utua.com.br Open in urlscan Pro
104.22.2.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://begrowth-gg-news-03.acemlnb.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532
Effective URL:
https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newslette...
Submission Tags: falconsandbox
Submission: On June 21 via api (June 21st 2021, 12:50:22 pm UTC) from US

Summary HTTP 126 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 22 domains to perform 126 HTTP transactions. The main IP is 104.22.2.41, located in United States and belongs to CLOUDFLARENET, US. The main domain is utua.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 25th 2020. Valid for: a year.

This is the only time utua.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	100.24.190.100 100.24.190.100	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700::68... 2606:4700::6811:586d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700::68... 2606:4700::6811:915b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.225.168.154 34.225.168.154	14618 (AMAZON-AES) (AMAZON-AES)
20	104.22.2.41 104.22.2.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.77.7 65.9.77.7	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.194.168 13.224.194.168	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	13.224.195.91 13.224.195.91	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
126	29

1 100.24.190.100 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-190-100.compute-1.amazonaws.com

begrowth-gg-news-03.acemlnb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:586d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

begrowth-gg-news-03.activehosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:915b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.168.154 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-168-154.compute-1.amazonaws.com

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.22.2.41 (United States)

ASN13335 (CLOUDFLARENET, US)

utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bucket.utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.7 (United States)

ASN16509 (AMAZON-02, US)

d2r1yp2w7bby2u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-168.fra2.r.cloudfront.net

d3rxaij56vjege.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.195.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-91.fra2.r.cloudfront.net

wzrkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com 6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	143 KB
20	utua.com.br utua.com.br bucket.utua.com.br	211 KB
16	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	199 KB
15	ampproject.org cdn.ampproject.org	300 KB
10	gstatic.com fonts.gstatic.com	175 KB
7	google.com 2 redirects www.google.com adservice.google.com	1 KB
6	facebook.com www.facebook.com	480 B
5	google-analytics.com www.google-analytics.com	19 KB
3	wzrkt.com wzrkt.com	2 KB
3	facebook.net connect.facebook.net	173 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.pl adservice.google.pl	975 B
2	cloudfront.net d2r1yp2w7bby2u.cloudfront.net d3rxaij56vjege.cloudfront.net	19 KB
1	2mdn.net s0.2mdn.net	124 KB
1	google.de www.google.de	107 B
1	googletagmanager.com www.googletagmanager.com	41 KB
1	cloudflare.com cdnjs.cloudflare.com	10 KB
1	trackcmp.net 1 redirects trackcmp.net	368 B
1	app-us1.com 1 redirects prism.app-us1.com	648 B
1	activehosted.com 1 redirects begrowth-gg-news-03.activehosted.com	945 B
1	acemlnb.com 1 redirects begrowth-gg-news-03.acemlnb.com	209 B
126	22

	Domain	Requested by
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net 6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net utua.com.br cdn.ampproject.org
16	utua.com.br	utua.com.br
15	cdn.ampproject.org	securepubads.g.doubleclick.net
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	fonts.gstatic.com	fonts.googleapis.com
9	securepubads.g.doubleclick.net	utua.com.br securepubads.g.doubleclick.net
6	www.facebook.com	utua.com.br connect.facebook.net
5	www.google.com	2 redirects utua.com.br tpc.googlesyndication.com
5	www.google-analytics.com	utua.com.br www.google-analytics.com
4	googleads.g.doubleclick.net	6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com utua.com.br
4	bucket.utua.com.br	utua.com.br
3	wzrkt.com	d2r1yp2w7bby2u.cloudfront.net
3	connect.facebook.net	utua.com.br connect.facebook.net
3	fonts.googleapis.com	utua.com.br securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	www.googletagservices.com	securepubads.g.doubleclick.net 6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com
2	6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.pl	securepubads.g.doubleclick.net
1	s0.2mdn.net	6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com
1	www.google.de	utua.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	d3rxaij56vjege.cloudfront.net	utua.com.br
1	d2r1yp2w7bby2u.cloudfront.net	utua.com.br
1	www.googletagmanager.com	utua.com.br
1	cdnjs.cloudflare.com	utua.com.br
1	trackcmp.net	1 redirects
1	prism.app-us1.com	1 redirects
1	begrowth-gg-news-03.activehosted.com	1 redirects
1	begrowth-gg-news-03.acemlnb.com	1 redirects
126	30

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-25` - `2021-08-25`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
wzrkt.com Amazon	`2021-04-21` - `2022-05-20`	a year	crt.sh
*.google.pl GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Frame ID: 3C60803942100381A819E9E24EA387A2
Requests: 61 HTTP requests in this frame

Frame: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0B4D9799438EE80E8B4B3D88B85C28F0
Requests: 1 HTTP requests in this frame

Frame: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8EDB290A1E560B3A1DC32FD6E50664A4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLitHRCC2bYCGM3MjKwBMAE&v=APEucNU70XJ2HhHj5mqMbG5FTgFlmmk_wa2Cfo8xCt4uFHPPVHw-F96ucrNE4VljuiaKUwsUjdCIORnxxSzy8rB7pKapMMG3KQ
Frame ID: 1C453765F2567BD110CE08FEC861B1A9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: B61C7087FFFF170A2D699BDB6B298F3E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2E24CC2C3DBEE982FE2E7B00FD200D74
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4B7180186C02FF8F8361DC72F4AFE9FD
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 75D8D9905D8AA58CC4523D0646E3130B
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022105281634000/amp4ads-v0.mjs
Frame ID: CD64C4C83481BA05F2599B1608AAA777
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: CEE1357A29F4AD406CF74ECEFCD803B8
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://begrowth-gg-news-03.acemlnb.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532 HTTP 301
https://begrowth-gg-news-03.activehosted.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532 HTTP 302
https://prism.app-us1.com/redirect?a=26415370&u=https%3A%2F%2Ftrackcmp.net%2Fredir%3Factid%3D26415370%... HTTP 302
https://trackcmp.net/redir?actid=26415370&url=aHR0cHM6Ly91dHVhLmNvbS5ici9jYXJ0YW8tZGUtY3JlZGl0by1... HTTP 302
https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&ut... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

126
Requests

100 %
HTTPS

75 %
IPv6

22
Domains

30
Subdomains

29
IPs

3
Countries

1486 kB
Transfer

3786 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://begrowth-gg-news-03.acemlnb.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532 HTTP 301
https://begrowth-gg-news-03.activehosted.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532 HTTP 302
https://prism.app-us1.com/redirect?a=26415370&u=https%3A%2F%2Ftrackcmp.net%2Fredir%3Factid%3D26415370%26url%3DaHR0cHM6Ly91dHVhLmNvbS5ici9jYXJ0YW8tZGUtY3JlZGl0by1waWNwYXktY2FyZC8%252FdXRtX3NvdXJjZT1hY3RpdmVjYW1wYWlnbiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1uZXdzbGV0dGVycyZ1dG1fY29udGVudD1jYXJ0YW8tZGUtY3JlZGl0byZ1dG1fdGVybT1nZy1uZXdzLTAzLTAwNjM%253D%26e%3DTQLYTaMUxLuVgns98nuK7Q%253D%253D HTTP 302
https://trackcmp.net/redir?actid=26415370&url=aHR0cHM6Ly91dHVhLmNvbS5ici9jYXJ0YW8tZGUtY3JlZGl0by1waWNwYXktY2FyZC8%2FdXRtX3NvdXJjZT1hY3RpdmVjYW1wYWlnbiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1uZXdzbGV0dGVycyZ1dG1fY29udGVudD1jYXJ0YW8tZGUtY3JlZGl0byZ1dG1fdGVybT1nZy1uZXdzLTAzLTAwNjM%3D&e=TQLYTaMUxLuVgns98nuK7Q%3D%3D&prismid=6c95e6c4-ce59-48b9-ad2c-35031c36cef9 HTTP 302
https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 129

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

126 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
utua.com.br/cartao-de-credito-picpay-card/
Redirect Chain

https://begrowth-gg-news-03.acemlnb.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532
https://begrowth-gg-news-03.activehosted.com/lt.php?s=2957fdbb1e42efc934507e558641af16&i=159A1514A1A532
https://prism.app-us1.com/redirect?a=26415370&u=https%3A%2F%2Ftrackcmp.net%2Fredir%3Factid%3D26415370%26url%3DaHR0cHM6Ly91dHVhLmNvbS5ici9jYXJ0YW8tZGUtY3JlZGl0by1waWNwYXktY2FyZC8%252FdXRtX3NvdXJjZT1...
https://trackcmp.net/redir?actid=26415370&url=aHR0cHM6Ly91dHVhLmNvbS5ici9jYXJ0YW8tZGUtY3JlZGl0by1waWNwYXktY2FyZC8%2FdXRtX3NvdXJjZT1hY3RpdmVjYW1wYWlnbiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1uZXdzb...
https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063

103 KB
27 KB

836ms
711ms

Document
text/html

104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e0eb362d119c6c0257cd8a988ebdfccd0047e7c1f573f4d0dd0240b1385ac24

Request headers

:method: GET
:authority: utua.com.br
:scheme: https
:path: /cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:00 GMT
content-type: text/html; charset=UTF-8
link: <https://utua.com.br/wp-json/>; rel="https://api.w.org/" <https://utua.com.br/wp-json/wp/v2/posts/3911>; rel="alternate"; type="application/json" <https://utua.com.br/?p=3911>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: MISS
cf-request-id: 0ad037f00f00004c010f155000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 662d5c2cedbe4c01-AMS
content-encoding: br

Redirect headers

date: Mon, 21 Jun 2021 12:49:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
server: Apache/2.4.46 (Amazon)
x-powered-by: PHP/7.1.33
cache-control: no-cache, private
set-cookie: cmp26415370=08abb433bd8ac4d6cefde0f4474ac148; expires=Wed, 21-Jul-2021 12:49:59 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none

GET
H2 200 style.min.css
utua.com.br/wp-includes/css/dist/block-library/ 57 KB
8 KB 158ms
156ms Stylesheet
text/css 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 19:01:55 GMT
server: cloudflare
etag: W/"e33b-5c0077f432d70-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-ray: 662d5c316dc64c01-AMS
cf-request-id: 0ad037f2de00004c013c1cf000000001

GET
H2 200 ai-aos.css
utua.com.br/wp-content/plugins/ad-inserter-pro/includes/aos/ 33 KB
2 KB 450ms
448ms Stylesheet
text/css 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/plugins/ad-inserter-pro/includes/aos/ai-aos.css?ver=2.7.0
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 522cc4ddf3c2daf42d71bd1ce57b9bd0c118068c0b4e363ebcb438f48dab7c0a

Request headers

:path: /wp-content/plugins/ad-inserter-pro/includes/aos/ai-aos.css?ver=2.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 20:00:26 GMT
server: cloudflare
etag: W/"85c7-5c4469be952a5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-ray: 662d5c316dc74c01-AMS
cf-request-id: 0ad037f2de00004c011e026000000001

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
739 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40400%3B700&display=swap&ver=5.7.2

Requested by

Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 11:45:27 GMT
server: ESF
date: Mon, 21 Jun 2021 12:50:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Jun 2021 12:50:00 GMT

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 69 KB
10 KB 21ms
19ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css?ver=5.7.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4033251
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10277
cf-request-id: 0ad037f2ca00004a55df82d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-1137b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8RrV0AikT4pvjSXqViTWESOjea6PyhqS662lZx%2FRXZ413%2BPHTh4b4dhMPb6YkIfYUE4LLqPCB%2FjxQax%2F48RxnsUK93gKoI0AatXBsuvxKIGiN7S%2BqnrmuB2hWh9EXngfMpFjcTDzLNoN1Qk%2Fqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 662d5c314a4d4a55-FRA
expires: Sat, 11 Jun 2022 12:50:00 GMT

GET
H2 200 style.css
utua.com.br/wp-content/themes/clean-n-beauty-theme/ 65 KB
11 KB 481ms
479ms Stylesheet
text/css 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style.css?ver=21062021095000
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec2d5f704f530c141a42502b8ae1f99cbf410a28a5f67c0b86fc655285fd32d0

Request headers

:path: /wp-content/themes/clean-n-beauty-theme/style.css?ver=21062021095000
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 May 2021 02:38:37 GMT
server: cloudflare
etag: W/"10548-5c36ee3acdee9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-ray: 662d5c316dc84c01-AMS
cf-request-id: 0ad037f2df00004c0115b71000000001

GET
H2 200 style-mobile.css
utua.com.br/wp-content/themes/clean-n-beauty-theme/ 15 KB
3 KB 486ms
484ms Stylesheet
text/css 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style-mobile.css?ver=21062021095000
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d907e119beb5818bc2ca905f61e640cdddc2d0019fd4e131214cab21d4c73504

Request headers

:path: /wp-content/themes/clean-n-beauty-theme/style-mobile.css?ver=21062021095000
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
etag: W/"3b1a-5b20e016ddef4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-ray: 662d5c316dc94c01-AMS
cf-request-id: 0ad037f2df00004c016c0ff000000001

GET
H2 200 jquery.min.js Show response
utua.com.br/wp-includes/js/jquery/ 87 KB
30 KB 161ms
159ms Script
application/javascript 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Feb 2021 20:05:59 GMT
server: cloudflare
etag: W/"15d98-5ba741d9cc5b0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 662d5c316dcc4c01-AMS
cf-request-id: 0ad037f2df00004c014a014000000001

GET
H2 200 jquery-migrate.min.js Show response
utua.com.br/wp-includes/js/jquery/ 11 KB
4 KB 155ms
153ms Script
application/javascript 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Feb 2021 20:05:59 GMT
server: cloudflare
etag: W/"2bd8-5ba741d9cb610-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 662d5c316dcd4c01-AMS
cf-request-id: 0ad037f2df00004c010f18b000000001

GET
H2 200 set_utm_cookie.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 2 KB
740 B 176ms
175ms Script
application/javascript 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/set_utm_cookie.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6acb6f1a3bdcfb9469cb0403f6587f52765906cd6b6715bf3d41d09cd9bb0a2d

Request headers

:path: /wp-content/themes/clean-n-beauty-theme/js/set_utm_cookie.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Apr 2021 20:06:50 GMT
server: cloudflare
etag: W/"72c-5c01c85395328-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 662d5c316dcf4c01-AMS
cf-request-id: 0ad037f2df00004c0134904000000001

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 143ms
50ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

c8e3f096d94ea1bf9ee3ed976401a6c35847c54b35901d4a88de0bb4eeb5cad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "908 / 87 of 1000 / last-modified: 1624273814"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21529
x-xss-protection: 0
expires: Mon, 21 Jun 2021 12:50:01 GMT

GET
H2 200 ad_refresher.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 4 KB
1 KB 453ms
452ms Script
application/javascript 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ad_refresher.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9c612e6809cb99fd4ac4a9db4ad7237baf07d51cbac8003c87ce1648af19b12

Request headers

:path: /wp-content/themes/clean-n-beauty-theme/js/ad_refresher.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 06 Nov 2020 01:14:11 GMT
server: cloudflare
etag: W/"f1c-5b365ee16ae98-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 662d5c316dd14c01-AMS
cf-request-id: 0ad037f2df00004c01183f7000000001

GET
H2 200 e12e87b2-cropped-d895ccea-logo.png
bucket.utua.com.br/img/2020/12/ 4 KB
4 KB 84ms
55ms Image
image/png 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2020/12/e12e87b2-cropped-d895ccea-logo.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc3549a5169438682604f6c5f8e8196d638942ba706994ce64ec243bbb582ce2

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
cf-cache-status: HIT
age: 45
cf-polished: origSize=5785
x-guploader-uploadid: ABg5-UwnD2WvBpP6bZPjICM942OH4u_MTeDkSSQMZ4ap8nnvuQBfP1kCAyI4y0piEuKXTHjJ9P6VVqz92IlOZqTtMzc3-BkrtQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 8432
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 3792
cf-request-id: 0ad037f4f300004c01249c3000000001
x-goog-meta-height: 256
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 21 Jun 2021 20:31:42 GMT
last-modified: Wed, 02 Dec 2020 15:33:20 GMT
server: cloudflare
etag: "0ca58e0147fc76d58a59b6b343e4ca6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=iQZxmA==, md5=DKWOAUf8dtWKWbazQ+TKaw==
x-goog-generation: 1606923200573977
x-goog-meta-width: 256
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: 8ab9bd847b2e33e56a4931eddf1e20af
x-goog-stored-content-length: 5785
accept-ranges: bytes
cf-ray: 662d5c34bb174c01-AMS
x-goog-meta-size: __full
cf-bgj: imgq:100,h2pri

GET
H2 200 favicon.png
bucket.utua.com.br/img/2020/06/ 1 KB
2 KB 85ms
56ms Image
image/png 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2020/06/favicon.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8548716c2e789a4b3a7f57a8580bce2b0151049e44e3ea9c3c897a55a1f62760

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
cf-cache-status: HIT
age: 9037
cf-polished: origSize=2265
x-guploader-uploadid: ABg5-UyUTDMyuaI_1Q-71NsJ6bByGkXB8fS7TZi5WZEbssT_vmcD1MO2wF4J10sdcnFVFuX2N4wgoqS0FtH71TgXP6j3ioKgkA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 4995
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1253
cf-request-id: 0ad037f4f300004c01ec22d000000001
x-goog-meta-height: 48
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 21 Jun 2021 20:19:24 GMT
last-modified: Wed, 02 Sep 2020 04:20:43 GMT
server: cloudflare
etag: "18db365c9be38de804e1f7f6e2a11b5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=qw4bBg==, md5=GNs2XJvjjegE4ff24qEbWw==
x-goog-generation: 1599020443656115
x-goog-meta-width: 48
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: fea8663074d73f0f53ce4175e19afa09
x-goog-stored-content-length: 2265
accept-ranges: bytes
cf-ray: 662d5c34bb184c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 wp-emoji-release.min.js Show response
utua.com.br/wp-includes/js/ 14 KB
4 KB 280ms
278ms Script
application/javascript 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 02:01:50 GMT
server: cloudflare
etag: W/"3795-5ba79163ad099-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 662d5c348aca4c01-AMS
cf-request-id: 0ad037f4d700004c014d28a000000001

GET
H2 200 aos.js Show response
utua.com.br/wp-content/plugins/ad-inserter-pro/includes/aos/ 14 KB
4 KB 464ms
463ms Script
application/javascript 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/plugins/ad-inserter-pro/includes/aos/aos.js?ver=2.7.0
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4657a4bceab0258c3249806be89c020dc699939f2065ad02601bae3b400386a6

Request headers

:path: /wp-content/plugins/ad-inserter-pro/includes/aos/aos.js?ver=2.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 20:00:26 GMT
server: cloudflare
etag: W/"3785-5c4469be952a5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 662d5c347a9d4c01-AMS
cf-request-id: 0ad037f4c900004c014d289000000001

GET
H2 200 jquery.iframetracker.min.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 3 KB
1 KB 172ms
171ms Script
application/javascript 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/jquery.iframetracker.min.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5aa43dd663f0c19ce98c0e4975838ee36c04b4df81592f5189637742226d57

Request headers

:path: /wp-content/themes/clean-n-beauty-theme/js/jquery.iframetracker.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
etag: W/"c73-5b20e016ddef4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 662d5c347a9f4c01-AMS
cf-request-id: 0ad037f4c900004c01fb32c000000001

GET
H2 200 custom.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 13 KB
4 KB 455ms
453ms Script
application/javascript 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/custom.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa5354ffd745a7473fe225230784b642c6a3df23ab79ee1345c1a5a2214f23c5

Request headers

:path: /wp-content/themes/clean-n-beauty-theme/js/custom.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
etag: W/"33ea-5b20e016ddef4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 662d5c348ac84c01-AMS
cf-request-id: 0ad037f4d700004c0156876000000001

GET
H2 200 wp-embed.min.js Show response
utua.com.br/wp-includes/js/ 1 KB
787 B 160ms
158ms Script
application/javascript 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 02:01:50 GMT
server: cloudflare
etag: W/"592-5ba79163b8c19-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 662d5c348ac94c01-AMS
cf-request-id: 0ad037f4d700004c012212b000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6684
date: Mon, 21 Jun 2021 10:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 21 Jun 2021 12:58:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
41 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c3dfe2ccdbe97ee8e7f6a60e0c00e3f5da60a7c38f6748700d4263584d78455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41939
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Jun 2021 12:50:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
25 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-xss-protection: 0
pragma: public
x-fb-debug: 9IAvcjq7yoZvQjwiwN1emczi7yT/RJejxM7oopGpRpZQsOcz66yclF7d6UwPq9/KtcBom00995exWj2dXdmSdw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Mon, 21 Jun 2021 12:50:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK a.js Show response
d2r1yp2w7bby2u.cloudfront.net/js/ 50 KB
17 KB 143ms
43ms Script
application/javascript 65.9.77.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed7b4bab244aa9fca8651042a4c66351b5e56cea3640dfae651e9e51bcaedd14

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 12:42:00 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 15 Jun 2021 03:39:09 GMT
Server: AmazonS3
Age: 958
ETag: W/"c0d59a12dccbe548349f705739035d5e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
Cache-Control: max-age=1800, private
Transfer-Encoding: chunked
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: JuY3pOFhSJbrbkMgLx2y1p0BuLhjrZDbBn0t84vXhToqIoXCdalL_w==

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40400%3B700&display=swap&ver=5.7.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 17:35:44 GMT
x-content-type-options: nosniff
age: 155657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 17:35:44 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40400%3B700&display=swap&ver=5.7.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 05:33:17 GMT
x-content-type-options: nosniff
age: 199004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 05:33:17 GMT

GET
H2 200 fontawesome-webfont.woff
utua.com.br/wp-content/themes/clean-n-beauty-theme/css/fonts/ 82 KB
82 KB 155ms
155ms Font
font/woff 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/css/fonts/fontawesome-webfont.woff?v=4.5.0
Requested by: Host: utua.com.br
URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style.css?ver=21062021095000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c812ddc9e475d3e65d68a6b3b589ce598a2a5babb7afc55477d59215c4a38a40

Request headers

:path: /wp-content/themes/clean-n-beauty-theme/css/fonts/fontawesome-webfont.woff?v=4.5.0
pragma: no-cache
origin: https://utua.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: utua.com.br
referer: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style.css?ver=21062021095000
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://utua.com.br
Referer: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style.css?ver=21062021095000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Oct 2020 22:55:06 GMT
server: cloudflare
etag: "14684-5b20e016ddef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
accept-ranges: bytes
cf-ray: 662d5c34aafd4c01-AMS
content-length: 83588
cf-request-id: 0ad037f4e700004c01ef33a000000001

GET
H2 200 szilvia-basso-HptxPPct2d4-unsplash-1-e1589339648399-768x412.jpg
bucket.utua.com.br/img/2020/05/ 15 KB
16 KB 1098ms
1098ms Image
image/jpeg 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2020/05/szilvia-basso-HptxPPct2d4-unsplash-1-e1589339648399-768x412.jpg
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8f2cd2605b070d9e4ad0dd83281d81d22df899007e4c17e1da352f0adf7d243

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:02 GMT
cf-cache-status: MISS
cf-ray: 662d5c350b894c01-AMS
x-guploader-uploadid: ABg5-UywhmpcHqYbroIBkQr0oiYxro7M71xZbKLKQukdhU5Rts1w5X_XU4A8qFaoj-jqLjzd7ZGThxD5Z1jAOD7HFp-7S1kjEQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Wed, 02 Sep 2020 04:20:42 GMT
x-goog-stored-content-encoding: identity
content-length: 15810
cf-request-id: 0ad037f52100004c010ca0f000000001
x-goog-meta-height: 412
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of: 3946
server: cloudflare
etag: "22d76253618867d63e97291dcdb6b236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=bHm+Yw==, md5=ItdiU2GIZ9Y+lykdzbayNg==
x-goog-generation: 1599020442361056
x-goog-meta-width: 768
cache-control: public, max-age=36000, must-revalidate
x-goog-stored-content-length: 15810
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 21 Jun 2021 22:50:01 GMT

GET
H2 200 Esseartigotemcomointuitobeneficiarquemest%C3%A1nabuscadeumempr%C3%A9stimocomgarantiaedesejasabermaisinforma%C3%A7%C3%B5es1_optimized-1.png
bucket.utua.com.br/img/2019/12/ 4 KB
5 KB 60ms
60ms Image
image/png 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2019/12/Esseartigotemcomointuitobeneficiarquemest%C3%A1nabuscadeumempr%C3%A9stimocomgarantiaedesejasabermaisinforma%C3%A7%C3%B5es1_optimized-1.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 280be8ab011ce8edf330df7ddf55b326739281943a51d7786f416685a86c7014

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
cf-cache-status: HIT
age: 9038
cf-polished: origSize=5243
x-guploader-uploadid: ABg5-UwC090vTHBt7TKUOrFDhoPNwlZS0FIo1BAFeQVzGA3VnuTPlGMhjRvrDdstggxC0vhMYLarRCZ6qrHlrBOj0w7ygkxqQA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 1475
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 4603
cf-request-id: 0ad037f52100004c015c3db000000001
x-goog-meta-height: 533
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 21 Jun 2021 20:19:23 GMT
last-modified: Wed, 02 Sep 2020 04:20:27 GMT
server: cloudflare
etag: "95122e94b6aee3480b99960b93e80a8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=3Ir+Qg==, md5=lRIulLau40gLmZYLk+gKjQ==
x-goog-generation: 1599020427294952
x-goog-meta-width: 800
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: 8ffc37bc3fac90093f3717b25338422b
x-goog-stored-content-length: 5243
accept-ranges: bytes
cf-ray: 662d5c350b8a4c01-AMS
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK serialize.min.js Show response
d3rxaij56vjege.cloudfront.net/form-serialize/0.3/ 1 KB
2 KB 178ms
55ms Script
application/javascript 13.224.194.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rxaij56vjege.cloudfront.net/form-serialize/0.3/serialize.min.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-168.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd5127d88d20bfc74fb94869e2026ddfbb9119934c6b441b12ed7762a948a702

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 05:14:33 GMT
Via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
Last-Modified: Mon, 02 Nov 2015 22:04:54 GMT
Server: AmazonS3
Age: 27330
ETag: "7d3e5f83849d8d66381fd41ac97eb5a1"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 1197
X-Amz-Cf-Id: UQkUMoSG5JHrmC_SpQ3CwNjGtyJ0rMiUQBpEBf-R1reowTTMwb93zw==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=950533457&t=pageview&_s=1&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063&ul=en-us&de=UTF-8&dt=Cashback%20da%20Pic%20Pay%20%C3%A9%20um%20dos%20melhores%20do%20mercado!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=294249777&gjid=2013232829&cid=761366329.1624279801&tid=UA-146231564-5&_gid=1029115480.1624279801&_r=1&_slc=1&z=414631328

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 12:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 261573414841719 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 79ms
78ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/261573414841719?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

218666a8082df8746ac69aa0909d69876f09fcc59f02cedaf4885d70434be040

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: y+dDQwuTV9UDsrzXPflzyw4GuyvIRxdBzu1IcyG8jsCt6Sj93t+a8c0VeG+fATvd2Zts9JrVBAhDxAVfEMn+uA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 21 Jun 2021 12:50:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-146231564-5&cid=761366329.1624279801&jid=294249777&gjid=2013232829&_gid=1029115480.1624279801&_u=IEBAAEAAAAAAAC~&z=822636975

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Jun 2021 12:50:01 GMT
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=950533457&t=event&_s=2&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063&ul=en-us&de=UTF-8&dt=Cashback%20da%20Pic%20Pay%20%C3%A9%20um%20dos%20melhores%20do%20mercado!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Card%20Land%20Page%20Viewed&ea=%2Fcartao-de-credito-picpay-card%2F&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=761366329.1624279801&tid=UA-146231564-5&_gid=1029115480.1624279801&z=1013709411

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 05:27:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26539
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=950533457&t=event&_s=3&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063&ul=en-us&de=UTF-8&dt=Cashback%20da%20Pic%20Pay%20%C3%A9%20um%20dos%20melhores%20do%20mercado!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Email%200063&ea=%2Fcartao-de-credito-picpay-card%2F&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=761366329.1624279801&tid=UA-146231564-5&_gid=1029115480.1624279801&z=209842802

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 05:27:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26539
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
110 B 30ms
29ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-146231564-5&cid=761366329.1624279801&jid=294249777&_u=IEBAAEAAAAAAAC~&z=1513762873

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 12:50:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-146231564-5&cid=761366329.1624279801&jid=294249777&_u=IEBAAEAAAAAAAC~&z=1513762873

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 12:50:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK a Show response
wzrkt.com/ 290 B
817 B 193ms
76ms Script
text/javascript 13.224.195.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wzrkt.com/a?t=96&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIABwAlAKwBaAGxSAWhJEB1OSAJQA5ggCMXIAA%3D%3D&optOut=false&rn=1&i=1624279801&sn=0&r=1624279801181

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-91.fra2.r.cloudfront.net

Software

Resource Hash

cf2259f85801a45c3396c2d83e2a7d0725fd00df7d1ad9bbc11e9fbbda370fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 12:50:01 GMT
Via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
Vary: Accept-Encoding, User-Agent
X-Amz-Cf-Pop: FRA2-C1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
X-Amz-Cf-Id: zf5KPgRhZbOasqaLX-NHWC7fYRjfGzWSy6nlKBHf_LveO3VPikNokg==
Expires: 0

GET
H3-29 200 pubads_impl_2021061503.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
114 KB 99ms
49ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 21:10:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116743
x-xss-protection: 0
expires: Mon, 21 Jun 2021 12:50:01 GMT

GET
H3-29 200 919286538898098 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 60ms
59ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/919286538898098?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c6b5a25a17404478945f3a7b66422bd130e5f2b62684bcb03754583201007671

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: XotnCK2M85VqYnMv6C/MIhJxxFX81fMYnLK3x6R5Tdxy5Ds7sxxTWcB47rNshEnyMTm5DBrL82w8cw1mztjRFQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 21 Jun 2021 12:50:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261573414841719&ev=PageView&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063&rl=&if=false&ts=1624279801324&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.2.1624279801321.2091176341&it=1624279801139&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 21 Jun 2021 12:50:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=919286538898098&ev=PageView&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063&rl=&if=false&ts=1624279801326&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.2.1624279801321.2091176341&it=1624279801139&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 21 Jun 2021 12:50:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261573414841719&ev=ViewContent&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063&rl=&if=false&ts=1624279801328&sw=1600&sh=1200&v=2.9.41&r=stable&ec=1&o=30&fbp=fb.2.1624279801321.2091176341&it=1624279801139&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 21 Jun 2021 12:50:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=919286538898098&ev=ViewContent&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063&rl=&if=false&ts=1624279801329&sw=1600&sh=1200&v=2.9.41&r=stable&ec=1&o=30&fbp=fb.2.1624279801321.2091176341&it=1624279801139&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 21 Jun 2021 12:50:01 GMT

GET
H/1.1 200
OK a Show response
wzrkt.com/ 242 B
805 B 78ms
77ms Script
text/javascript 13.224.195.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wzrkt.com/a?t=96&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ciACoQOYwAEAagJYwDu2uYAIoWIQqABMA9sUKM0CEAFcwUwgDoAxiPkAjAE7sp6gDaSA9IsLreQgLQCYZxepgDGYc1EaKohCNeMD9IAL45GAUkADgAlAFYzADYogC0zUIB1OPYoKgQARl8gAA%3D&rn=2&i=1624279801&sn=0&gc=67d6f0af4da54c11a7c675363e5e257f&r=1624279801384

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-91.fra2.r.cloudfront.net

Software

Resource Hash

264a8f315199f89f7680706c0496167fbf61bdc1dcecf2aea16c01399021b1fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 12:50:01 GMT
Via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
Vary: Accept-Encoding, User-Agent
X-Amz-Cf-Pop: FRA2-C1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
X-Amz-Cf-Id: uQrnvB5rB-4wSZqUn6Jy6GgSQxQ77Ir6gyvxWER6FbtcExiLKu98Mg==
Expires: 0

GET
H/1.1 200
OK a Show response
wzrkt.com/ 362 B
903 B 133ms
76ms Script
text/javascript 13.224.195.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wzrkt.com/a?t=96&type=page&d=N4IgrgziBcIIYGMAuBLAbgUwXAtgBzhQHMA7EAGnBxhAx0IBsLwEaSMB3CBjJJDAE5RKKACY0AHACUArAFoAbAoBacqQHUVzPERgBGSgh00AFnzwRoAeitgkYOADoEAexyOARgKvYBSOC5yohhyCAIYoihIgXgoRnAAnqFwAqJWAPx2OAD6EC5gAggYALyIqJjY%2BISkAGRZ2TgRKGA4xXSMdUg5lQTEJMXsXDx8ghCd3S4k%2FFPFvv6BwaHhkdHj2fwCrUREcoMQcgAMAMyHBwpHIAC%2BQAA%3D%3D&rn=3&i=1624279801&sn=1&gc=67d6f0af4da54c11a7c675363e5e257f&r=1624279801406

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-91.fra2.r.cloudfront.net

Software

Resource Hash

a0808fa2dc10773d1d55f72b53c7027c981889a119c402ea8cda74d1874259b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 12:50:01 GMT
Via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
Vary: Accept-Encoding, User-Agent
X-Amz-Cf-Pop: FRA2-C1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
X-Amz-Cf-Id: kPVtbf_23bdB0LRWQAGTI2lS57e7pMw0ku-Oa8MpZmo_v1MjkfDGYA==
Expires: 0

GET
H2 200 child_units.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 3 KB
1 KB 452ms
452ms Script
application/javascript 104.22.2.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/child_units.js
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.2.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d95c3a87d599e84e498f259f85d36051a6233b037e8ccf99c657051f3f81b28

Request headers

:path: /wp-content/themes/clean-n-beauty-theme/js/child_units.js
pragma: no-cache
cookie: _ga=GA1.3.761366329.1624279801; _gid=GA1.3.1029115480.1624279801; _gat=1; _fbp=fb.2.1624279801321.2091176341; WZRK_G=67d6f0af4da54c11a7c675363e5e257f; WZRK_S_8R5-66Z-RW6Z=%7B%22p%22%3A1%2C%22s%22%3A1624279801%2C%22t%22%3A1624279801%7D; WZRK_L=%257B%25223%2522%253A%257B%2522q%2522%253A%2522https%253A%252F%252Fwzrkt.com%252Fa%253Ft%253D96%2526type%253Dpage%2526d%253DN4IgrgziBcIIYGMAuBLAbgUwXAtgBzhQHMA7EAGnBxhAx0IBsLwEaSMB3CBjJJDAE5RKKACY0AHACUArAFoAbAoBacqQHUVzPERgBGSgh00AFnzwRoAeitgkYOADoEAexyOARgKvYBSOC5yohhyCAIYoihIgXgoRnAAnqFwAqJWAPx2OAD6EC5gAggYALyIqJjY%25252BISkAGRZ2TgRKGA4xXSMdUg5lQTEJMXsXDx8ghCd3S4k%25252FFPFvv6BwaHhkdHj2fwCrUREcoMQcgAMAMyHBwpHIAC%25252BQAA%25253D%25253D%2526rn%253D3%2526i%253D1624279801%2526sn%253D1%2522%257D%257D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: utua.com.br
referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Nov 2020 23:57:13 GMT
server: cloudflare
etag: W/"d6a-5b3b5523f05d5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 662d5c379f3d4c01-AMS
cf-request-id: 0ad037f6be00004c010b355000000001

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
853 B 38ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 12:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 38ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 12:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 439ms
439ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880570146727385&correlator=2436726793742740&output=ldjh&impl=fif&eid=31060033%2C31061039%2C21064369%2C31061150&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210621&iu_parts=21862753527%2Cutua_desk_sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600%7C300x600&cust_params=pageurl%3D%252Fcartao-de-credito-picpay-card%252F%26request_uri%3D%252Fcartao-de-credito-picpay-card%252F%26utm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26placement%3Ddirect%26keyword%3Ddirect%26utua_source%3Dactivecampaign%26utua_medium%3Demail%26utua_campaign%3Dnewsletters%26utua_content%3Dcartao-de-credito%26utua_term%3Dgg-news-03-0063%26utua_placement%3Ddirect%26utua_keyword%3Ddirect%26utua_pageurl%3D%252Fcartao-de-credito-picpay-card%252F%26hour%3D14%26dayshifts%3Dmorning&cookie_enabled=1&bc=31&abxe=1&lmt=1624279801&dt=1624279801531&dlt=1624279800514&idt=880&frm=20&biw=1600&bih=1200&oid=3&adxs=1030&adys=376&adks=228666452&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_sd=1&flash=0&url=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063&vis=1&dmc=8&scr_x=0&scr_y=0&psz=328x10&msz=328x0&ga_vid=761366329.1624279801&ga_sid=1624279802&ga_hid=950533457&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

cd961c63c3b1f19af43685ba4617392903e180057f52bf57811dc7ccc32d2ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7299
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B4D 6 KB
3 KB 49ms
16ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://utua.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://utua.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 21 Jun 2021 12:50:01 GMT
expires: Tue, 21 Jun 2022 12:50:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
12 KB 1021ms
1020ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880570146727385&correlator=2436726793742740&output=ldjh&impl=fif&eid=31060033%2C31061039%2C21064369%2C31061150&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210621&iu_parts=21862753527%2Cutua_desk_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90%7C970x90&cust_params=pageurl%3D%252Fcartao-de-credito-picpay-card%252F%26request_uri%3D%252Fcartao-de-credito-picpay-card%252F%26utm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26placement%3Ddirect%26keyword%3Ddirect%26utua_source%3Dactivecampaign%26utua_medium%3Demail%26utua_campaign%3Dnewsletters%26utua_content%3Dcartao-de-credito%26utua_term%3Dgg-news-03-0063%26utua_placement%3Ddirect%26utua_keyword%3Ddirect%26utua_pageurl%3D%252Fcartao-de-credito-picpay-card%252F%26hour%3D14%26dayshifts%3Dmorning&cookie_enabled=1&bc=31&abxe=1&lmt=1624279801&dt=1624279801537&dlt=1624279800514&idt=880&frm=20&biw=1600&bih=1200&oid=3&adxs=250&adys=83&adks=3076446341&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_sd=1&flash=0&url=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1100x10&msz=1100x0&ga_vid=761366329.1624279801&ga_sid=1624279802&ga_hid=950533457&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

30c7cf02a929fdd3f178ef20e6d766c0e024ec0684d20902b753cd4da0c6f75c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12422
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
11 KB 2212ms
2212ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880570146727385&correlator=2436726793742740&output=ldjh&impl=fif&eid=31060033%2C31061039%2C21064369%2C31061150&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210621&iu_parts=21862753527%2Cutua_desk_content&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C480x320%7C336x280&cust_params=pageurl%3D%252Fcartao-de-credito-picpay-card%252F%26request_uri%3D%252Fcartao-de-credito-picpay-card%252F%26utm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26placement%3Ddirect%26keyword%3Ddirect%26utua_source%3Dactivecampaign%26utua_medium%3Demail%26utua_campaign%3Dnewsletters%26utua_content%3Dcartao-de-credito%26utua_term%3Dgg-news-03-0063%26utua_placement%3Ddirect%26utua_keyword%3Ddirect%26utua_pageurl%3D%252Fcartao-de-credito-picpay-card%252F%26hour%3D14%26dayshifts%3Dmorning&cookie_enabled=1&bc=31&abxe=1&lmt=1624279801&dt=1624279801541&dlt=1624279800514&idt=880&frm=20&biw=1600&bih=1200&oid=3&adxs=260&adys=724&adks=769964902&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_sd=1&flash=0&url=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x0&msz=730x0&ga_vid=761366329.1624279801&ga_sid=1624279802&ga_hid=950533457&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

346b8fafcce4415221ee7e4a39a02f00225c41b9bce64691f32f6d80b3215646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11575
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 14ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryeAZmUCqFHXjR06ag

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 21 Jun 2021 12:50:01 GMT
content-type: text/plain
access-control-allow-origin: https://utua.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 11ms
7ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryM5enYbovhAaV8r0z

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 21 Jun 2021 12:50:01 GMT
content-type: text/plain
access-control-allow-origin: https://utua.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=950533457&t=event&_s=4&dl=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063&ul=en-us&de=UTF-8&dt=Cashback%20da%20Pic%20Pay%20%C3%A9%20um%20dos%20melhores%20do%20mercado!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ViewContent%2025&ea=Scroll&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=761366329.1624279801&tid=UA-146231564-5&_gid=1029115480.1624279801&z=1147489627

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 05:27:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26539
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8EDB 6 KB
3 KB 22ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://utua.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://utua.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 21 Jun 2021 12:50:01 GMT
expires: Tue, 21 Jun 2022 12:50:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:02 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Mon, 21 Jun 2021 12:50:02 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 51ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061503&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25f43aa7f1171510857257c12363eca2027534cccf20930a6eea2bd15bae0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 12:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7830
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 21 Jun 2021 12:50:02 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 12:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 12:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 3446ms
3445ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880570146727385&correlator=2436726793742740&output=ldjh&impl=fif&eid=31060033%2C31061039%2C21064369%2C31061150&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210621&iu_parts=21862753527%2Cutua_desk_content%2Cutua_desk_content_01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C480x320%7C336x280&prev_scp=index%3D1&cust_params=pageurl%3D%252Fcartao-de-credito-picpay-card%252F%26request_uri%3D%252Fcartao-de-credito-picpay-card%252F%26utm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063%26placement%3Ddirect%26keyword%3Ddirect%26utua_source%3Dactivecampaign%26utua_medium%3Demail%26utua_campaign%3Dnewsletters%26utua_content%3Dcartao-de-credito%26utua_term%3Dgg-news-03-0063%26utua_placement%3Ddirect%26utua_keyword%3Ddirect%26utua_pageurl%3D%252Fcartao-de-credito-picpay-card%252F%26hour%3D14%26dayshifts%3Dmorning&cookie=ID%3Dc16756dd0942a630-22fe52cc67c800e7%3AT%3D1624279801%3AS%3DALNI_MYop0vLMDlDPOYkyOXROnnbcJER4Q&bc=31&abxe=1&lmt=1624279802&dt=1624279802078&dlt=1624279800514&idt=880&frm=20&biw=1600&bih=1200&oid=3&adxs=260&adys=1150&adks=3983041074&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_sd=1&flash=0&url=https%3A%2F%2Futua.com.br%2Fcartao-de-credito-picpay-card%2F%3Futm_source%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dnewsletters%26utm_content%3Dcartao-de-credito%26utm_term%3Dgg-news-03-0063&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x0&msz=730x0&ga_vid=761366329.1624279801&ga_sid=1624279802&ga_hid=950533457&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0642defe7873bc0323d24e547f5ebb8a8a827542cf600c035781d9ccb62e0fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10542
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1C45 0
302 B 19ms
17ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLitHRCC2bYCGM3MjKwBMAE&v=APEucNU70XJ2HhHj5mqMbG5FTgFlmmk_wa2Cfo8xCt4uFHPPVHw-F96ucrNE4VljuiaKUwsUjdCIORnxxSzy8rB7pKapMMG3KQ

Requested by

Host: 6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com
URL: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLitHRCC2bYCGM3MjKwBMAE&v=APEucNU70XJ2HhHj5mqMbG5FTgFlmmk_wa2Cfo8xCt4uFHPPVHw-F96ucrNE4VljuiaKUwsUjdCIORnxxSzy8rB7pKapMMG3KQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 21 Jun 2021 12:50:02 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUk5j2wThXSog-yuWXrqBDl3PfZ72EbO1YkP5sEzd3lUnC-qh543Qzn6THBn; expires=Sat, 16-Jul-2022 12:50:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Jun 2021 12:50:02 GMT
cache-control: private

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8EDB 43 KB
21 KB 52ms
48ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZJ9iYHdlyocMTYKhB3FHYHf6uyAeZd0iAEHdQWChVjYJ5WeeU5yF2m7Od2XR76pxa2Kk7wCHv6IjcsdvzSIZmFBEvND25DnVU5SK2LzcJqA7YDn_XcxNniYEcdtg0E04G7sOxRdPybH8mnMUU-GotLp8nJA&dbm_d=AKAmf-BVFmFPtqO4_hRsxU3nnBd-rmOJjdqmXflV9TZd0JHxS0eAn6HsqP12iUYVOfL49D1gcJrQ0LVCk3_uTJBDxlUQCX47jO7KsLJPquGcDWYbmM7pipQaaHrkVpOBbzC39FBfLaah8q3k5N45o3SZsj7tEH4QMhSKe6UlBeyU3zA6IupAvHqxOQ4wGmIaHY3ac8eBYtSzRNyz_CX_85Lb1fEul5mpGtMSh-Hs8AaRlESdqa7wXzJn-0sHbxpplaMP89W4AG18ADfOMxj1p8gqXyy9gbYswOPgadeD5s0fJLyE0rnKgDSkmqa3FNRQsLsH_sT_Tk4tnG4PpOJrm8Th2rNU6GSVtX76wxi9g0USBWoLIgtgm5F2LiymbY6K72MM9r8ltQ3klueuFcF7zlfdKUtA_IQ3U3F5BjvaM4HtZTA9NR4n-I7bwLP0t6joGXJyiOHpX5n3iSvMQoTZ00yZF4YjNRej5aCvSZqqaAZOTzYqINJ7llHwKTjWBVGOXGt7MZg_Z0sw_To0KzL7IxW7PzELhNcdh0HFeqGld2JtwX-JJdQrlxYfYOi9W15eJljepF6t5n9rl8NUMx_22J3NYQXau-LPfsfzALcPEI9EUhTtkJzbXQjybBckkiR_9zO7bXCMguQiXCnHVyj1DhWoWNYh7t0h55kUFNlD5nN9r12UTAmbZsUrQDLsAA9qs8F5ytMZ9zhXYiFi1v-a0K7Gi88FgYZYqBl1Yuq_bEZ9dm5hZUJkdeKMQlnQzPeJMKBuggAIhgO7d2Cwbu8di0jlcQyuEia6MQZW7E2OdPE4LIAnWaKc-bpSr40RVeiqQvAUxh776gAxJDF27a2xR9J4v_lHwEryum9SUHkn7AqwjUhu0TtD1sM8GqSib65LECDtAfQh0wHyIweCRymmfXf6L-wbZ7Yqco7nS9EL3j5bqDZzXWa0xp3YsE0oOrctive_hcvd1zsXWbGr9k0CYoIkgGdqqkdx0chtY2z6CxgZ39nv3cWf-uPOpFFoBOCRzCcHsLx8Af8CvlyKVGPiFn6WHp0vpZzSzh-v9lXATmAcl_FRL9LgBDDihexBKNyD2OT2p9wdwbxQooDWS_t7QvMUg5ChNq6d0C1tNJgTxykKGmIgWkkl7iijVK8i9jBuS4PAFbQQP8l5GmndHz8Tc54OgA--WvhKB8NpeN_tMYR4FhyWJ1nv46GnUKLjHp_0Co5UxZ7-IQZXtn2gnT7uPW6Hx9qbgnGOTLXT1TnALlEFM5IJ60ioa85SmD5ujX0T_qeYa-nLF7EQRZfEQYnDB-RT0Cj6rHJ9dZtRV0RIqkOqKGI1V5BV7r19WilwxNOUcZ6Ynf8sz35_mLPoLxZ3HU_LQSnR4t5TaEfrP2Nbr3PkfdmAzmV4NRdEowBLiVNQgqg7P78C_6r6dnD2AZmQU96i9H5beBefk2AjTeRHdiEzRE7REhSRwBZvhNZhBhSw0lw5jX2RXNWeSxhq16bvdquibdbBqtfJIe8XlFNCzDJkzHjyF0COK-quTMQGckQZT_fZLyNbI7gqZrl4Ao_IWhjnO5vOZ8ix44Y9VA-VS2wHOWujWiAvGbR9l-42D3MUuBjIvy3CJ5TV_PG4eXdFPjZs1kBmF84BSulLTb3x9FQkyM9WDH7-cEQ0-lytt868PsaM8HameINO5pRzqPBpowD4Ez7MWeRhiswJjMZxJg9T7-iufP6F3JKhLpXsrxw94meoaxGSOPCTcbkbrU-kTCLk75HdFKaG6G1OzQm4AN3txpAqU40xJrUCv9zdQ8BbdKA2po_AH-66C6cCozBr6TOstfQUV2irpYlkgmUNnn6yc6AU6Dsm9vVI6VxY-UaoVvCHKx2Ujns34e8TEI2InOLflvwmvZV8iFTIBdkj3a8kPk_gpjHJfDc9zR9c1w_7Kw_Jb_qQZZzpG3LKBpjD24lcYZyXIDllDhFy65eaeDZappnh9zYUBaJFn-M7pSjDV72h1-Wx_ZQnORdhDdxP5tnF1JCZLdlImePITSgg3FboaMoQAmNBny4_pV2XySm39oZu517E8JuH0leYYo2BDDiPZosSme1iD0GvJ4eEaUeTTDu7QdcSdR4TclCAboOGRIJz4KiA_iZmTsYYKb4vD8sLI3V2SJBOVujWiAkuLdYvdgCLvn3oaDBF7o_ac_mhB8996D64lgnBeXJ-reG_MP7znpQy-r6dKdAqatfHRd9wxl2fA3ygCRODeKeajHyKyTrKaOUkFL6tLN4AKwZSsKnJg4Lvh_aQZh2nhFDehewGZZdIUficmkuNKbsiMRkYCua5N_hnh-2lbaBkmRejEVa-IopIV1iSJjdAmMcNU0qi7z_skYA0-nxkJuEUHDNqDt4xwa8fzxr4HSNy6UbCFQ-xahADJpe74z195wOia_fMjYtXNFTKfd_ipYgL_qjdhcQpe7CPN1xvXElm5_rc0JsHTtzCHeQA5IMlJrn3R6h5jjMF6qPV_DCKQrj55gdes3amQfdI03rYPNOKU1tnsiQ6ezJ8FXN-C8hG1ULLsQvRPsXx50KSdQX_v1YY73CDprASoCWYAjHZalvAjo7-5_jnFp-RFzS1mZgCrmtA0D46_QzI63m_iVbfPQmUWfcQCrpVWNGuwx2G4GzbINKo6NsITuUjHw7AG3n17wVEg4bPcNICHnmS8_sVXgz8ZRyco-vTqO7Bgx-4tbMlTaHQdnKqGgGcZvm-GW2yhJppIPO4fLMurm7IOhuI3ILYuVnR5Q98aQH15eekAbFIQQ17jhXXluAEwOd1v0hlWTcEpkqLouys6SWMbAQzLIAorpmPTNCtuHtNmSoZ642npfiTvEETUl2bharfZHRp7PakpOx02ON3Nwu559_VpGs1KmUkI5BysYMFtix0q8-4xuzfwO9TF84bgjpSDo4NrSI_phySowcaVXgISZWc10XsLXmUuY-m1Fs4KjmBLrd_Ftvku8ew3pBAxvvnaOY0ryAc-fOT8dGKa9ZYiUJQrrakHL5aL2rZyF-6-WMJut5wmfXRoT3pm9MLzoY5vKprCm0PeM4qP60DE8-uG4FLWyTfCvv5ookiW-HUFc5h1i7RnvXXEf2nPn2-8mrapjTY0tzuOV1tI-roCRwqI0rNhTc-8zP3doSN23_HFd8_9sWGFUVGU04diYQ9kI3CCeyTOWlKkLIls3mKztkZIhBdYRMXcUccLEm2FNOXbQYaZibhhdyviLrBe1hcnCrl_tHduvrcBjUUg74CKVIu0EwfvPoipuzkuk8kO230SUzmfkFGfNviaz8_vi8-vWPwB5Ecclyzg9p74M89gs1hA_WrfcRw9LAn-kzSSHaNscTG&cid=CAASFeRoraRrbCdgtlLlUYpxTfreNEYEgw&rfl=1%2Chttps%253A%252F%252Futua.com.br%252F%240

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e099395450964338f9ebdc9b9d8cb1b361857c390a4eedc9bebae77c0904d2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 12:50:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21268
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EDB 42 B
63 B 56ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWwn6K0ASeSy0B0xjCaQcJ1Rw0PwCKjIkE8Aoxhlhn4E1CTr6Xzg7szOQaQcKW3B1TYjTW3o9zVNQax_TYila4D4es1b6gQtX5HP8iqjdWVgBfjzw

Requested by

Host: 6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com
URL: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 12:50:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 8EDB 3 KB
1 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com
URL: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 12:42:05 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EDB 122 KB
37 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com
URL: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:50:02 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Mon, 21 Jun 2021 12:50:02 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 8EDB 13 KB
6 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com
URL: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 12:45:56 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame B61C 12 KB
5 KB 15ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://utua.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://utua.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 21 Jun 2021 12:29:23 GMT
expires: Tue, 21 Jun 2022 12:29:23 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2E24 783 B
532 B 26ms
23ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0fdd56defedbfe4f01c837b0a424c8971e1cdd2398c7a4acb78381021e58d0d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DXhypZisnBJ3BDJ1kQtPYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://utua.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://utua.com.br/

Response headers

expires: Mon, 21 Jun 2021 12:50:02 GMT
date: Mon, 21 Jun 2021 12:50:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-DXhypZisnBJ3BDJ1kQtPYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Show response
pagead2.googlesyndication.com/bg/ Frame B61C 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 22:30:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5759
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 22:30:42 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame 8EDB 22 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZJ9iYHdlyocMTYKhB3FHYHf6uyAeZd0iAEHdQWChVjYJ5WeeU5yF2m7Od2XR76pxa2Kk7wCHv6IjcsdvzSIZmFBEvND25DnVU5SK2LzcJqA7YDn_XcxNniYEcdtg0E04G7sOxRdPybH8mnMUU-GotLp8nJA&dbm_d=AKAmf-BVFmFPtqO4_hRsxU3nnBd-rmOJjdqmXflV9TZd0JHxS0eAn6HsqP12iUYVOfL49D1gcJrQ0LVCk3_uTJBDxlUQCX47jO7KsLJPquGcDWYbmM7pipQaaHrkVpOBbzC39FBfLaah8q3k5N45o3SZsj7tEH4QMhSKe6UlBeyU3zA6IupAvHqxOQ4wGmIaHY3ac8eBYtSzRNyz_CX_85Lb1fEul5mpGtMSh-Hs8AaRlESdqa7wXzJn-0sHbxpplaMP89W4AG18ADfOMxj1p8gqXyy9gbYswOPgadeD5s0fJLyE0rnKgDSkmqa3FNRQsLsH_sT_Tk4tnG4PpOJrm8Th2rNU6GSVtX76wxi9g0USBWoLIgtgm5F2LiymbY6K72MM9r8ltQ3klueuFcF7zlfdKUtA_IQ3U3F5BjvaM4HtZTA9NR4n-I7bwLP0t6joGXJyiOHpX5n3iSvMQoTZ00yZF4YjNRej5aCvSZqqaAZOTzYqINJ7llHwKTjWBVGOXGt7MZg_Z0sw_To0KzL7IxW7PzELhNcdh0HFeqGld2JtwX-JJdQrlxYfYOi9W15eJljepF6t5n9rl8NUMx_22J3NYQXau-LPfsfzALcPEI9EUhTtkJzbXQjybBckkiR_9zO7bXCMguQiXCnHVyj1DhWoWNYh7t0h55kUFNlD5nN9r12UTAmbZsUrQDLsAA9qs8F5ytMZ9zhXYiFi1v-a0K7Gi88FgYZYqBl1Yuq_bEZ9dm5hZUJkdeKMQlnQzPeJMKBuggAIhgO7d2Cwbu8di0jlcQyuEia6MQZW7E2OdPE4LIAnWaKc-bpSr40RVeiqQvAUxh776gAxJDF27a2xR9J4v_lHwEryum9SUHkn7AqwjUhu0TtD1sM8GqSib65LECDtAfQh0wHyIweCRymmfXf6L-wbZ7Yqco7nS9EL3j5bqDZzXWa0xp3YsE0oOrctive_hcvd1zsXWbGr9k0CYoIkgGdqqkdx0chtY2z6CxgZ39nv3cWf-uPOpFFoBOCRzCcHsLx8Af8CvlyKVGPiFn6WHp0vpZzSzh-v9lXATmAcl_FRL9LgBDDihexBKNyD2OT2p9wdwbxQooDWS_t7QvMUg5ChNq6d0C1tNJgTxykKGmIgWkkl7iijVK8i9jBuS4PAFbQQP8l5GmndHz8Tc54OgA--WvhKB8NpeN_tMYR4FhyWJ1nv46GnUKLjHp_0Co5UxZ7-IQZXtn2gnT7uPW6Hx9qbgnGOTLXT1TnALlEFM5IJ60ioa85SmD5ujX0T_qeYa-nLF7EQRZfEQYnDB-RT0Cj6rHJ9dZtRV0RIqkOqKGI1V5BV7r19WilwxNOUcZ6Ynf8sz35_mLPoLxZ3HU_LQSnR4t5TaEfrP2Nbr3PkfdmAzmV4NRdEowBLiVNQgqg7P78C_6r6dnD2AZmQU96i9H5beBefk2AjTeRHdiEzRE7REhSRwBZvhNZhBhSw0lw5jX2RXNWeSxhq16bvdquibdbBqtfJIe8XlFNCzDJkzHjyF0COK-quTMQGckQZT_fZLyNbI7gqZrl4Ao_IWhjnO5vOZ8ix44Y9VA-VS2wHOWujWiAvGbR9l-42D3MUuBjIvy3CJ5TV_PG4eXdFPjZs1kBmF84BSulLTb3x9FQkyM9WDH7-cEQ0-lytt868PsaM8HameINO5pRzqPBpowD4Ez7MWeRhiswJjMZxJg9T7-iufP6F3JKhLpXsrxw94meoaxGSOPCTcbkbrU-kTCLk75HdFKaG6G1OzQm4AN3txpAqU40xJrUCv9zdQ8BbdKA2po_AH-66C6cCozBr6TOstfQUV2irpYlkgmUNnn6yc6AU6Dsm9vVI6VxY-UaoVvCHKx2Ujns34e8TEI2InOLflvwmvZV8iFTIBdkj3a8kPk_gpjHJfDc9zR9c1w_7Kw_Jb_qQZZzpG3LKBpjD24lcYZyXIDllDhFy65eaeDZappnh9zYUBaJFn-M7pSjDV72h1-Wx_ZQnORdhDdxP5tnF1JCZLdlImePITSgg3FboaMoQAmNBny4_pV2XySm39oZu517E8JuH0leYYo2BDDiPZosSme1iD0GvJ4eEaUeTTDu7QdcSdR4TclCAboOGRIJz4KiA_iZmTsYYKb4vD8sLI3V2SJBOVujWiAkuLdYvdgCLvn3oaDBF7o_ac_mhB8996D64lgnBeXJ-reG_MP7znpQy-r6dKdAqatfHRd9wxl2fA3ygCRODeKeajHyKyTrKaOUkFL6tLN4AKwZSsKnJg4Lvh_aQZh2nhFDehewGZZdIUficmkuNKbsiMRkYCua5N_hnh-2lbaBkmRejEVa-IopIV1iSJjdAmMcNU0qi7z_skYA0-nxkJuEUHDNqDt4xwa8fzxr4HSNy6UbCFQ-xahADJpe74z195wOia_fMjYtXNFTKfd_ipYgL_qjdhcQpe7CPN1xvXElm5_rc0JsHTtzCHeQA5IMlJrn3R6h5jjMF6qPV_DCKQrj55gdes3amQfdI03rYPNOKU1tnsiQ6ezJ8FXN-C8hG1ULLsQvRPsXx50KSdQX_v1YY73CDprASoCWYAjHZalvAjo7-5_jnFp-RFzS1mZgCrmtA0D46_QzI63m_iVbfPQmUWfcQCrpVWNGuwx2G4GzbINKo6NsITuUjHw7AG3n17wVEg4bPcNICHnmS8_sVXgz8ZRyco-vTqO7Bgx-4tbMlTaHQdnKqGgGcZvm-GW2yhJppIPO4fLMurm7IOhuI3ILYuVnR5Q98aQH15eekAbFIQQ17jhXXluAEwOd1v0hlWTcEpkqLouys6SWMbAQzLIAorpmPTNCtuHtNmSoZ642npfiTvEETUl2bharfZHRp7PakpOx02ON3Nwu559_VpGs1KmUkI5BysYMFtix0q8-4xuzfwO9TF84bgjpSDo4NrSI_phySowcaVXgISZWc10XsLXmUuY-m1Fs4KjmBLrd_Ftvku8ew3pBAxvvnaOY0ryAc-fOT8dGKa9ZYiUJQrrakHL5aL2rZyF-6-WMJut5wmfXRoT3pm9MLzoY5vKprCm0PeM4qP60DE8-uG4FLWyTfCvv5ookiW-HUFc5h1i7RnvXXEf2nPn2-8mrapjTY0tzuOV1tI-roCRwqI0rNhTc-8zP3doSN23_HFd8_9sWGFUVGU04diYQ9kI3CCeyTOWlKkLIls3mKztkZIhBdYRMXcUccLEm2FNOXbQYaZibhhdyviLrBe1hcnCrl_tHduvrcBjUUg74CKVIu0EwfvPoipuzkuk8kO230SUzmfkFGfNviaz8_vi8-vWPwB5Ecclyzg9p74M89gs1hA_WrfcRw9LAn-kzSSHaNscTG&cid=CAASFeRoraRrbCdgtlLlUYpxTfreNEYEgw&rfl=1%2Chttps%253A%252F%252Futua.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8638
x-xss-protection: 0
server: cafe
etag: 15675381762197352129
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 12:45:30 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/ Frame 8EDB 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 12:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 12:48:17 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8EDB 0
583 B 176ms
86ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvuFZ_slJ56PneC1F2ycYqj42QwGc_Cq4UE4Kqq6plPsMF4K63S7Pn2q8CeT8x_VmPbWoOXl5HfAvU77Omgb2GSxWNw6_aryg4vRS5A47PAOImoAMa5YWcbRAQnfOUlBKfVnsTG1k2er0wPRRTjGFiUoBG9itUvG-SAD7er7yiiNGNSvqs3X6ZHoH91XC6V4KARB-OZuKVn20Hi9GL9m_tx_1B4DJdVDVxE9rWD84Lpc6HT1ULyXVrO-IvKnfJbLWh4SV5hH74MDZQlYckjTgu22HKY5R2Y85Xwk6S9sN3jTkbpXylJSlMwxCzfO0mPPG5QqcZ6Y-g7pJz2cX1lwZ4CtbXPzR6UavLOj_sJEE5DPr9jheOQqmSJoXztJV8JwNEjbhOAwSpz4u2zy8KkpwA4iWwDqyTgreEfhHN39ck3HtaN6n54VWplAhrjEUFWl-w56D1JsJKeWa-X7H7urPz67SmkFUwemxdMeYyfO7Edu_81ebTYEYd79699J18a92nQManUH3KAqN_j52ywD99EAwRHhYYLuJjMQsCslQT8BQEytWWfFyWIAxtIxi38B40rjjoPBN9-toSYeEfl82aQnCeXNI9LJoWtJckmfX3mYpeDTqHZ36ImJWZhOAgCesk6LzAOgxrOLnsJjCMBUWGiRMIWY050lh_UfHCKSolyKyhlox4Aag4A5irV-A7oHe_3psHA34mC6HEbrWmiIOiqLAhBUF4-S2q0cKCP7cvhMcKQK2UbY6ypwP9BFPq4ZjWsnHTTTclt1dWjTS5iT5dT8WMxdnyQ2zmUg37LlZdMg0_g0nbIeQi3RiFsCSNRorvp6K4lRX7cX2LZForNXwsZ0e6DVck7eQ0R03ZVspmqF9E4uNvG5-BndiOhK9yTfdpUW_C_6Gb_yrET2r_UZRi-a4dyujSpoPvjDvGsL2eTpx3e9ZeSZf9gKSGm6vgNxlD55jQbROS0V5zb3iSw26bqzBEcfCTuCeWY_WwMwr8rxJN7NB7DP1rBttptIbSL0SasTzugMhsBeslHETofINL3DalY9iMEl9A_U9mE747IlpTECaNdklUBF6uNQR9FvC5QBB5nW-gqbyqAAhVyZNSuUVkFg9RWek08wrwh_fQjvEDpklJaH1AzevMn2ppenohbn_k5bCxJ3p0yZo0&sai=AMfl-YSRYV0D0zmDYGRCr0TEohHvpCQoiZQDzatUUpVeOPHdMrdlW1_bV0zFxxuvcoxdIGH8UtWhBo5R42js9I-34pb9zWhD-wZm6TnEcX586g_TKHGMsRPPcpN3ENYYNJiyhkTSZ4OGLHW15iQS_n7YWwiyyQGsFurMX-byf2Y&sig=Cg0ArKJSzOIV5rsho6ygEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210616.76147&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 21 Jun 2021 12:50:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8EDB 41 KB
15 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 11:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 11:18:01 GMT

GET
H2 200 7169367813100593385
s0.2mdn.net/simgad/ Frame 8EDB 123 KB
124 KB 34ms
8ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7169367813100593385

Requested by

Host: 6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com
URL: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4128a432073632bb71b044da8f205b707c1c37a367674c5ff76e1ff57d85d5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 05:00:02 GMT
x-content-type-options: nosniff
age: 114600
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126327
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:18:05 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Jun 2022 05:00:02 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4B71 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 21 Jun 2021 12:29:26 GMT
expires: Tue, 21 Jun 2022 12:29:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8EDB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d78ba70be416fae28572ee4e7437f2adfcb02208ef81858fcfdd3345ca96938

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8EDB 0
60 B 75ms
75ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 12:50:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B71 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 22:30:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5759
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 22:30:42 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 75D8 191 KB
55 KB 69ms
5ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 07:56:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:56:28 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 75D8 12 KB
5 KB 88ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 07:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:56:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 75D8 87 KB
27 KB 95ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 07:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:56:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 75D8 4 KB
2 KB 84ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 07:56:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:56:28 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 75D8 41 KB
13 KB 89ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 07:56:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:56:28 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 75D8 3 KB
578 B 41ms
39ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 11:33:37 GMT
server: ESF
date: Mon, 21 Jun 2021 12:50:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Jun 2021 12:50:02 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10299424171265820782/ Frame 75D8 23 KB
23 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10299424171265820782/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

925a2a7a19c2ae2fabe3bc3abbb79f30024a20c66377f52185bcf9c099227ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 12:40:40 GMT
x-content-type-options: nosniff
age: 173362
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23481
x-xss-protection: 0
last-modified: Fri, 31 May 2019 16:11:38 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 12:40:40 GMT

GET
DATA 200
OK truncated
/ Frame 75D8 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 75D8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37c5645daa94e07be872e506c88bd7223f21120a873b2dd443e0ee9290c76988

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 75D8 3 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 11:48:47 GMT
x-content-type-options: nosniff
server: cafe
age: 3675
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Tue, 22 Jun 2021 11:48:47 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 75D8 344 B
368 B 9ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 06:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 23531
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 22 Jun 2021 06:17:51 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 75D8 0
0 89ms
88ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXQCm-YrQYIquOoPD7_UPieaSuAren6etY4fItNKRDKrU953ZGxABIJ_O9n1g6eTJhdgaoAGwqMOFA8gBCakCPwrvLvHvsz7gAgCoAwHIAwqqBOQBT9CBjT8C8YfDuB9bvpTOvKWGnbTPPxFvFPLvY3vorjTTN6lXnOM9ORswxz9dvyiH_6dN-A0P2eWGG_rPzWnxPxWj7Y9OuS74fS0Gg71g8u-Q6wUQ1zUpqPOWM40GZzTGueO0kR5pjiUVqF1vxN0__cnNmywc2Pk2n1B73M2QA9If-y6fp8UcDTkk3Tl6Tn6G2VVBFn2MGXQa1XhJXxX0B629vF4Tx6Guc65cyYW0VG9seBCA68DYedqv8HjshRML_B8uhRBSex687hHtNMZTDSZh94DOMYAJqhe2HDYSYYZY9VnKwAT9____lAPgBAGSBQQIBBgBkgUECAUYBKAGLoAHuNe8eqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCW0U_SCAkIiOGAEBABGB2ACgPICwG4E4gn2BMNiBQI0BUBgBcBshcaChgIABIUcHViLTE3NTcwNjQ3MjM5MTc5OTk&sigh=dEy1BPWIf3E&template_id=5000
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 75D8 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 05:38:27 GMT
x-content-type-options: nosniff
age: 198695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 05:38:27 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 75D8 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c4e4e0b02318697c2eb4a16c05126c5113eea9f0a4a9a6cb40c8261bbd17ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 14:46:13 GMT
x-content-type-options: nosniff
age: 165829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15456
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 14:46:13 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 75D8 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 09:42:26 GMT
x-content-type-options: nosniff
age: 184056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 09:42:26 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Awp5MKg.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 75D8 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Awp5MKg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d190b33e3768d3d52e4ace23765ec377bbb939773376813d72cc22c298a59f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 09:55:36 GMT
x-content-type-options: nosniff
age: 183266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15620
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 09:55:36 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
463 B 66ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061503&jk=1880570146727385&bg=!sLOls_fNAAZktE7iZLQ7ACkAdvg8WlhcLVf3K1YRwJ52x8uyUcKkTCMYW8fry7P0WuRldKxDDtp-tAIAAAFXUgAAAFRoAQeZAmaGH2Zuf779XOzowY0bKdmw9jAGFVbWCKhZkxfflqx9z7EXqod44QmtI1aFpJN3z8iPrAFV1i5CxVZ5CdKIv1OcXwhhwmIDwNf-kFQs043UC492uY-pn_c3tIryS27IJPxntATrrBuY0Vdm4RAvX3leyQ3Qb2fBQehLExK4PWPOEB6SrSzRiLRFVlm8-se52C_6wz9IUqXduhD5EY_uWLTfCcmWG_aQEcL32XDUqszGjd7YCNTjNnzgvsPkEZIHawyta4vhGprPBNv3lBEkaDS0rJBz51UD7Ec5ack23oWcum2TxMgC_b_lGRxnFSZwhLidPNs1T7oukB9KhAPzlirsnOrW9URj6hbSfaske2vy5rYsDXjORAv3fNqajbOERiSrtMl5ChHHr2S21RabZVz9k9JHeKi9U8BFnPn7kzC8DLgSAHSR0lg2GL_xdLhuUgmEBn4XtC8guqo9z5WoIJph0EVnP6ajJDPdwMQDkAio2shh2t4AbLOAKLwaAjYmYYIqaQhyTEQEvJ2Vb0WVtEOU3Gt6dqbdAeevoVhuNEe42QiOYp8xEhqbLORrfP3gyPwT9OSl1JVE-sbZac5ceHW6CX-gi0dDLBz6ytMmnIkLj8A1IQiaT9yCTssucpc8TyZ3jkHB2sSozF_dJ3l-JrwmaQFY0J2lqUjG5ie0sup1yNMD75ZTgSeQ4YLWjGB1otXYYMi6CXwAadwrw9xF7N8eLZdV0cfWHDYvjYFC1YZ2tE2LS3sIF0HA1U-18zIPFWAzVHJ8HCot2U485GN3M7lhqgJAYLt1i1LF1ZE2dL-ftx7E4C8F2w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 12:50:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 75D8 3 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 11:48:47 GMT
x-content-type-options: nosniff
server: cafe
age: 3675
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Tue, 22 Jun 2021 11:48:47 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 75D8 344 B
449 B 9ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 06:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 23531
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 22 Jun 2021 06:17:51 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B71 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUvO4-orQYJCqCdLr3wOU0JKIBQAAAAA4AeAEAg&bg=!bm2lbSnNAAZktE7iZLQ7ACkAdvg8Wv0Gc816cDx4d59DFmF661l_4yE5jWLqXeVEVNhKf9U9xdfNiwIAAAG-UgAAACtoAQeZAqy3CsWcaZ4eYlabSBt5jPcgDhrBCVAPfo4JcPgojvCOgRN_a3wzEkeTVeD4VpDH1r0RSGuRxt2ztwGMkMGgH6B-Mwd8TGOxGRtGisFDIGtP5eOSqyHQ8wMw47riNIlo1DVY2VEq5i7qGX3opUNu6SsOvnTRSFKEM0SDq4bXZueZSyzQrR7b-b6kX5a6cokbbSF9bMsfEyFxoA2-taiqaWH0EffAayaREyMdRQDSV97IGUCl5TbZz-i_i3KHn92cUq0wtaN05cowbqcq1NU74yS2aSNUG4GWWHVEh4_HsRUPbQce48kAkerr9UiCuSxk3XcpFLyAYglo3OtvTqxgqgmvP1rPwWfaUPwub1hd4te3IxzFLIdUz5ATgbjn4c9BEx9auIM3-NdOsvCQKSoQkN8ENcQLannc64EN_zV-tKX5ZQkhK58xXmPaeScxfIUlpvakScAot1vKjDUeLA5V95Fn1ojehEycD88QQnwRaMykVF5VCBqlpuiGM4b_DFLoRjjrtTCT-hsqClhrGDQuFUef9bFZRNMAZMS3f0gHy1pytlnn2ENqeIY6t69nOw2jn3jZFxr6g2VJaYsaCFev7nZ4e2INhc7LniHrXwErnM9C4Whp86dazb8qRNA0Wv65rOl2e7xN7fgzH7YGolanwbqY25BafE6yWSqEStHp0n8eLWP9Krdtg1fxdIl24lVfXzXRknGswWAyBazG5atTgQoDfOJn4Rsfaltp0CEflehWbKOhsx2fYu35nkXfuulurFJo1K2GMNiJ2Fi0dt4B9Quh2vPKQlC1rsrsfSm2bMfSedicLne-x3e1DC8U6FRkYReEsDJNF5Cvq87r1Yc6Z3_0Ht78HDO01VZXvZMZa8yhKWhx83Xdclt9nu8aPqgrIg9B9f9uBSvo6um1Y2E

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 12:50:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8EDB 42 B
64 B 58ms
44ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHven_kIIUSptcB3kjFCtL7cdam5NMdkUfzHEsOyzLKDEW71zVHckiC788jRWRM82m80IiTkj7Xo5bBInBHo9TTCxRGGlcr4Xg6NCUdI3f3UXvWfXJ1iRlw38kCw&sai=AMfl-YSFWTHhMHc0-vl_QriIO5piGSBKhlUp_NuJ06321hukF9x2m48eWKL4G1r4C2LNYVhvMWOWU8LIFmQymkw7B2FvUxksI1fUtBSpwoCdMnq7Z_NFhWGq-XUG7UPVNJMo&sig=Cg0ArKJSzIbVuxm1Fl6NEAE&cid=CAASFeRoraRrbCdgtlLlUYpxTfreNEYEgw&id=lidar2&mcvt=1002&p=376,1044,980,1344&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=228666452&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624279802007&dlt=76&rpt=354&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 12:50:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022105281634000/ Frame CD64 191 KB
54 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0bf2aeb0ac7a4f1ca1bc7bfb3c66d1d5a8fbb6bb408587726582d9c3057a03e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 489457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55309
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 20:52:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff69c91a5b6e8d4"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:52:26 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022105281634000/v0/ Frame CD64 12 KB
4 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 489457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 20:52:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:52:26 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022105281634000/v0/ Frame CD64 87 KB
27 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 489457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 20:52:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:52:26 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022105281634000/v0/ Frame CD64 4 KB
2 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 489457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 20:52:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:52:26 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022105281634000/v0/ Frame CD64 41 KB
13 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 489457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 20:52:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:52:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CD64 3 KB
674 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 11:26:29 GMT
server: ESF
date: Mon, 21 Jun 2021 12:50:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Jun 2021 12:50:03 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CD64 3 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 11:48:47 GMT
x-content-type-options: nosniff
server: cafe
age: 3676
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Tue, 22 Jun 2021 11:48:47 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CD64 344 B
368 B 13ms
11ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 06:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 23532
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 22 Jun 2021 06:17:51 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3115701208160440116/ Frame CD64 3 KB
3 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3115701208160440116/downsize_200k_v1?w=200&h=200

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575bf9e494fca05c48b9401740b1518826fdcd14d25b4223bc2ed0c057b0cca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 06:13:20 GMT
x-content-type-options: nosniff
age: 196603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2618
x-xss-protection: 0
last-modified: Tue, 04 Dec 2018 12:25:11 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 06:13:20 GMT

GET
DATA 200
OK truncated
/ Frame CD64 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bd0134e86c4b43557e665424cf5053e6dc0f0328dae3eb99baf280616d54203

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CD64 0
0 80ms
78ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CshyX-orQYN33H_rV7_UP4oOukAben6etY4fItNKRDILU953ZGxABIJ_O9n1g6eTJhdgaoAGwqMOFA8gBAakCPwrvLvHvsz7gAgCoAwGqBOkBT9CJud0vJcKE8E3KDZfFm94pIyivhOaLrI9gSGmF_WLHwoOSLNxyZmul5Ej_RGK6wvuuLeEdzPjLdyLiZLNNzTZwK6Vc4Sm-hEiZ_1UwJYDdtVRAQmnnW0c5oyunvH8weIHlI7wTtiHTxLSOpbYIzfaKsyudbqLsS1LI2Iv_o9dW9xDFtRHgAnFFolvjM9JWxzenF_mh5nDNJIlO-pyo8rVsS1McTRWfSYCOIG_dhaPRUFXuKD_XmvLJqbDHEOTDLXJ-9fhBkadsbVAhVZicfvFgfyuLLZheMPN9EtYpj2hPYm2pU1roGyfABP3___-UA-AEAZIFBAgEGAGSBQQIBRgEgAe417x6qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEL7QaNIICQiI4YAQEAEYHYAKA8gLAdgTDYgUCNAVAYAXAbIXGgoYCAASFHB1Yi0xNzU3MDY0NzIzOTE3OTk5&sigh=zvi6LqyW464&template_id=5001
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame CD64 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 05:38:27 GMT
x-content-type-options: nosniff
age: 198696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 05:38:27 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame CD64 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c4e4e0b02318697c2eb4a16c05126c5113eea9f0a4a9a6cb40c8261bbd17ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 14:46:13 GMT
x-content-type-options: nosniff
age: 165830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15456
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 14:46:13 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame CD64 21 KB
21 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 09:42:26 GMT
x-content-type-options: nosniff
age: 184057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 09:42:26 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Awp5MKg.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame CD64 15 KB
15 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Awp5MKg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d190b33e3768d3d52e4ace23765ec377bbb939773376813d72cc22c298a59f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://utua.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 09:55:36 GMT
x-content-type-options: nosniff
age: 183267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15620
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 09:55:36 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame CD64
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

43ms
39ms

Image
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 21 Jun 2021 12:50:03 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 75D8 42 B
64 B 42ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8ASvU-wlhPcDR9ZuiqZLly-5jB9yBCWRRUwu_32wxQmgTII-h8vAnsQPpkZAYBkqhRN4A2UZYM81ilasPrDKwwwSmz3vl0wP5YOIVvUDQC4Zf6SdvWSA3FO8qjg&sai=AMfl-YQrjFiAGZ5eLZ0U3n4nq-Pl0tTkiUtxYaGVpvAkf_XesQHifANcnZ1o5OvBp_uZKy9NtFL8XAOVItVsPvzZEcB3ZbnaxYZFrJz9nSPVSuPMy08DXIG0A5eKMiavmyM&sig=Cg0ArKJSzMyzaAj5dY3KEAE&id=ampim&o=315,83&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1041&mtos=0,0,0,1041,1041&tos=0,0,0,1041,0&tfs=148&tls=1189&g=100&h=100&tt=1189&r=v&avms=ampa&adk=3076446341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 12:50:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CD64 42 B
64 B 17ms
16ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssu0_VdvNH1nOkG0NJfDREc-q433H7X_WzygvusKCRrdS-KY3tNYddU-b484PQe9hOAgrj7-1LU71Bl9tpCHXe3xB3cwCyXwd-Xe1m4LozVHETCnoT5YIGLh-Y2Gw&sai=AMfl-YTYlwkXV6DZmBl9qw4G-WvBRSCDX5gePLf9SZCpxIDb66TKBi24sVKWCCpOv_hiIMSkCNaoaA0e7oORKAOzd6SYWqWv0AtFrbfiQb0lWzo9bwFTy2OJE_TeJM_Fy_o&sig=Cg0ArKJSzAhqH6coks6QEAE&id=ampim&o=385,894&d=480,320&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=133&tls=1133&g=95.6250011920929&h=95.6250011920929&tt=1133&r=v&avms=ampa&adk=769964902

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 12:50:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame CEE1 191 KB
54 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 07:56:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:56:28 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame CEE1 12 KB
5 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 07:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:56:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame CEE1 87 KB
27 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 07:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:56:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame CEE1 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 07:56:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:56:28 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame CEE1 41 KB
13 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 07:56:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:56:28 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CEE1 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 11:48:47 GMT
x-content-type-options: nosniff
server: cafe
age: 3678
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Tue, 22 Jun 2021 11:48:47 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CEE1 344 B
407 B 6ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 06:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 23534
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 22 Jun 2021 06:17:51 GMT

GET
DATA 200
OK truncated
/ Frame CEE1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd042eb2b2cb4e745cb0a7da00925604133f0c87cc2718f64cc7862d1da7ddbc

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8582973418783341979
tpc.googlesyndication.com/simgad/ Frame CEE1 24 KB
25 KB 8ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8582973418783341979?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk19Axqr_rAZYbD-7MiMMW-s9fnJA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e343dac1b428a01c038e5334e0042a9565f3977587333853cc8a38eb2663e246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 15:52:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 08:50:11 GMT
server: sffe
age: 161855
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25069
x-xss-protection: 0
expires: Sun, 19 Jun 2022 15:52:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CEE1 0
0 14ms
13ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQf_3mClnQik_gz64g-Qm7ruMSZCWUdz5ntMRWp3T7r8QxUUHQq_Hsda-8zoqxoyfto3LsrDHSQ1vHJwhMAaGuqMUb94A
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CEE1 0
0 78ms
77ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkpW0-4rQYJ2VK6yS9u8Phd-9wAO9vubfYpee8pHnDYGA9L7CARABIJ_O9n1g6eTJhdgaoAHfrIauA8gBAqkCk435JwGJkT7gAgCoAwHIAwiqBOcBT9CpqEY0XflIRcZelkEndHL-LYlux9q8zKBBVdDDLFTlpgkLrTwshfwozUKKJkNSowEy5Bsq9Ac0J593YC_TDspHH0wKLyAWFtzWn6oKOfpnAM52sseOCtx7dMUHrTrvCpaYI8nW7s4j-4tTpKCq_lysdL6qLkKn9BmvZwSHBvMeYDlBSruR9u-wBUUzcgy3sJLeK_noyirlZMha4rSvQe6RTLF8YpS5lMqYDubE5c_wolMJvtGqvz3E7KFK6SYtCUM43ds76G3zVhrEsMSa9K-RpfO1FsSVq176CgdnX4MhbzZNilFuwASjtIuaygPgBAGSBQQIBBgBkgUECAUYBKAGAoAH2dOqW6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD_uBLSCAkIgOGAEBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItMTc1NzA2NDcyMzkxNzk5OQ&sigh=PoXX2gZd0bA
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame CEE1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

43ms
42ms

Image
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: utua.com.br
URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 21 Jun 2021 12:50:05 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.utua.com.br/	1969-12-31 23:59:59	Name: WZRK_L Value: %257B%257D
.utua.com.br/	1970-01-19 19:11:21	Name: WZRK_S_8R5-66Z-RW6Z Value: %7B%22p%22%3A1%2C%22s%22%3A1624279801%2C%22t%22%3A1624279801%7D
.utua.com.br/	1969-12-31 23:59:59	Name: WZRK_G Value: 67d6f0af4da54c11a7c675363e5e257f
.utua.com.br/	1970-01-19 21:20:55	Name: _fbp Value: fb.2.1624279801321.2091176341
.utua.com.br/	1970-01-19 19:11:19	Name: _gat Value: 1
.utua.com.br/	1970-01-20 04:32:55	Name: __gads Value: ID=c16756dd0942a630-22fe52cc67c800e7:T=1624279801:S=ALNI_MYop0vLMDlDPOYkyOXROnnbcJER4Q
.utua.com.br/	1970-01-19 19:12:46	Name: _gid Value: GA1.3.1029115480.1624279801
.utua.com.br/	1970-01-20 12:42:31	Name: _ga Value: GA1.3.761366329.1624279801

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://utua.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063(Line 953) Message: $(document).ready(function($)
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
console-api	info	URL: https://cdn.ampproject.org/rtv/022105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://utua.com.br/cartao-de-credito-picpay-card/?utm_source=activecampaign&utm_medium=email&utm_campaign=newsletters&utm_content=cartao-de-credito&utm_term=gg-news-03-0063

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6934f4959e2c02ff1f4df398a187aa7d.safeframe.googlesyndication.com
adservice.google.com
adservice.google.pl
begrowth-gg-news-03.acemlnb.com
begrowth-gg-news-03.activehosted.com
bucket.utua.com.br
cdn.ampproject.org
cdnjs.cloudflare.com
connect.facebook.net
d2r1yp2w7bby2u.cloudfront.net
d3rxaij56vjege.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
prism.app-us1.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
trackcmp.net
utua.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
wzrkt.com
100.24.190.100
104.22.2.41
13.224.194.168
13.224.195.91
142.250.181.226
142.250.185.226
2606:4700::6810:135e
2606:4700::6811:586d
2606:4700::6811:915b
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:803::2006
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.225.168.154
65.9.77.7
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0642defe7873bc0323d24e547f5ebb8a8a827542cf600c035781d9ccb62e0fc7
0c3dfe2ccdbe97ee8e7f6a60e0c00e3f5da60a7c38f6748700d4263584d78455
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0fdd56defedbfe4f01c837b0a424c8971e1cdd2398c7a4acb78381021e58d0d1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1bd0134e86c4b43557e665424cf5053e6dc0f0328dae3eb99baf280616d54203
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
218666a8082df8746ac69aa0909d69876f09fcc59f02cedaf4885d70434be040
25f43aa7f1171510857257c12363eca2027534cccf20930a6eea2bd15bae0a11
264a8f315199f89f7680706c0496167fbf61bdc1dcecf2aea16c01399021b1fb
280be8ab011ce8edf330df7ddf55b326739281943a51d7786f416685a86c7014
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
30c7cf02a929fdd3f178ef20e6d766c0e024ec0684d20902b753cd4da0c6f75c
346b8fafcce4415221ee7e4a39a02f00225c41b9bce64691f32f6d80b3215646
37c5645daa94e07be872e506c88bd7223f21120a873b2dd443e0ee9290c76988
388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5
3d78ba70be416fae28572ee4e7437f2adfcb02208ef81858fcfdd3345ca96938
3d95c3a87d599e84e498f259f85d36051a6233b037e8ccf99c657051f3f81b28
408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116
4128a432073632bb71b044da8f205b707c1c37a367674c5ff76e1ff57d85d5fa
450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2
4657a4bceab0258c3249806be89c020dc699939f2065ad02601bae3b400386a6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
522cc4ddf3c2daf42d71bd1ce57b9bd0c118068c0b4e363ebcb438f48dab7c0a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
575bf9e494fca05c48b9401740b1518826fdcd14d25b4223bc2ed0c057b0cca6
5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
6acb6f1a3bdcfb9469cb0403f6587f52765906cd6b6715bf3d41d09cd9bb0a2d
6e0eb362d119c6c0257cd8a988ebdfccd0047e7c1f573f4d0dd0240b1385ac24
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
7c4e4e0b02318697c2eb4a16c05126c5113eea9f0a4a9a6cb40c8261bbd17ec1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8548716c2e789a4b3a7f57a8580bce2b0151049e44e3ea9c3c897a55a1f62760
925a2a7a19c2ae2fabe3bc3abbb79f30024a20c66377f52185bcf9c099227ce5
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
a0808fa2dc10773d1d55f72b53c7027c981889a119c402ea8cda74d1874259b7
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa5354ffd745a7473fe225230784b642c6a3df23ab79ee1345c1a5a2214f23c5
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bc3549a5169438682604f6c5f8e8196d638942ba706994ce64ec243bbb582ce2
bd5127d88d20bfc74fb94869e2026ddfbb9119934c6b441b12ed7762a948a702
c0bf2aeb0ac7a4f1ca1bc7bfb3c66d1d5a8fbb6bb408587726582d9c3057a03e
c6b5a25a17404478945f3a7b66422bd130e5f2b62684bcb03754583201007671
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c812ddc9e475d3e65d68a6b3b589ce598a2a5babb7afc55477d59215c4a38a40
c8e3f096d94ea1bf9ee3ed976401a6c35847c54b35901d4a88de0bb4eeb5cad3
cd5aa43dd663f0c19ce98c0e4975838ee36c04b4df81592f5189637742226d57
cd961c63c3b1f19af43685ba4617392903e180057f52bf57811dc7ccc32d2ea9
cf2259f85801a45c3396c2d83e2a7d0725fd00df7d1ad9bbc11e9fbbda370fe7
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d190b33e3768d3d52e4ace23765ec377bbb939773376813d72cc22c298a59f3c
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d907e119beb5818bc2ca905f61e640cdddc2d0019fd4e131214cab21d4c73504
d9c612e6809cb99fd4ac4a9db4ad7237baf07d51cbac8003c87ce1648af19b12
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e099395450964338f9ebdc9b9d8cb1b361857c390a4eedc9bebae77c0904d2ef
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e343dac1b428a01c038e5334e0042a9565f3977587333853cc8a38eb2663e246
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e8f2cd2605b070d9e4ad0dd83281d81d22df899007e4c17e1da352f0adf7d243
ec2d5f704f530c141a42502b8ae1f99cbf410a28a5f67c0b86fc655285fd32d0
ed7b4bab244aa9fca8651042a4c66351b5e56cea3640dfae651e9e51bcaedd14
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
fd042eb2b2cb4e745cb0a7da00925604133f0c87cc2718f64cc7862d1da7ddbc

utua.com.br Open in urlscan Pro 104.22.2.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

100 %HTTPS

75 %IPv6

22 Domains

30 Subdomains

29 IPs

3 Countries

1486 kBTransfer

3786 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

utua.com.br Open in urlscan Pro
104.22.2.41 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

100 %
HTTPS

75 %
IPv6

22
Domains

30
Subdomains

29
IPs

3
Countries

1486 kB
Transfer

3786 kB
Size

8
Cookies

126 HTTP transactions
5 data transactions