emp-ag%26amp%3Butm_term%3Dgt-utua-ct-email-emp-ag-1014&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DCD9 15 KB
6 KB 12ms
4ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=utua.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

570a23389bf64a371b8b32a87c7385b0d463916213dfaf0710ada4f95f759a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 23:05:50 GMT
server: Kestrel
server-processing-duration-in-ticks: 275086
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
83 KB 46ms
46ms Script
application/javascript 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7346c4e0f93afa6d3c51f0623730e4c64b18631ed47abaafbfc7935ccb6f7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Aug 2023 23:05:51 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 1403ms
444ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://utua.com.br/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://utua.com.br
date: Thu, 24 Aug 2023 23:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
689 B 241ms
85ms XHR
application/json 54.255.46.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.46.102 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-46-102.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 917b3fe7bda0abfa1d365c9359649ae03b7aca0370786b2bb88bdf9c68f09ec1

Request headers

Referer: https://utua.com.br/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:51 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://utua.com.br
cache-control: no-cache
x-server: 10.42.7.0
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame DCD9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=utua.com.br&sn=ChromeSyncframe&so=0&topUrl=utua.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Uk7lD3xoekhsZUN1aVdaUC9RTkZ0MkZUckhERE5iVXR2TU5tbkoyQ0JNWFJkZ0U5aGdGWFZxTVdnbGdzdlYvQjRQVSt4R2p6Nk82MVJvTzFwdm0wQkJUNk9MeHR2YnNnMzlpT3BsdXo0YUlRNk8wK3J5RmdpSSsxTHNQWU...

433 B
667 B

15ms
3ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Uk7lD3xoekhsZUN1aVdaUC9RTkZ0MkZUckhERE5iVXR2TU5tbkoyQ0JNWFJkZ0U5aGdGWFZxTVdnbGdzdlYvQjRQVSt4R2p6Nk82MVJvTzFwdm0wQkJUNk9MeHR2YnNnMzlpT3BsdXo0YUlRNk8wK3J5RmdpSSsxTHNQWURzTUxhMGpIbnhlWUhkd3NZR0Urd1RMamRWUFJxNUJyOUZIdWJzdksxUzlnZE1CUm5NdTRMbkVaRytadW5WTWtxSmVrdUJ5RWp3Uld2QXNuVzJTc010Y2J1MklFcXl3anI4WDB1Qzdmb1MycUNtZzNpaVUzZWxUSjZ0RDVOTzhlTSs1U1dGWC9XcElHQm9WdHpZQWw1SGhpNUhmN1h6dz09fA&cppv=2

Requested by

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

067234ef2245940b20ce22a7d2f43943c0826083eb9885ca69f51f0c4e873335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:50 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1196952
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Uk7lD3xoekhsZUN1aVdaUC9RTkZ0MkZUckhERE5iVXR2TU5tbkoyQ0JNWFJkZ0U5aGdGWFZxTVdnbGdzdlYvQjRQVSt4R2p6Nk82MVJvTzFwdm0wQkJUNk9MeHR2YnNnMzlpT3BsdXo0YUlRNk8wK3J5RmdpSSsxTHNQWURzTUxhMGpIbnhlWUhkd3NZR0Urd1RMamRWUFJxNUJyOUZIdWJzdksxUzlnZE1CUm5NdTRMbkVaRytadW5WTWtxSmVrdUJ5RWp3Uld2QXNuVzJTc010Y2J1MklFcXl3anI4WDB1Qzdmb1MycUNtZzNpaVUzZWxUSjZ0RDVOTzhlTSs1U1dGWC9XcElHQm9WdHpZQWw1SGhpNUhmN1h6dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 282700
content-length: 0
expires: 0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 80ms
41ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je38n0&_p=627270141&_gaz=1&cid=689598793.1692918351&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692918351&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_content%3Dgt-utua-ct-email-emp-ag%26amp%3Butm_term%3Dgt-utua-ct-email-emp-ag-1014&dt=C%C3%B3mo%20Solicitar%20El%20Pr%C3%A9stamo%20de%20Vivienda%20de%20bam&en=page_view&_fv=2&_ss=2&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 114ms
38ms Ping
text/plain 2404:6800:4008:c13::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y1WZWFMSQF&cid=689598793.1692918351&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c13::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
408 B 84ms
44ms Image
image/gif 2404:6800:4004:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y1WZWFMSQF&cid=689598793.1692918351&gtm=45je38n0&aip=1&z=543248373

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 67ms
39ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je38n0&_p=627270141&cid=689598793.1692918351&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1692918351&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_content%3Dgt-utua-ct-email-emp-ag%26amp%3Butm_term%3Dgt-utua-ct-email-emp-ag-1014&dt=C%C3%B3mo%20Solicitar%20El%20Pr%C3%A9stamo%20de%20Vivienda%20de%20bam&en=scroll&_c=1&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
location.begrowth.com.br/ 166 B
578 B 24ms
9ms Fetch
application/json 2606:4700:20::681a:451
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.begrowth.com.br/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:451 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 880b7dd24fce5960d3e43bb46bbd7da2c470d0fbb18ea54c9c449f7bc240ebd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTSmqFb2UuGRgMrHDGydarv3ePJNt%2FM3zkqijAZHRmpxy7SXa09rcaFjEwAOERUrxcMAoU8XJOfJpeuDmYBEPUTEahyqb%2BV%2BjGTTz4zs8vFWHbIemNxs%2Fm8SlOIsUtXU2QNIwoLmh6fPNkX3ktDlFd1Zmno0fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/json
cf-ray: 7fbf3e105e91f645-NRT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 8B56 0
176 B 53ms
45ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 24 Aug 2023 23:05:51 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

OPTIONS
H2 200 /
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ Frame 0
0 314ms
271ms Preflight
text/html 2001:4860:4802:38::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utua.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 24 Aug 2023 23:05:51 GMT
server: Google Frontend
x-cloud-trace-context: 3bb8419c149992ab5f073db869defdbf

POST
H2 200 / Show response
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/ 0
76 B 359ms
359ms XHR
text/html 2001:4860:4802:38::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app/
Requested by: Host: assets.begrowth.com.br
URL: https://assets.begrowth.com.br/growthcontrol/growthcontrol-lite-ltv.build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
server: Google Frontend
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: f7351392305513b4f82cfe1751dbe9c2
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 93ms
52ms XHR
application/json 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0087ba540bb66c517bae6a836efddd17994e0153f5892321bf753d85ec31ab03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11803
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 41ms
2ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Aug 2023 21:44:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4868
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 24 Aug 2023 23:44:43 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
205 B 41ms
40ms XHR
text/plain 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=627270141&t=pageview&_s=1&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_content%3Dgt-utua-ct-email-emp-ag%26amp%3Butm_term%3Dgt-utua-ct-email-emp-ag-1014&ul=en-us&de=UTF-8&dt=C%C3%B3mo%20Solicitar%20El%20Pr%C3%A9stamo%20de%20Vivienda%20de%20bam&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=1272757501&gjid=1254771074&cid=689598793.1692918351&tid=UA-146231564-5&_gid=74630795.1692918352&_slc=1&gtm=45He38n0n81T48CH8D&z=1072728860

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
154 B 39ms
38ms XHR
text/plain 2404:6800:4008:c13::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146231564-5&cid=689598793.1692918351&jid=1272757501&gjid=1254771074&_gid=74630795.1692918352&_u=YCDAiEABBAAAAGAAI~&z=800531293

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c13::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Aug 2023 23:05:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 119ms
76ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 23:05:51 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 93ms
51ms Image
image/gif 2404:6800:4004:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146231564-5&cid=689598793.1692918351&jid=1272757501&_u=YCDAiEABBAAAAGAAI~&z=53952205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
107 B 40ms
40ms Image
image/gif 2404:6800:4004:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146231564-5&cid=689598793.1692918351&jid=1272757501&_u=YCDAiEABBAAAAGAAI~&z=53952205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2109 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 73137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:46:54 GMT
expires: Fri, 23 Aug 2024 02:46:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 222E 829 B
993 B 41ms
40ms Document
text/html 2404:6800:4004:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9d3db623815af3c89e31093433f1c1baa8080af75c0ee90b0437af015a78b103

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ehIg6VODhwdwPnkf--wPQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-ehIg6VODhwdwPnkf--wPQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 23:05:51 GMT
expires: Thu, 24 Aug 2023 23:05:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 2109 37 KB
14 KB 47ms
4ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:30:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 222E 0
0 43ms
35ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308220101&jk=362798861520402&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2109 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5RYGfw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 41ms
35ms Fetch
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://utua.com.br/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 container.html Show response
e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA19 6 KB
3 KB 3ms
2ms Document
text/html 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 23:05:51 GMT
expires: Fri, 23 Aug 2024 23:05:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 42ms
41ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je38n0&_p=627270141&cid=689598793.1692918351&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=3&sid=1692918351&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_content%3Dgt-utua-ct-email-emp-ag%26amp%3Butm_term%3Dgt-utua-ct-email-emp-ag-1014&dt=C%C3%B3mo%20Solicitar%20El%20Pr%C3%A9stamo%20de%20Vivienda%20de%20bam&en=ad_impression&_c=1&ep.query_id=CMK_0Ke09oADFS9eDwIdDCsBMg&_et=713
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E213 6 KB
3 KB 2ms
2ms Document
text/html 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 23:05:51 GMT
expires: Fri, 23 Aug 2024 23:05:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 41ms
41ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je38n0&_p=627270141&cid=689598793.1692918351&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=4&sid=1692918351&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_content%3Dgt-utua-ct-email-emp-ag%26amp%3Butm_term%3Dgt-utua-ct-email-emp-ag-1014&dt=C%C3%B3mo%20Solicitar%20El%20Pr%C3%A9stamo%20de%20Vivienda%20de%20bam&en=ad_impression&_c=1&ep.query_id=CMO_0Ke09oADFS9eDwIdDCsBMg&_et=18
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EA19 4 KB
751 B 44ms
43ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 23:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 23:02:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 23:05:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame EA19 2 KB
892 B 2ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame EA19 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame EA19 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame EA19 20 KB
8 KB 4ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA19 181 KB
57 KB 131ms
82ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 23:05:52 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame EA19 35 KB
15 KB 55ms
2ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 11:43:51 GMT

GET
DATA 200
OK truncated
/ Frame EA19 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

17074353085174600638
tpc.googlesyndication.com/simgad/ Frame EA19
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCniujDkwEQlQgYlQgyCPzSd_1051oX
https://tpc.googlesyndication.com/simgad/17074353085174600638

13 KB
13 KB

3ms
2ms

Image
image/png

2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17074353085174600638

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f54bc5924e62d940f090e2358b28b17889d65611ebc2f20f11edb9ee5142b791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 17:40:32 GMT
x-content-type-options: nosniff
age: 451520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13760
x-xss-protection: 0
last-modified: Wed, 13 Nov 2019 08:59:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Aug 2024 17:40:32 GMT

Redirect headers

date: Thu, 24 Aug 2023 03:18:08 GMT
x-content-type-options: nosniff
server: cafe
age: 71264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/17074353085174600638
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Sep 2023 03:18:08 GMT

GET
H3 200 container.html Show response
e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4760 6 KB
3 KB 3ms
2ms Document
text/html 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 23:05:51 GMT
expires: Fri, 23 Aug 2024 23:05:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame E213 4 KB
728 B 45ms
44ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 23:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 23:05:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 23:05:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame E213 2 KB
892 B 2ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame E213 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame E213 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame E213 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E213 181 KB
57 KB 149ms
123ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 23:05:52 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame E213 35 KB
15 KB 34ms
5ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 11:43:51 GMT

GET
DATA 200
OK truncated
/ Frame E213 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

17074353085174600638
tpc.googlesyndication.com/simgad/ Frame E213
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCniujDkwEQlQgYlQgyCPzSd_1051oX
https://tpc.googlesyndication.com/simgad/17074353085174600638

13 KB
13 KB

2ms
2ms

Image
image/png

2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17074353085174600638

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f54bc5924e62d940f090e2358b28b17889d65611ebc2f20f11edb9ee5142b791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 17:40:32 GMT
x-content-type-options: nosniff
age: 451520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13760
x-xss-protection: 0
last-modified: Wed, 13 Nov 2019 08:59:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Aug 2024 17:40:32 GMT

Redirect headers

date: Thu, 24 Aug 2023 03:18:08 GMT
x-content-type-options: nosniff
server: cafe
age: 71264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/17074353085174600638
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Sep 2023 03:18:08 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 37ms
36ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je38n0&_p=627270141&cid=689598793.1692918351&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=5&sid=1692918351&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_content%3Dgt-utua-ct-email-emp-ag%26amp%3Butm_term%3Dgt-utua-ct-email-emp-ag-1014&dt=C%C3%B3mo%20Solicitar%20El%20Pr%C3%A9stamo%20de%20Vivienda%20de%20bam&en=ad_impression&_c=1&ep.query_id=CMS_0Ke09oADFS9eDwIdDCsBMg&_et=62
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA2B 6 KB
3 KB 2ms
2ms Document
text/html 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 23:05:51 GMT
expires: Fri, 23 Aug 2024 23:05:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 38ms
38ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je38n0&_p=627270141&cid=689598793.1692918351&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=6&sid=1692918351&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fgt-emp-bam-vivienda-p2%2F%3Futm_source%3Dclevertap%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3Dgt-utua-ct-email-emp%26amp%3Butm_content%3Dgt-utua-ct-email-emp-ag%26amp%3Butm_term%3Dgt-utua-ct-email-emp-ag-1014&dt=C%C3%B3mo%20Solicitar%20El%20Pr%C3%A9stamo%20de%20Vivienda%20de%20bam&en=ad_impression&_c=1&ep.query_id=CMW_0Ke09oADFS9eDwIdDCsBMg&_et=50
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4760 4 KB
655 B 43ms
42ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 23:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 23:02:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 23:05:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 4760 2 KB
892 B 2ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 4760 23 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 4760 3 KB
1 KB 4ms
4ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 4760 20 KB
8 KB 4ms
4ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4760 181 KB
57 KB 65ms
61ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 23:05:52 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 4760 35 KB
15 KB 6ms
2ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 11:43:51 GMT

GET
DATA 200
OK truncated
/ Frame 4760 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

17074353085174600638
tpc.googlesyndication.com/simgad/ Frame 4760
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCniujDkwEQlQgYlQgyCPzSd_1051oX
https://tpc.googlesyndication.com/simgad/17074353085174600638

13 KB
13 KB

3ms
3ms

Image
image/png

2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17074353085174600638

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f54bc5924e62d940f090e2358b28b17889d65611ebc2f20f11edb9ee5142b791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 17:40:32 GMT
x-content-type-options: nosniff
age: 451520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13760
x-xss-protection: 0
last-modified: Wed, 13 Nov 2019 08:59:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Aug 2024 17:40:32 GMT

Redirect headers

date: Thu, 24 Aug 2023 03:18:08 GMT
x-content-type-options: nosniff
server: cafe
age: 71264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/17074353085174600638
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Sep 2023 03:18:08 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame BA2B 4 KB
671 B 45ms
45ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 23:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:06:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 23:05:52 GMT

GET
H2 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame A053 9 KB
4 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 11:43:51 GMT

GET
H2 200 d30d1434f9ac7dd47ad69fcb178232d0.js Show response
www.gstatic.com/mysidia/ Frame A053 117 KB
41 KB 4ms
3ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d30d1434f9ac7dd47ad69fcb178232d0.js?tag=leadgen/new_snom_text

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b54a89aa3892b7bb418c6241e9ef33745e8a4ab04ed0dc3b4e64cda8273f29f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 06:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41841
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Nov 2023 06:12:48 GMT

GET
H2 200 b5fa40f50e5935a6cb0e2cf2eea955bc.js Show response
www.gstatic.com/mysidia/ Frame A053 18 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b5fa40f50e5935a6cb0e2cf2eea955bc.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edcee285d53072d471a520cf4f06657c69cc9d9fa5933a225c15e889a2466a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7794
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Nov 2023 07:41:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A053 9 KB
1 KB 41ms
41ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99fae6468b3bd803389038dbee0d9d96f845779869b3d448db662e735bb8ec6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 23:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 23:02:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 23:05:52 GMT

GET
H3 200 mdc_list_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame A053 27 KB
6 KB 10ms
7ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 13:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
server: cafe
etag: 4758454654811317262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 25 Aug 2023 13:51:52 GMT

GET
H3 200 mdc_menu_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame A053 51 KB
11 KB 11ms
8ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 15:37:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11146
x-xss-protection: 0
server: cafe
etag: 2759356358486721826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 25 Aug 2023 15:37:56 GMT

GET
H3 200 mdc_menu_surface.min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame A053 18 KB
5 KB 11ms
8ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 16:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4739
x-xss-protection: 0
server: cafe
etag: 18373107336927916518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 25 Aug 2023 16:46:50 GMT

GET
H3 200 mdc_select_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame A053 103 KB
18 KB 13ms
10ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:23:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18791
x-xss-protection: 0
server: cafe
etag: 10996637669125113147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:23:13 GMT

GET
H3 200 mdc_textfield_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame A053 58 KB
10 KB 13ms
9ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 21:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10107
x-xss-protection: 0
server: cafe
etag: 7588401036457704084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 25 Aug 2023 21:31:04 GMT

GET
H3 200 mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame A053 31 KB
3 KB 12ms
9ms Stylesheet
text/css 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 13:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3021
x-xss-protection: 0
server: cafe
etag: 18113988596513574663
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 25 Aug 2023 13:37:09 GMT

GET
H3 200 mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame A053 3 KB
791 B 12ms
8ms Stylesheet
text/css 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 766
x-xss-protection: 0
server: cafe
etag: 14497039402300002370
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:40:52 GMT

GET
H3 200 mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame A053 2 KB
636 B 12ms
9ms Stylesheet
text/css 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 05:59:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 611
x-xss-protection: 0
server: cafe
etag: 18268606943400439583
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 25 Aug 2023 05:59:08 GMT

GET
H3 200 mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame A053 37 KB
4 KB 11ms
8ms Stylesheet
text/css 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 15:45:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3940
x-xss-protection: 0
server: cafe
etag: 17986137158686949241
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 25 Aug 2023 15:45:13 GMT

GET
H3 200 mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame A053 51 KB
5 KB 11ms
8ms Stylesheet
text/css 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 09:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4595
x-xss-protection: 0
server: cafe
etag: 17552977722549843295
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 25 Aug 2023 09:03:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame A053 2 KB
892 B 5ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H2 200 a9ae6272c21e4a7a4b35359e789437e1.js Show response
www.gstatic.com/mysidia/ Frame A053 22 KB
9 KB 5ms
2ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a9ae6272c21e4a7a4b35359e789437e1.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec3ea62f032c9f61092ab9f37ae92fbe870bb87639cc5b9a2ab1c1357073faf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9272
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Nov 2023 20:46:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame A053 23 KB
9 KB 5ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame A053 3 KB
1 KB 6ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame A053 20 KB
8 KB 6ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:21:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A053 181 KB
57 KB 86ms
83ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 23:05:52 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame BA2B 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:35:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:35:20 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BA2B 205 B
520 B 9ms
1ms Image
image/png 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 20:31:12 GMT
x-content-type-options: nosniff
age: 527680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 17 Aug 2024 20:31:12 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BA2B 604 B
695 B 9ms
2ms Image
image/png 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 15:57:29 GMT
x-content-type-options: nosniff
age: 25703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 23 Aug 2024 15:57:29 GMT

GET
DATA 200
OK truncated
/ Frame EA19 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8c6e888f823941863af4568b76a465123a5c4541620a1f36f93245896726857

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EA19 16 KB
16 KB 3ms
2ms Font
font/woff2 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:55:22 GMT
x-content-type-options: nosniff
age: 177030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 21:55:22 GMT

GET
DATA 200
OK truncated
/ Frame E213 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3fb7f3dfda5d592609dce04476284d9122c569d156c1d84bf8a6f327703aaa7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 77ms
39ms Preflight
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CBZZAT-LnZILcCK-8vcAPjNaEkAP4rfnYb4DsmvLjDGQQASCfzvZ9YInzxYT0E6AB1ez10APIAQmpAkkf1IF6J7I-4AIAqAMByAPLBKoEnwNP0F2RJSWGc5jc4TvBlWUroIsTxLkxnpogwDVUm22ZZ2prRk_ZcT5gxIJOaAr332LgyPr8NVvnB41AZw3y8H7v-ddYK7a0iXpirJxvJqV_ky8ceandTr0pQi3s12jNUzEsk34MKxnVGT4zbxTIpue-ogdS7o-xv00uR4MtQzjXaW6wTkBHGBUKiF0NhQrGrjzAWREOejuTnuQ81Juk3CQAi_kl10YgHMd3lOC5a_REdUk0I5sFOjoFhOUNb-T4qetb7KQfZz0ub43olD4Q_YYEZJuD-JYgp7YZtMr1K6jS41kPzxd4I75dPj8y-J25t2h4CuIYPngXZuFylDuCYtsbLIut8TmEsdA5mYybP-gnU6CfRqEolOEP9SvcQq7VyIY9xf-22vZm00c0iRdY0FLFPQwdxY1sVGNl7Egxwqz6S4m14ghAxAJ8zbuYiBfEQW2_BYNlN3PBHkihnJjIVHGugNAwf5U1CdIwLHcNp3FItjyxs8O2-qwFoQ928LNbVfLF8d2Qy3INeE_f1g5IkCGg1lwBsbophFZbWx7EeRXCwATG6MGhlgPgBAGIBZvQ6fEpkgUECAQYAZIFBAgFGASgBi6AB4PAnYYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEMWvM9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mgk0aHR0cHM6Ly91cy5qZXRjb3N0LmNvbS9lcz9hd19jYW1wYWlnbl9pZD0xMTI0NDU2MjQ1OYAKA8gLAdoMEAoKENDuvdXbj--kFxICAQPYEwyIFAPQFQGAFwGyFx4KHAgAEhRwdWItNDk3OTk3NzQ2MzgzMzAyNBiZgXQ&sigh=JmNZ6ctDDoY&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWsI-eg_WNw0PvE6FZ692JdPJ_TsGWZqHbbSAgwHAnLyHefoqkSP0djn1fPv5Z66PIxCYlNlSWngbs95NZEDyUJB1kchYbJhgB&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 23:05:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EA19
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CBZZAT-LnZILcCK-8vcAPjNaEkAP4rfnYb4DsmvLjDGQQASCfzvZ9YInzxYT0E6AB1ez10APIAQmpAkkf1IF6J7I-4AIAqAMByAPLBKoEnwNP0F2RJSWGc5jc4TvBlWUroIsTxLkxnpog...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa5fae1bab7c553980000000000000000%22,%222%22:%220x5115ebcf4e09d64a0000000000000000%22,%223%22:%220xbe2b01...

0
0

80ms
40ms

Fetch
text/css

142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa5fae1bab7c553980000000000000000%22,%222%22:%220x5115ebcf4e09d64a0000000000000000%22,%223%22:%220xbe2b01fc20b6b3c90000000000000000%22,%224%22:%220xf1c94c556f51f2de0000000000000000%22,%225%22:%220x80d617e551b7c560000000000000000%22},%22debug_key%22:%222208210794898881465%22,%22debug_reporting%22:true,%22destination%22:%22https://jetcost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22975009365%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215086652975948924945%22}&andc=true

Protocol

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa5fae1bab7c553980000000000000000","2":"0x5115ebcf4e09d64a0000000000000000","3":"0xbe2b01fc20b6b3c90000000000000000","4":"0xf1c94c556f51f2de0000000000000000","5":"0x80d617e551b7c560000000000000000"},"debug_key":"2208210794898881465","debug_reporting":true,"destination":"https://jetcost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["975009365"],"4":["08-24"],"6":["true"]},"priority":"500","source_event_id":"15086652975948924945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Aug 2023 23:05:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Aug 2023 23:05:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa5fae1bab7c553980000000000000000","2":"0x5115ebcf4e09d64a0000000000000000","3":"0xbe2b01fc20b6b3c90000000000000000","4":"0xf1c94c556f51f2de0000000000000000","5":"0x80d617e551b7c560000000000000000"},"debug_key":"2208210794898881465","debug_reporting":true,"destination":"https://jetcost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["975009365"],"4":["08-24"],"6":["true"]},"priority":"500","source_event_id":"15086652975948924945"}&andc=true
access-control-allow-origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4760 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a3873b1fbc33bfb12321cd26ac12ed4336e595cb07649451a9542118e06e3a4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 9194 37 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:30:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E213 16 KB
16 KB 3ms
3ms Font
font/woff2 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:55:22 GMT
x-content-type-options: nosniff
age: 177030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 21:55:22 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4760 16 KB
16 KB 4ms
4ms Font
font/woff2 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:55:22 GMT
x-content-type-options: nosniff
age: 177030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 21:55:22 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 42ms
42ms Preflight
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CLVheT-LnZIPcCK-8vcAPjNaEkAP4rfnYb6jsmvLjDGQQASCfzvZ9YInzxYT0E6AB1ez10APIAQmpAkkf1IF6J7I-4AIAqAMByAPLBKoEogNP0Fow239_-z5EJ5Tb3ZJxVFktzgEnNLWwg342NS3XTIkgEIb9ZP426c-Bplyr6eH1OgnufE-Nshx4wutvzVKVJcKyd4lBBoUETtfHpYfUiwYLAqdkmsGT9MlUc8yCm2iKqypmIBDb4Bo33bYpasYgoevVYGZnE5Efl4Dnqt1kbW8S3nu988Qe3QPUk9gaf1eVwTdmaXnGRornzPj29maiqp3mCugScYt5D_-45SZkJrIVSO2Ze77RswRpnWqbKigR4ZiZ2vPiTaOpu0a-wGpMJxNRZC6x7J7Mh7AjpXsZJMD4euD72RSy5CkJII8uUrGVWrW0ZCSG-y8jIhMz8qziuFd0D8GCXvLotx3jMBL5KkZ-wS3s-MKgFBv_oCFg9YjPpHhuh5n8t1GO_WAXcW8ZYCLcvlpPcKxjyBWzlKN6XwwI50LvDiEwye5VtcwJjC8fJUH7YE6znDBoOgU-Wcunjl82qouJkOV8YYj9QRMpn97Wxx6ddW2umU4ttGkZlEl7qIw7b0cBIQpDniX63GfXGj5G72jBm8REtTckSVCDrmzgwATG6MGhlgPgBAGIBZvQ6fEpkgUECAQYAZIFBAgFGASgBi6AB4PAnYYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJa6EdIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgk0aHR0cHM6Ly91cy5qZXRjb3N0LmNvbS9lcz9hd19jYW1wYWlnbl9pZD0xMTI0NDU2MjQ1OYAKA8gLAdoMEAoKEIDc0a6z4cv9RBICAQPYEwyIFAPQFQGAFwGyFx4KHAgAEhRwdWItNDk3OTk3NzQ2MzgzMzAyNBiZgXQ&sigh=DVf9HtX8eQM&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWsI-eg_WNw0PvE6FZ692JdPJ_TsGWZqHbbSAgwHAnLyHefoqkSP0djn1fPv5Z66PIxCYlNlSWngbs95NZEDyUJB1kchYbJhgB&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 23:05:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E213
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CLVheT-LnZIPcCK-8vcAPjNaEkAP4rfnYb6jsmvLjDGQQASCfzvZ9YInzxYT0E6AB1ez10APIAQmpAkkf1IF6J7I-4AIAqAMByAPLBKoEogNP0Fow239_-z5EJ5Tb3ZJxVFktzgEnNLWw...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa5fae1bab7c553980000000000000000%22,%222%22:%220x5115ebcf4e09d64a0000000000000000%22,%223%22:%220xbe2b01...

0
0

72ms
44ms

Fetch
text/css

142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa5fae1bab7c553980000000000000000%22,%222%22:%220x5115ebcf4e09d64a0000000000000000%22,%223%22:%220xbe2b01fc20b6b3c90000000000000000%22,%224%22:%220xf1c94c556f51f2de0000000000000000%22,%225%22:%220x80d617e551b7c560000000000000000%22},%22debug_key%22:%2213180988179828735106%22,%22debug_reporting%22:true,%22destination%22:%22https://jetcost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22975009365%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221405235128393427777%22}&andc=true

Protocol

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa5fae1bab7c553980000000000000000","2":"0x5115ebcf4e09d64a0000000000000000","3":"0xbe2b01fc20b6b3c90000000000000000","4":"0xf1c94c556f51f2de0000000000000000","5":"0x80d617e551b7c560000000000000000"},"debug_key":"13180988179828735106","debug_reporting":true,"destination":"https://jetcost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["975009365"],"4":["08-24"],"6":["true"]},"priority":"500","source_event_id":"1405235128393427777"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Aug 2023 23:05:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Aug 2023 23:05:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa5fae1bab7c553980000000000000000","2":"0x5115ebcf4e09d64a0000000000000000","3":"0xbe2b01fc20b6b3c90000000000000000","4":"0xf1c94c556f51f2de0000000000000000","5":"0x80d617e551b7c560000000000000000"},"debug_key":"13180988179828735106","debug_reporting":true,"destination":"https://jetcost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["975009365"],"4":["08-24"],"6":["true"]},"priority":"500","source_event_id":"1405235128393427777"}&andc=true
access-control-allow-origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 42ms
41ms Preflight
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CdDNLT-LnZITcCK-8vcAPjNaEkAP4rfnYb4DsmvLjDGQQASCfzvZ9YInzxYT0E6AB1ez10APIAQmpAkkf1IF6J7I-4AIAqAMByAPLBKoEogNP0CECeXHvhXwvNj0vtw84TSoUY83xJCP1GuSXGLapXNhS6KKwU_VmZ7Ev1xWikPIcnw87xA8U2RYEaH3MfwV_oD79MzLiYbfi6FPqK-iKoyAmYtiq-SjVisTLEPw-mnBK5JNFJ7yrNTNwwaKdKWPrIaOhKN6JNaOjDm_2Ph7Tz2CF_xoKPGcBNryfkgsw3gTEp8FX3wIpW6Au0olZuBZJqbT6qsegapJz_Ebcnqn5aI73U5kfzAfi0rhYpUtZQsBelbVWFu5up9UmlUe3PGfTe1qDvO2XSAsfIVlli4Vdy9L8ks_cMJd9OPDbJ6e_-OrXEeOSGTthkVzTA1i37gjzPFAz5nIqN-tRn8UbyrpZqrzgvgEjqK0RpTiMUtnMJ2Osyn0m2bPN9z3bz_On2rNZmqwQbe9j2T35BB0gAPgKjc2U250JGgV39M4TQBe-DAuofcL-YkAMtHS5o03TIUNLdMHFDiNilJ9DDqsLRdqKyjIyLHtbv1FL7TWl-vkceJnNKULAgKiN5fNI58Jw7h5_C0q-gLF1Drex3NKjBjWVqRNPwATG6MGhlgPgBAGIBZvQ6fEpkgUECAQYAZIFBAgFGASgBi6AB4PAnYYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEP3SCtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgk0aHR0cHM6Ly91cy5qZXRjb3N0LmNvbS9lcz9hd19jYW1wYWlnbl9pZD0xMTI0NDU2MjQ1OYAKA8gLAdoMEAoKELDGl478s9fCCxICAQPYEwyIFAPQFQGAFwGyFx4KHAgAEhRwdWItNDk3OTk3NzQ2MzgzMzAyNBiZgXQ&sigh=Z62tU-VrPxA&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWsI-eg_WNw0PvE6FZ692JdPJ_TsGWZqHbbSAgwHAnLyHefoqkSP0djn1fPv5Z66PIxCYlNlSWngbs95NZEDyUJB1kchYbJhgB&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 23:05:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4760
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CdDNLT-LnZITcCK-8vcAPjNaEkAP4rfnYb4DsmvLjDGQQASCfzvZ9YInzxYT0E6AB1ez10APIAQmpAkkf1IF6J7I-4AIAqAMByAPLBKoEogNP0CECeXHvhXwvNj0vtw84TSoUY83xJCP1...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa5fae1bab7c553980000000000000000%22,%222%22:%220x5115ebcf4e09d64a0000000000000000%22,%223%22:%220xbe2b01...

0
0

70ms
43ms

Fetch
text/css

142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa5fae1bab7c553980000000000000000%22,%222%22:%220x5115ebcf4e09d64a0000000000000000%22,%223%22:%220xbe2b01fc20b6b3c90000000000000000%22,%224%22:%220xf1c94c556f51f2de0000000000000000%22,%225%22:%220x80d617e551b7c560000000000000000%22},%22debug_key%22:%2216786636898094709775%22,%22debug_reporting%22:true,%22destination%22:%22https://jetcost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22975009365%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212563440966140419057%22}&andc=true

Protocol

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:05:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa5fae1bab7c553980000000000000000","2":"0x5115ebcf4e09d64a0000000000000000","3":"0xbe2b01fc20b6b3c90000000000000000","4":"0xf1c94c556f51f2de0000000000000000","5":"0x80d617e551b7c560000000000000000"},"debug_key":"16786636898094709775","debug_reporting":true,"destination":"https://jetcost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["975009365"],"4":["08-24"],"6":["true"]},"priority":"500","source_event_id":"12563440966140419057"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Aug 2023 23:05:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Aug 2023 23:05:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa5fae1bab7c553980000000000000000","2":"0x5115ebcf4e09d64a0000000000000000","3":"0xbe2b01fc20b6b3c90000000000000000","4":"0xf1c94c556f51f2de0000000000000000","5":"0x80d617e551b7c560000000000000000"},"debug_key":"16786636898094709775","debug_reporting":true,"destination":"https://jetcost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["975009365"],"4":["08-24"],"6":["true"]},"priority":"500","source_event_id":"12563440966140419057"}&andc=true
access-control-allow-origin: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A053 0
23 B 40ms
40ms Ping
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoMCAEqCFRvd2VyQWxsCgoIAioGc2VydmVyCi4aIWRpc3BsYXlfbGVhZF9mb3JtX3F1ZXN0aW9uX251bWJlciEAAAAAAAAQQDABCg0QKyEAAAAAAAAzQDABEhpDTVdfMEtlMDlvQURGUzllRHdJZERDc0JNZyIVbGVhZGdlbi9uZXdfc25vbV90ZXh0KCw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b5fa40f50e5935a6cb0e2cf2eea955bc.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
40ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308220101&jk=362798861520402&bg=!DwylDEPNAAYkVgHwBFY7ADQBe5WfOGmMcicYNWCGrzaZgCEh1KenZq2iYWQc_6rN-2vRD86nVRA3PJ78PdKrsaN5tNciAgAAAGVSAAAABmgBB5kCrQG4i8NHE1KUKqWmrvhB722TcoFNZ4U3py7CJxXnM8ImDBYsyTiDGvLC4hrPl0k6Sz1klN55mLZKLJmOcRHc-7F0RDmOXVCHXtzrj7DcwPF1owYhsd0d_d3F9_bAsy9gHLX-XpC1Mg0Wv04Pthg8q6EGoH1sWKQFwiiFI3YWxZjUvqqvOvjtiUITe8892dlf7revH4DhLv6o1XfZFUTAw7SDDT_Y41UWTL5DWtDzZdSO1qo57x5yk_2DV5GQLUv5tnRgKD077gJxMccMVQiQaU-WXxtpxSSSIkfMD1a4lXQqQjcwOfcWaWeF0d3WbiU4iIObxZjGt0yX8cDrBJOyT7jQTGaENB7D51gXFUzJi4YtkA1eIjsUEXGNlZ8BUfVEcXr-mUGtm6qKHzT-_04W_ptYA4blBzPgBIFruA_oqy4rQCnchafjt0-dG1PKL-bQ_Bgv3_woQkabdUsOt5yIiLikjnrynHP3Avf9oAt-hLeU9LcO_nDUAafD6uoSDnxhh7DDiF5Bg-XYqjJcr4wV9del1oLSWbNWJSzMi0zH9dPbMRi9-ZJHk6JORgedBB_oR46P3bnmF_xhBASaZ8supoTZ7fyOILVOa8pUYECZtCUtfOfNNs_5wQfm1zwmDe4JqH5MzSAkMzy9eDYuOaN1AZJ-6rNxdXeH8mmNCDBGcCnHH8axTHo6LpyLm27fK1QIyDiFzzI7GU7Rcav21uHQVM8ozbqPI3j5aOUablW53lQPkCGQxZGFMm30Hw6_bX6out3It21cJFWj56mpcvI-TEetp9jretq7ntVBOTcr9YItMnabBqtaP7X7abPydyUuniwErwG4IWcfd3XE5LDtevtr7V37hRGrVkaEhXiaVgYYYvo83SZuRjIr5r58e9FF56lPcP_6-OXaTZNwGWk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 19DE 37 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:30:05 GMT

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 715C 37 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:30:05 GMT

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B76 37 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
URL: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:30:05 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 119ms
37ms Preflight
text/html 142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 23:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 39ms
38ms Preflight
text/html 142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa5fae1bab7c553980000000000000000%22,%222%22:%220x5115ebcf4e09d64a0000000000000000%22,%223%22:%220xbe2b01fc20b6b3c90000000000000000%22,%224%22:%220xf1c94c556f51f2de0000000000000000%22,%225%22:%220x80d617e551b7c560000000000000000%22},%22debug_key%22:%2213180988179828735106%22,%22debug_reporting%22:true,%22destination%22:%22https://jetcost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22975009365%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221405235128393427777%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 23:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 39ms
39ms Preflight
text/html 142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa5fae1bab7c553980000000000000000%22,%222%22:%220x5115ebcf4e09d64a0000000000000000%22,%223%22:%220xbe2b01fc20b6b3c90000000000000000%22,%224%22:%220xf1c94c556f51f2de0000000000000000%22,%225%22:%220x80d617e551b7c560000000000000000%22},%22debug_key%22:%2216786636898094709775%22,%22debug_reporting%22:true,%22destination%22:%22https://jetcost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22975009365%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212563440966140419057%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 23:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Fetch
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://utua.com.br/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA19 42 B
64 B 45ms
45ms Fetch
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOHegvf_XpKEbWfURzx-Hk9wKwTufgiw4mhGlVC9x44J9Y9mRSjN-Icd9HBwKkEAdAuPJA_Y4QNAPQZ6VXHixmpgG7N3vDOXukzkWLoxTXAR6BnY3EQdr_QuKC0OP-rj5ajXpDZvrktQ&sai=AMfl-YTL4a6YZKMaWL9pQ7WRLXsIqF_4WuUKfEU8i8K9a2VehgpcmBBQaXFZsKGiJiYWHo5hXdAz2ua2kKKdkC0y7n7aD7PQEgjUnxdqevSZyCiYDXjeC_9H9p4V0dO71fMNYc_wOjxD3w0QSVD0&sig=Cg0ArKJSzOR2bnwBOgOVEAE&cid=CAQSSwBpAlJWsI-eg_WNw0PvE6FZ692JdPJ_TsGWZqHbbSAgwHAnLyHefoqkSP0djn1fPv5Z66PIxCYlNlSWngbs95NZEDyUJB1kchYbJhgB&id=lidar2&mcvt=1000&p=122,310,372,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3399986936&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692918352076&rpt=301&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4760 42 B
64 B 40ms
39ms Fetch
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGU9SqkxTeXQ-L1Y6XmX3TMO21x9e9Z3H5k7KMl_N3gGD3QAu3k8nnd1aZlqhXCQgEK4amrq1ALx56EwkgKnG_4Ca4VoCwWnyq5emCW0VGr0iey8OrVi_xPUabpegapmtcL7U_5wvvlA&sai=AMfl-YR0dBPjBj_Ma4wXM3ux3Ti0dX_viH5XGLrKO64iwmZrdysSFjqJXZhzamYBlPC4kOs_72bTzbCznYbq9-V-a7574HO4HoCECnEA2GOJdjBq6_s0SMerjHvxB7dPxPjMklzom64l7jOCSD5T&sig=Cg0ArKJSzARQ5dRhkFX3EAE&cid=CAQSSwBpAlJWsI-eg_WNw0PvE6FZ692JdPJ_TsGWZqHbbSAgwHAnLyHefoqkSP0djn1fPv5Z66PIxCYlNlSWngbs95NZEDyUJB1kchYbJhgB&id=lidar2&mcvt=1000&p=420,1288,1020,1588&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=695725469&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692918352142&rpt=338&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:05:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
utua.com.br/gt-emp-bam-vivienda-p2	1970-01-20 14:16:44	Name: bg_location Value: %7B%22location%22%3A%7B%22country%22%3A%22JP%22%2C%22city%22%3A%22Tokyo%22%2C%22continent%22%3A%22AS%22%2C%22region%22%3A%22Tokyo%22%2C%22regionCode%22%3A%2213%22%2C%22timezone%22%3A%22Asia%2FTokyo%22%2C%22latitude%22%3A%2235.61640%22%2C%22longitude%22%3A%22139.74250%22%7D%7D
.criteo.com/	1970-01-20 23:36:54	Name: uid Value: 460d700e-9956-484f-91d8-3f5062cb54b3
.utua.com.br/	1970-01-20 16:24:54	Name: _gcl_au Value: 1.1.1919229772.1692918351
.utua.com.br/	1970-01-20 14:15:18	Name: lotame_domain_check Value: utua.com.br
.utua.com.br/	1970-01-20 23:36:54	Name: cto_bundle Value: OA8o819HMUprUEVYcFpjRGhxZzRLbnZUeGVSamdrU3hQdWNHSVUlMkY3bUhtaCUyRk5BbHNGU1Q4RjZoalVJa3M1MnR0TUZQZUNWNGNXUXdPcWpGT0syRjlZMGkwaGxVVUhaTG9WcWhMVWdYZk1VWXA1U2htUlolMkYlMkZMVUp2N1JFRWFFaUtqNWFSTFlKaGQ5bVdDSDhjM3BybjVmJTJGVGRRJTNEJTNE
.openx.net/	1970-01-20 23:00:54	Name: i Value: 210d72c5-2941-4e38-b7c5-bf37ec9ed604\|1692918351
.crwdcntrl.net/	1970-01-20 20:44:06	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 20:44:06	Name: _cc_id Value: 6ef188e16160a9a942bcd9ee71c55e1c
.utua.com.br/	1970-01-20 20:44:06	Name: _cc_id Value: 6ef188e16160a9a942bcd9ee71c55e1c
.utua.com.br/	1970-01-20 14:25:23	Name: panoramaId_expiry Value: 1693523151332
.utua.com.br/	1970-01-20 14:25:23	Name: panoramaId Value: 27f577c831818df2d9386ae7c7f516d53938678987b49065c6bfcf6c2d50f351
.utua.com.br/	1970-01-20 14:25:23	Name: panoramaIdType Value: panoIndiv
.utua.com.br/	1970-01-20 21:27:18	Name: bg_anonymousId Value: 33702b23-dd02-4b1f-9853-6231098510a2
.utua.com.br/	1970-01-20 14:15:20	Name: bg_sessionId Value: 306816f2-4403-4660-abbf-6c654afc9c6e
.utua.com.br/	1970-01-20 23:51:18	Name: _ga Value: GA1.3.689598793.1692918351
.utua.com.br/	1970-01-20 14:16:44	Name: _gid Value: GA1.3.74630795.1692918352
.utua.com.br/	1970-01-20 14:15:18	Name: _dc_gtm_UA-146231564-5 Value: 1
.utua.com.br/	1970-01-20 23:36:54	Name: __gads Value: ID=10c65184ae109b52:T=1692918351:RT=1692918351:S=ALNI_MaejOQnzoJ0jz2SZvGH4wlaPqCBSA
.utua.com.br/	1970-01-20 23:36:54	Name: __gpi Value: UID=00000c32f595b195:T=1692918351:RT=1692918351:S=ALNI_MZaTZNfqPsdknj_x1OFF0i-hsif3A
.utua.com.br/	1970-01-20 23:51:18	Name: _ga_Y1WZWFMSQF Value: GS1.1.1692918351.1.0.1692918352.59.0.0
.doubleclick.net/	1970-01-20 23:51:18	Name: IDE Value: AHWqTUkZA_w1ttZ635PNt9yAhU5Ix4rdPpBCe7GIVYRIGbnXq5Sy2y8xUXwf2_0PZCU
.googleadservices.com/	1970-01-20 16:24:54	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
assets.begrowth.com.br
bcp.crwdcntrl.net
bucket.utua.com.br
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
e96011164fa1d71796594e37fe31d887.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
growthcontrol-events-endpoint-go-wfqcv7fa5a-rj.a.run.app
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
location.begrowth.com.br
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
utua.com.br
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.251.222.34
162.19.138.116
182.161.74.11
2001:4860:4802:36::181
2001:4860:4802:38::35
2404:6800:4004:80b::2003
2404:6800:4004:810::2002
2404:6800:4004:812::2003
2404:6800:4004:81d::2004
2404:6800:4004:821::2001
2404:6800:4004:822::2008
2404:6800:4004:822::200a
2404:6800:4004:822::200e
2404:6800:4004:823::2002
2404:6800:4004:824::2002
2404:6800:4004:825::2003
2404:6800:4004:827::2001
2404:6800:4008:c13::9b
2406:2600:4::1
2406:2600:4::b
2600:9000:20c4:c600:a:e047:753:6381
2606:4700:10::6816:129
2606:4700:10::6816:29
2606:4700:10::ac43:266a
2606:4700:20::681a:451
2606:4700:20::ac43:480b
2a04:4e42:600::485
34.102.146.192
34.120.107.143
34.96.70.87
34.98.64.218
54.255.46.102
99.84.133.82
0087ba540bb66c517bae6a836efddd17994e0153f5892321bf753d85ec31ab03
067234ef2245940b20ce22a7d2f43943c0826083eb9885ca69f51f0c4e873335
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0e38107b41df7cf36acde6215c124d88e4cfd1002e9840d71b5a4dc7c0709275
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
15c0cb78027116295adacf008a60f665640f4f4ce04fd85aa7aa0cdc7c3a57f3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
278ddf57c73907ec8b2a5ca6e88c02c7f20fa4c75d128e9bb37c39df322a5530
2a3873b1fbc33bfb12321cd26ac12ed4336e595cb07649451a9542118e06e3a4
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570a23389bf64a371b8b32a87c7385b0d463916213dfaf0710ada4f95f759a63
5b7b259a87df556c5752105da739eaaf0142a9b2c83fec6fd092501f90bc5817
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b54a89aa3892b7bb418c6241e9ef33745e8a4ab04ed0dc3b4e64cda8273f29f
729fdd056968891a9b7a1eb8fa6365f58a7da10fd953e837feec3bea6501b585
8165d8e2771d30c1a2baf2e6ebb58ce49c3b9dc575676b6f1aa7afeb2e5efe86
880b7dd24fce5960d3e43bb46bbd7da2c470d0fbb18ea54c9c449f7bc240ebd7
889a240e94c3bd6d200a5f8389bd0294fdbb50265f44c62adbe36247601334f8
917b3fe7bda0abfa1d365c9359649ae03b7aca0370786b2bb88bdf9c68f09ec1
954c01547bb5044fc3717e401411dce0a71267414b82944499a49a38ec1be818
99fae6468b3bd803389038dbee0d9d96f845779869b3d448db662e735bb8ec6d
9d3db623815af3c89e31093433f1c1baa8080af75c0ee90b0437af015a78b103
9e0a0ff5eda1dd5d00542212712434a4a8ebdcd208c13546368bbebff3676adf
a3fb7f3dfda5d592609dce04476284d9122c569d156c1d84bf8a6f327703aaa7
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a8c6e888f823941863af4568b76a465123a5c4541620a1f36f93245896726857
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
b99e2ac0acd1e779f2db8aa9fc92e5901207ad6150689a5318163a70ee667157
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
c6e298baccf7bccebe558cd80c7473a2c6910bd2b2ec674e63079bc8adfef527
ccd0757f023e0bbda7f4bbd2c5d84103681c9ce2b771337534d31066853e248d
d7346c4e0f93afa6d3c51f0623730e4c64b18631ed47abaafbfc7935ccb6f7c4
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
ec3ea62f032c9f61092ab9f37ae92fbe870bb87639cc5b9a2ab1c1357073faf3
edcee285d53072d471a520cf4f06657c69cc9d9fa5933a225c15e889a2466a3d
eeed705db54da68cf87179a8c2cc3886303e781fed6ff2de562ae27757a5866c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54bc5924e62d940f090e2358b28b17889d65611ebc2f20f11edb9ee5142b791
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

utua.com.br Open in urlscan Pro 2606:4700:10::6816:29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

125 Requests

94 %HTTPS

73 %IPv6

22 Domains

33 Subdomains

34 IPs

6 Countries

1282 kBTransfer

4061 kBSize

22 Cookies

1 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

utua.com.br Open in urlscan Pro
2606:4700:10::6816:29 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

94 %
HTTPS

73 %
IPv6

22
Domains

33
Subdomains

34
IPs

6
Countries

1282 kB
Transfer

4061 kB
Size

22
Cookies

125 HTTP transactions
6 data transactions