www.cifraclub.com.br Open in urlscan Pro
95.101.54.243 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.cifraclub.com.br/oasis/st
Effective URL:
https://www.cifraclub.com.br/oasis/
Submission: On December 09 via api (December 9th 2023, 10:03:40 am UTC) from US — Scanned from DE

Summary HTTP 392 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 73 IPs in 11 countries across 54 domains to perform 392 HTTP transactions. The main IP is 95.101.54.243, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.cifraclub.com.br. The Cisco Umbrella rank of the primary domain is 844439.
TLS certificate: Issued by R3 on October 4th 2023. Valid for: 3 months.

This is the only time www.cifraclub.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 6	95.101.54.243 95.101.54.243	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	2.16.202.98 2.16.202.98	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
72	2.21.74.80 2.21.74.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	177.54.145.109 177.54.145.109	262287 (Latitude....) (Latitude.sh LTDA)
12	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
12 54	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	18.239.83.131 18.239.83.131	16509 (AMAZON-02) (AMAZON-02)
4	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
4	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
5	52.222.250.175 52.222.250.175	16509 (AMAZON-02) (AMAZON-02)
4	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.24 18.66.97.24	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
4	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
2	18.239.83.58 18.239.83.58	16509 (AMAZON-02) (AMAZON-02)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.27.122 13.32.27.122	16509 (AMAZON-02) (AMAZON-02)
1 15	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
8	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
4	177.54.145.110 177.54.145.110	262287 (Latitude....) (Latitude.sh LTDA)
1	34.248.85.3 34.248.85.3	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.59 13.32.99.59	16509 (AMAZON-02) (AMAZON-02)
1	74.125.133.156 74.125.133.156	15169 (GOOGLE) (GOOGLE)
1	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	5.135.209.96 5.135.209.96	16276 (OVH) (OVH)
1 5	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
11	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
3	64.233.167.84 64.233.167.84	15169 (GOOGLE) (GOOGLE)
2	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
6	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
49	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	35.223.116.65 35.223.116.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
6	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
26	142.250.186.33 142.250.186.33	15169 (GOOGLE) (GOOGLE)
1	34.68.90.188 34.68.90.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
7	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	91.228.74.206 91.228.74.206	16509 (AMAZON-02) (AMAZON-02)
2	63.215.202.140 63.215.202.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 6	104.18.24.173 104.18.24.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	52.57.96.192 52.57.96.192	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Arelion)
6	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2.19.217.101 2.19.217.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
2 3	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	52.210.175.116 52.210.175.116	16509 (AMAZON-02) (AMAZON-02)
2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	95.100.146.74 95.100.146.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	130.211.44.5 130.211.44.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
2	54.149.231.151 54.149.231.151	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2.19.217.60 2.19.217.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.19.104.211 2.19.104.211	16625 (AKAMAI-AS) (AKAMAI-AS)
1	88.221.124.22 88.221.124.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	() ()
392	73

6 95.101.54.243 (Frankfurt am Main, Germany) 4 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-243.deploy.static.akamaitechnologies.com

www.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.202.98 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-98.deploy.static.akamaitechnologies.com

www.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2.21.74.80 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-74-80.deploy.static.akamaitechnologies.com

akamai.sscdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 177.54.145.109 (São Paulo, Brazil) 2 redirects

ASN262287 (Latitude.sh LTDA, BR)

id.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 142.250.181.226 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.83.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-131.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.250.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-175.fra60.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f110.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-24.fra56.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.83.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-58.ams58.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-122.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 177.54.145.110 (São Paulo, Brazil)

ASN262287 (Latitude.sh LTDA, BR)

master.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.85.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-85-3.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 5.135.209.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-5-135-209.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.211.12 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.233.167.84 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.116.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.116.223.35.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f10.1e100.net

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firebaselogging.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-9964-3.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com

popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.206 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.215.202.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.24.173 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Loerrach, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.96.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-96-192.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.19.217.101 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.105.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.254 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.175.116 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-175-116.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.100.146.74 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-74.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.44.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.149.231.151 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-231-151.us-west-2.compute.amazonaws.com

prod.tahoe-analytics.publishers.advertising.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.104.211 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-211.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.124.22 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-124-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	googlesyndication.com 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	504 KB
72	sscdn.co akamai.sscdn.co — Cisco Umbrella Rank: 155686	1 MB
65	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	432 KB
18	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 23	82 KB
14	cifraclub.com.br 8 redirects www.cifraclub.com.br — Cisco Umbrella Rank: 844439 id.cifraclub.com.br — Cisco Umbrella Rank: 303639 master.cifraclub.com.br — Cisco Umbrella Rank: 508412 api.cifraclub.com.br — Cisco Umbrella Rank: 569889	57 KB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	893 KB
11	youtube.com img.youtube.com — Cisco Umbrella Rank: 3789	43 KB
9	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 71029 d.tailtarget.com — Cisco Umbrella Rank: 77929 tt-9964-3.seg.t.tailtarget.com — Cisco Umbrella Rank: 227227 b.t.tailtarget.com — Cisco Umbrella Rank: 60259 cm.t.tailtarget.com — Cisco Umbrella Rank: 17921 t.tailtarget.com — Cisco Umbrella Rank: 15832	38 KB
8	google.de www.google.de — Cisco Umbrella Rank: 6765	1 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	72 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	351 KB
7	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 525 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 470 fonts.googleapis.com — Cisco Umbrella Rank: 29 firebaselogging.googleapis.com	4 KB
7	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1657 ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	3 KB
6	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	978 B
6	openx.net us-u.openx.net — Cisco Umbrella Rank: 491	816 B
6	tribalfusion.com 3 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	3 KB
6	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 acdn.adnxs.com — Cisco Umbrella Rank: 610	21 KB
6	rubiconproject.com 2 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 pixel.rubiconproject.com — Cisco Umbrella Rank: 339 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com	23 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
5	cloudfront.net d335luupugsy2.cloudfront.net	75 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	72 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 489 rtb0.doubleverify.com — Cisco Umbrella Rank: 754 rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 16633	22 KB
4	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 714	1 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	218 KB
4	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 image6.pubmatic.com — Cisco Umbrella Rank: 793 ads.pubmatic.com — Cisco Umbrella Rank: 544	6 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3016 launchpad.privacymanager.io — Cisco Umbrella Rank: 2702 geo.privacymanager.io — Cisco Umbrella Rank: 2070	28 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	178 KB
4	gstatic.com www.gstatic.com	30 KB
3	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550 gum.criteo.com — Cisco Umbrella Rank: 424	742 B
3	blismedia.com 2 redirects tr.blismedia.com — Cisco Umbrella Rank: 1618	581 B
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	436 B
3	adform.net track.adform.net — Cisco Umbrella Rank: 4289 s1.adform.net — Cisco Umbrella Rank: 8194	21 KB
2	a2z.com prod.tahoe-analytics.publishers.advertising.a2z.com — Cisco Umbrella Rank: 1935	374 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	651 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 780	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	207 B
2	rdstation.com.br pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 97617 popups.rdstation.com.br — Cisco Umbrella Rank: 81128	870 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	239 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1498 contextual.media.net — Cisco Umbrella Rank: 665	9 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	557 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	712 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	187 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	543 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	464 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11353	1 KB
1	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 1600	374 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	2 KB
0	loopme.me Failed csync.loopme.me Failed
392	54

	Domain	Requested by
72	akamai.sscdn.co	www.cifraclub.com.br akamai.sscdn.co
49	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.cifraclub.com.br 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com ad.doubleclick.net
34	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
26	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.cifraclub.com.br 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net
16	googleads.g.doubleclick.net	www.googletagmanager.com 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com www.cifraclub.com.br pagead2.googlesyndication.com
15	www.google.com	1 redirects www.cifraclub.com.br tpc.googlesyndication.com 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
12	www.googletagmanager.com	www.cifraclub.com.br www.googletagmanager.com tags.t.tailtarget.com
11	img.youtube.com	www.cifraclub.com.br
8	www.google.de	www.cifraclub.com.br
7	www.googletagservices.com	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com www.cifraclub.com.br cdn.doubleverify.com www.googletagservices.com
7	www.cifraclub.com.br	6 redirects
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net ad.doubleclick.net
6	sync.teads.tv	googleads.g.doubleclick.net
6	us-u.openx.net	googleads.g.doubleclick.net
6	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	prg.smartadserver.com	akamai.sscdn.co
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ib.adnxs.com	1 redirects akamai.sscdn.co googleads.g.doubleclick.net acdn.adnxs.com
5	d335luupugsy2.cloudfront.net	www.cifraclub.com.br d335luupugsy2.cloudfront.net
4	onetag-sys.com	3 redirects
4	s0.2mdn.net	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
4	ad.doubleclick.net	www.cifraclub.com.br 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com www.googletagservices.com
4	master.cifraclub.com.br	akamai.sscdn.co
4	region1.google-analytics.com	www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.cifraclub.com.br
4	connect.facebook.net	www.cifraclub.com.br connect.facebook.net akamai.sscdn.co
4	www.gstatic.com	www.cifraclub.com.br 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
4	securepubads.g.doubleclick.net	www.cifraclub.com.br securepubads.g.doubleclick.net
3	tr.blismedia.com	2 redirects 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
3	x.bidswitch.net	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
3	s.tribalfusion.com	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
3	a.tribalfusion.com	3 redirects
3	accounts.google.com	id.cifraclub.com.br accounts.google.com
3	c.amazon-adsystem.com	www.cifraclub.com.br c.amazon-adsystem.com
2	eus.rubiconproject.com	akamai.sscdn.co eus.rubiconproject.com
2	gum.criteo.com	akamai.sscdn.co
2	prod.tahoe-analytics.publishers.advertising.a2z.com	c.amazon-adsystem.com
2	cdn.doubleverify.com	s1.adform.net cdn.doubleverify.com
2	image6.pubmatic.com	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com ads.pubmatic.com
2	gcm.ctnsnet.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	d5p.de17a.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	um.simpli.fi	2 redirects
2	dclk-match.dotomi.com	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
2	track.adform.net	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com s1.adform.net
2	fonts.googleapis.com	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com www.cifraclub.com.br
2	firebaseremoteconfig.googleapis.com	www.gstatic.com
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-9964-3.seg.t.tailtarget.com	d.tailtarget.com
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	d.tailtarget.com	www.cifraclub.com.br d.tailtarget.com
2	www.facebook.com	www.cifraclub.com.br
2	geo.privacymanager.io	launchpad.privacymanager.io
2	sb.scorecardresearch.com	www.cifraclub.com.br
2	id.cifraclub.com.br	2 redirects
1	firebaselogging.googleapis.com	www.gstatic.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	ads.pubmatic.com	akamai.sscdn.co
1	contextual.media.net	akamai.sscdn.co
1	acdn.adnxs.com	akamai.sscdn.co
1	ssbsync.smartadserver.com	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	rtbc-ew1.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
1	dis.criteo.com	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
1	s1.adform.net	track.adform.net
1	pixel-sync.sitescout.com	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	cms.quantserve.com	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
1	m.exactag.com	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
1	t.tailtarget.com
1	cm.t.tailtarget.com
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	api.cifraclub.com.br	akamai.sscdn.co
1	s.seedtag.com	akamai.sscdn.co
1	prebid.media.net	akamai.sscdn.co
1	fastlane.rubiconproject.com	akamai.sscdn.co
1	hbopenbid.pubmatic.com	akamai.sscdn.co
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.jsdelivr.net	akamai.sscdn.co
1	stats.g.doubleclick.net	www.google-analytics.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	tags.t.tailtarget.com	www.cifraclub.com.br
1	tags.crwdcntrl.net	www.cifraclub.com.br
1	launchpad-wrapper.privacymanager.io	www.cifraclub.com.br
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
0	csync.loopme.me Failed	12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
392	94

This site contains links to these domains. Also see Links.

Domain
forum.cifraclub.com.br
www.formesuabanda.com.br
play.google.com
itunes.apple.com
www.microsoft.com
www.facebook.com
twitter.com
www.letras.mus.br
www.palcomp3.com.br
id.cifraclub.com.br
www.youtube.com
suporte.cifraclub.com.br
www.studiosol.com.br
apps.microsoft.com
www.instagram.com
www.tiktok.com
www.palcomp3.com
www.cifraclub.com
www.wechords.com

Subject Issuer	Validity	Valid
www.cifraclub.com.br R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.sscdn.co R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2023-08-31` - `2024-06-04`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
popups.rdstation.com.br R3	`2023-12-09` - `2024-03-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-21`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.cifraclub.com.br/oasis/
Frame ID: A3262FB5A0AC64D78865140F63F7A5A5
Requests: 195 HTTP requests in this frame

Frame: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B3B2E0F3DC564050B4C571AFE1649BA6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DDC1BA0529E7F217B80FFBBA1EE7A84B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 468737D6CACE36E5A9D01683497CB49D
Requests: 2 HTTP requests in this frame

Frame: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F0437907006D5E3EB8D04DB5422587A4
Requests: 14 HTTP requests in this frame

Frame: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 999B729AA1137E23515F834319C72484
Requests: 19 HTTP requests in this frame

Frame: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 27048614452024ED6D4715962C83907F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYu-rw8wEwAQ&v=APEucNUFcpVXfX5Wsioy7t8Wf3sSTzNkwEaqZarg7744qtNYUpyd6d0k3Vwcr1ZWu4TnkxI9_ayJ3eJFTIQXRkkLbmbtH9XkExENe-j8hHp_xmeSpqkc5fcVEfRMKq6RdYpElXBhCiahiNnsEqudVdoq9I8aH81eAY2KR-Apl5PtYd6B5-wEfkw
Frame ID: FE8BFF5A7C67CD8FCCBFBBFB51839F3F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 66DB2E5B2AB427A5E622224E06E50315
Requests: 9 HTTP requests in this frame

Frame: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5461E9A1EDD1D11379BB66F167B7AC13
Requests: 19 HTTP requests in this frame

Frame: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 260F16B6BF0190C27AD9BF9D4DCFCB3D
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhiq46n8ATAB&v=APEucNWZhn63hrkxVDPxYIXBcwmK-OUVS4k5p-Aj4iM9Gdd62b6v-jgCClAtYvvcFSdFYupdURMgQ7g7HOOCPVJgHBgnp9EeMCX3BZgQR6MA6o-mlrB3Pf9MoC1k7A0u02FD5BrEM8HJM42FJMAzGsHrTXunUYeigTTkv5rzmGJy8H29mYlyCao
Frame ID: 6CB04E7BEA5C692A52C94FE94C410536
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 76C60FD952D1897F38CA6364487E51D5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9249FC16E9664F1ACF0A68777F7BB8E6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3A31A19F440B14357FC0A9303E6B8F55
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhi16Kn8ATAB&v=APEucNUwQ7VeA2PHi9uvsRUk0AwB1xi7CO4h3Aceog7pZ7mwlihDO7JvBJR3wPs_NsayMHPK4lWW8MZnGvUNnxtjsggOUVvec5lU-DUWahKee4V-TXfnQpFfUDXxnrtbnHzHNEw2NER7H08QhXm4nLwgNXLGO4NM6rMsFVP_zEbcnf4feTNALd0
Frame ID: 6E9C3BF043A4C91B5B3E855256AF635E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIY2KOt-AEwAQ&v=APEucNUXxmHRVlDqsMh7UDz-Dct2pkUirqTRl6DxeXd8xW_bUP68FjTYzzk4brFcOki27v70JwmPLYBJYs9B9sUj07OZoEcy-eUPCehnhYjpuYljOjMJ8_afuXjjcWWKeZu3IFUZ9VgwqpywCqsRL92TJPpL1LNJA8AQRI8bo9LYjjQUP6En73Q
Frame ID: BBF19C4BBAACF445FB4BFCF7F9E0BCCF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ECCED37F6636C1C97D3B781348B2E1BD
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ABEAC2DE651A1C7F122B9B3F5E98814B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD3632F10660082FAEA111CAFC666E0C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 7BEFF954350A87EC40B8E865A984EEAF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 66556A9393C7801C4C0EFC34AD27D845
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 969B5D8C9F8DD98546AD84B27ED52B5A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0BBD094BA2998AABEECB2198F8D76A0B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5E3C2CECFB179E0C48E2B150A0A77592
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 33E766992FA9BF0F60E7B5B40CA3C0B8
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4FCA52660D32B11E24DCD1BD4A0C25DF
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 10C0A248B5EC96E4D84D836AAC377673
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMSRPRR&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 1577DB4C407049D0F3F05C4F6AE0CE1E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=163636
Frame ID: 344E91B4366B2963254A95C8557DEB90
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oasis | Cifra Club

Page URL History Show full URLs

https://www.cifraclub.com.br/oasis/st HTTP 301
http://www.cifraclub.com.br/oasis/st/ HTTP 301
https://www.cifraclub.com.br/oasis/st/ HTTP 307
https://www.cifraclub.com.br/oasis/st/letra/ HTTP 307
https://www.cifraclub.com.br/oasis HTTP 301
http://www.cifraclub.com.br/oasis/ HTTP 301
https://www.cifraclub.com.br/oasis/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

RD Station (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

392
Requests

91 %
HTTPS

0 %
IPv6

54
Domains

94
Subdomains

73
IPs

11
Countries

4486 kB
Transfer

12525 kB
Size

65
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: http://forum.cifraclub.com.br/
Title: Fórum Cifra Club

Search URL Search Domain Scan URL

URL: http://www.formesuabanda.com.br/
Title: Forme Sua Banda

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.studiosol.cifraclub
Title: Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/app/cifra-club/id921625944
Title: App Store

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/pt-br/store/apps/cifra-club/9wzdncrfj18m
Title: Windows Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.studiosol.afinadorlite
Title: Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/app/afinador-cifra-club/id480625281?mt=8
Title: App Store

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/pt-br/store/apps/cifra-club-tuner/9wzdncrfj17z
Title: Windows Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.studiosol.metronomo
Title: Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/app/metronomo-cifra-club/id569883867?mt=8
Title: App Store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&t=Oasis%20cifras%2C%20letras%2C%20tablaturas%20e%20videoaulas%20das%20m%C3%BAsicas%20no%20Cifra%20Club
Title: Compartilhar no Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&related=cifraclub&text=Oasis%20cifras%2C%20letras%2C%20tablaturas%20e%20videoaulas%20das%20m%C3%BAsicas%20no%20Cifra%20Club
Title: Compartilhar no Twitter

Search URL Search Domain Scan URL

URL: https://www.letras.mus.br/contribuicoes/enviar_letra/
Title: letra

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/
Title: Ouvir no

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/lambertos/
Title: Rock Lambertos

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/tedrosoficial/
Title: Rock Tedros

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/rocknupelo/
Title: Rock Rock nu Pêlo

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/selvagensaprocuradelei/
Title: Rock Selvagens à Procura de Lei

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/sutilmodelonovo/
Title: Rock Sutil Modelo Novo

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/omarcosalmeida/
Title: Rock Marcos Almeida

Search URL Search Domain Scan URL

URL: https://id.cifraclub.com.br/cadastro/
Title: Crie sua conta grátis

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCpypU2XLYmOsf36xgcgrW3w/join
Title: YouTube Membros

Search URL Search Domain Scan URL

URL: https://suporte.cifraclub.com.br/support/home
Title: Contato

Search URL Search Domain Scan URL

URL: https://www.studiosol.com.br/cifraclub?lang=pt
Title: Anuncie no Cifra Club

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/developer/studio-sol-comunicacao-digital-ltda/id480625284
Title: Aplicativos - App Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/dev?id=5223058821229460338&hl=pt_BR
Title: Aplicativos - Google Play

Search URL Search Domain Scan URL

URL: https://apps.microsoft.com/search/publisher?name=Studio+Sol+Comunica%C3%A7%C3%A3o+Digital+Ltda+Epp&hl=pt-br&gl=BR
Title: Aplicativos - Microsoft Store

Search URL Search Domain Scan URL

URL: https://www.youtube.com/cifraclub
Title: Siga-nos: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cifraclub/
Title: Siga-nos: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cifraclub/
Title: Siga-nos: Facebook

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@cifraclub
Title: Siga-nos: TikTok

Search URL Search Domain Scan URL

URL: https://twitter.com/cifraclub
Title: Siga-nos: Twitter

Search URL Search Domain Scan URL

URL: https://www.letras.mus.br/
Title: Letras

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com/
Title: Palco MP3

Search URL Search Domain Scan URL

URL: https://www.cifraclub.com/oasis/
Title: Ver em Español

Search URL Search Domain Scan URL

URL: https://www.wechords.com/oasis/
Title: Ver em Inglês

Search URL Search Domain Scan URL

URL: https://www.studiosol.com.br/?lang=pt
Title: Studio Sol

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.cifraclub.com.br/oasis/st HTTP 301
http://www.cifraclub.com.br/oasis/st/ HTTP 301
https://www.cifraclub.com.br/oasis/st/ HTTP 307
https://www.cifraclub.com.br/oasis/st/letra/ HTTP 307
https://www.cifraclub.com.br/oasis HTTP 301
http://www.cifraclub.com.br/oasis/ HTTP 301
https://www.cifraclub.com.br/oasis/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://id.cifraclub.com.br/id/v2/client.latest.css HTTP 302
https://akamai.sscdn.co/id/v2/3d130.client.css

Request Chain 32

https://id.cifraclub.com.br/id/v2/pt-br/client.latest.js HTTP 302
https://akamai.sscdn.co/id/v2/pt-br/client.7da0f.js

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEHnXwBrLoLxJjBIygrSIo4s&google_cver=1&google_ula=862479430,0

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4rt0DKyrcI5dFeQ-wduPU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4rt0DKyrcI5dFeQ-wduPU&google_cver=1&C=1

Request Chain 237

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXQ7d75gIeQn.jxCQHFf5AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4rt0DKyrcI5dFeQ-wduPU&google_cver=1&google_hm=2

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEElYvaLNu0p0w1UR_WSZawI&google_cver=1

Request Chain 239

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzOTYyMjYyMDQzNjc4NDI2OQ%3D%3D

Request Chain 258

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmSyRr0LlxcQuZu1MPKj-XN_eLGqbm33Uiu1RPO9SDHI_Wk88LQNp88mkvzirJtiqDY175j0j_HsatGJX8x4gohzMctNWx9-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSyRr0LlxcQuZu1MPKj-XN_eLGqbm33Uiu1RPO9SDHI_Wk88LQNp88mkvzirJtiqDY175j0j_HsatGJX8x4gohzMctNWx9-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmSyRr0LlxcQuZu1MPKj-XN_eLGqbm33Uiu1RPO9SDHI_Wk88LQNp88mkvzirJtiqDY175j0j_HsatGJX8x4gohzMctNWx9-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSyRr0LlxcQuZu1MPKj-XN_eLGqbm33Uiu1RPO9SDHI_Wk88LQNp88mkvzirJtiqDY175j0j_HsatGJX8x4gohzMctNWx9-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 259

https://um.simpli.fi/gp_match?google_gid=CAESEGF1O9Wl_KycTyDASLV7cE0&google_cver=1&google_push=AXcoOmQntarz8pH1DgTpBN8Ul7-6pKJyIsiapqAJpHeP4ZHQ6Fg3UIZrMG_Ld2El8Ry4RqMcbQ3XFEfUducvVmEB3q31BhM6TUjVVg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AADDDB9C1CE24DA499C4C9FCC7C164B0&google_push=AXcoOmQntarz8pH1DgTpBN8Ul7-6pKJyIsiapqAJpHeP4ZHQ6Fg3UIZrMG_Ld2El8Ry4RqMcbQ3XFEfUducvVmEB3q31BhM6TUjVVg

Request Chain 260

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOqThzHR8_BOCoAUEzCz44E&google_cver=1&google_push=AXcoOmT-U_sSLU57Lpf85tU86ZopFALuCQ6-vmU6L11hoTolJFNTsO3W7A7JJJYm0Tx5AGABcj58KqFA8oNUxFKTH9Ktf6sd4qEMaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDUzMzQ3NzQyNjU5MTg4NQ%3D%3D&google_push=AXcoOmT-U_sSLU57Lpf85tU86ZopFALuCQ6-vmU6L11hoTolJFNTsO3W7A7JJJYm0Tx5AGABcj58KqFA8oNUxFKTH9Ktf6sd4qEMaQ

Request Chain 262

https://d5p.de17a.com/cookies/google?google_gid=CAESEGOKg27IKlDnUuS2bWUD6PA&google_cver=1&google_push=AXcoOmTQLFQUMCWDXsmpRGDhW1YKPx6a7HIxwpWNyRWIe1h1zEK6b2_NT77rkVkntbKrjzvpz8TuRVyVwm-XXjfAAZHA5C7sKqDcvg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGOKg27IKlDnUuS2bWUD6PA&google_cver=1&google_push=AXcoOmTQLFQUMCWDXsmpRGDhW1YKPx6a7HIxwpWNyRWIe1h1zEK6b2_NT77rkVkntbKrjzvpz8TuRVyVwm-XXjfAAZHA5C7sKqDcvg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTQLFQUMCWDXsmpRGDhW1YKPx6a7HIxwpWNyRWIe1h1zEK6b2_NT77rkVkntbKrjzvpz8TuRVyVwm-XXjfAAZHA5C7sKqDcvg

Request Chain 266

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwRydECUgkJoVIthPn-Dpc&google_cver=1

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENyFobyaTrdE4B9OboyBr5I&google_cver=1

Request Chain 270

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEO88Vy66Gf7poaIevmujuOY&google_cver=1&google_push=AXcoOmQtEuKkaOVBeizyygdiuX5WhQxQ-cVLiVQ9hiVaVnq0fvaAsQgyqGdW1nQQIxmkoOVw8mxeLxV6J_5JNfvJ__MtiwCe8n5iEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzMyNjU0MTEzMzU5OTE4MTI3Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEO88Vy66Gf7poaIevmujuOY&google_cver=1

Request Chain 272

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEM3bh9HIpBN3XN_qcvEWCF0&google_cver=1&google_push=AXcoOmRE1WMKn0oDXbNyF5zyIyxtuQ5jLHWoy2OzwtrYcqnSdDxQviOx4NgAwBKNvOyKdqtvPZVHKOgee8BbyLU1Xh0E9JRB2MUPWQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM3bh9HIpBN3XN_qcvEWCF0&google_push=AXcoOmRE1WMKn0oDXbNyF5zyIyxtuQ5jLHWoy2OzwtrYcqnSdDxQviOx4NgAwBKNvOyKdqtvPZVHKOgee8BbyLU1Xh0E9JRB2MUPWQ

Request Chain 279

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 291

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwRydECUgkJoVIthPn-Dpc&google_cver=1

Request Chain 293

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENyFobyaTrdE4B9OboyBr5I&google_cver=1

Request Chain 295

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwRydECUgkJoVIthPn-Dpc&google_cver=1

Request Chain 297

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENyFobyaTrdE4B9OboyBr5I&google_cver=1

Request Chain 321

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmSNwGlfF7SZnGHDmCXkixISXNk5zE9vT-D85Fn3-I_K_oSCnk4lwyWKm05QsLDnUlmEoVYbNqUzSGJ1I2ORtxj1_B560PAI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSNwGlfF7SZnGHDmCXkixISXNk5zE9vT-D85Fn3-I_K_oSCnk4lwyWKm05QsLDnUlmEoVYbNqUzSGJ1I2ORtxj1_B560PAI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmSNwGlfF7SZnGHDmCXkixISXNk5zE9vT-D85Fn3-I_K_oSCnk4lwyWKm05QsLDnUlmEoVYbNqUzSGJ1I2ORtxj1_B560PAI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSNwGlfF7SZnGHDmCXkixISXNk5zE9vT-D85Fn3-I_K_oSCnk4lwyWKm05QsLDnUlmEoVYbNqUzSGJ1I2ORtxj1_B560PAI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 322

https://um.simpli.fi/gp_match?google_gid=CAESEGF1O9Wl_KycTyDASLV7cE0&google_cver=1&google_push=AXcoOmRa5eko16Wh8-l79Zfkkhd0JqbCF8XA0orWf2ke4yW2e0H_F2ROj1KCXqKV_sD9fvta-M-3DYenoDhzZgoko2a5C-02YJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AADDDB9C1CE24DA499C4C9FCC7C164B0&google_push=AXcoOmRa5eko16Wh8-l79Zfkkhd0JqbCF8XA0orWf2ke4yW2e0H_F2ROj1KCXqKV_sD9fvta-M-3DYenoDhzZgoko2a5C-02YJU

Request Chain 323

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOqThzHR8_BOCoAUEzCz44E&google_cver=1&google_push=AXcoOmRM_izILPDxoX0nwCGyfMqDRPyGZzEmmNUeyyfjY_pguGE0vc7c9FDkP1gHHrcX2odRA23EM2FMH_7AR5XxCAOIFGpelteS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDUzMzQ3NzQyNjU5MTg4NQ%3D%3D&google_push=AXcoOmRM_izILPDxoX0nwCGyfMqDRPyGZzEmmNUeyyfjY_pguGE0vc7c9FDkP1gHHrcX2odRA23EM2FMH_7AR5XxCAOIFGpelteS

Request Chain 325

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN26uRCwm9vsMkynWlsH8zo&google_cver=1&google_push=AXcoOmSts_xMlu-NUM5UlCn9LCx98_C4VBqLjD6Kk4Tc_ummz_dwcMniHaG204ovsQ1vGCz1mrRcnsZJkmG-2h5Za7GF0PGiNE-o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYVzFORlktMVUtMUE3Ug==&google_push=AXcoOmSts_xMlu-NUM5UlCn9LCx98_C4VBqLjD6Kk4Tc_ummz_dwcMniHaG204ovsQ1vGCz1mrRcnsZJkmG-2h5Za7GF0PGiNE-o

Request Chain 326

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHCQuqqa8S6UjTkcKnadPFg&google_cver=1&google_push=AXcoOmSRfxa2Vvj_r7ob7cWs9QmnbyoyklFPFdmwiERfE69px3ifB04PQxjYhPqUVlbMPylZgkUcasz9L8LZWqbG-7BwTE8Z_MM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSRfxa2Vvj_r7ob7cWs9QmnbyoyklFPFdmwiERfE69px3ifB04PQxjYhPqUVlbMPylZgkUcasz9L8LZWqbG-7BwTE8Z_MM

Request Chain 331

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmQBE5Md01NEE0ANDYKBhObfs3H8AP18hdhyLEIFXsvt75xrehtgOquLhTKWOUqP7z4OI7tBaU6Ruk7Fz59BwrGdS-hXLcX8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQBE5Md01NEE0ANDYKBhObfs3H8AP18hdhyLEIFXsvt75xrehtgOquLhTKWOUqP7z4OI7tBaU6Ruk7Fz59BwrGdS-hXLcX8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmQBE5Md01NEE0ANDYKBhObfs3H8AP18hdhyLEIFXsvt75xrehtgOquLhTKWOUqP7z4OI7tBaU6Ruk7Fz59BwrGdS-hXLcX8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQBE5Md01NEE0ANDYKBhObfs3H8AP18hdhyLEIFXsvt75xrehtgOquLhTKWOUqP7z4OI7tBaU6Ruk7Fz59BwrGdS-hXLcX8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 333

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPPbwqbrq4NUNZf_-_WO-OE&google_cver=1&google_push=AXcoOmRPG0AvYq3t-0aa236pogMTkT1mtaC_TOwQsu3PcrrExLUqPdh1O28Fz8Qs8-koDyFjivcpssXKLJPV_XFGqC8OxA1eEdBuYw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRPG0AvYq3t-0aa236pogMTkT1mtaC_TOwQsu3PcrrExLUqPdh1O28Fz8Qs8-koDyFjivcpssXKLJPV_XFGqC8OxA1eEdBuYw&google_hm=jNbNrmcxSNW4jfZwylujGbg

Request Chain 334

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESED-IXlrGrDnDUNEeO3qjdS4&google_cver=1&google_push=AXcoOmQpYpVciKpVF5dn6uuYpFEJMVhWyYGeV3_0GD9h_FPfaw3N9DwjTKJ-d75ow2OC_61_MqzmRljQNm6k4DpAwYJrq7J1iGLU HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQpYpVciKpVF5dn6uuYpFEJMVhWyYGeV3_0GD9h_FPfaw3N9DwjTKJ-d75ow2OC_61_MqzmRljQNm6k4DpAwYJrq7J1iGLU&google_hm=hmV0O3ek2c9EW4UhTg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65743B77A4D9CF445B85214EBLIS

Request Chain 335

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGaaeM2BI8FO5w0y9v9cgY4&google_cver=1&google_push=AXcoOmQJOJZVG3W0T0SU7ZevzOkRsuUtB4lMh6twQf6bUd1bDfeP3XnFMhG2gTQfjwQlCOsGx6-xKi9-nWem15UJFPWJ8V7pv6Ez HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQJOJZVG3W0T0SU7ZevzOkRsuUtB4lMh6twQf6bUd1bDfeP3XnFMhG2gTQfjwQlCOsGx6-xKi9-nWem15UJFPWJ8V7pv6Ez&google_hm=eS1wTm5vSS41RTJwSHdLRzZ4a19vcUpvOVJGSmJtN0xpZH5B

Request Chain 364

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPPbwqbrq4NUNZf_-_WO-OE&google_cver=1&google_push=AXcoOmQm4Ad1LG0PEahGV7A7_bx0SnsDfH0USXqGf5vweuqNM_ltcyrglNRZGgjvzmRx7MODV6n6B2t-Ir8GRU5AHXuiTadkiFEV_Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQm4Ad1LG0PEahGV7A7_bx0SnsDfH0USXqGf5vweuqNM_ltcyrglNRZGgjvzmRx7MODV6n6B2t-Ir8GRU5AHXuiTadkiFEV_Q&google_hm=jNbNrmcxSNW4jfZwylujGbg

Request Chain 365

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESED-IXlrGrDnDUNEeO3qjdS4&google_cver=1&google_push=AXcoOmQVU99iG8kjqI_OGrZn0_jfvawgHwKWekT1gTjc3Fh9MKM8FO8L1DDpLkCzqGOC8r-Vj0TOddS1eYnvymjbjhjg74ZD81kvcg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQVU99iG8kjqI_OGrZn0_jfvawgHwKWekT1gTjc3Fh9MKM8FO8L1DDpLkCzqGOC8r-Vj0TOddS1eYnvymjbjhjg74ZD81kvcg&google_hm=hmV0O3ek2c9EW4UhTg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65743B77A4D9CF445B85214EBLIS

Request Chain 366

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFlydb5IlRrgxLqFUht3ZYw&google_cver=1&google_push=AXcoOmQbCTZXcOieGqqTTXjfafjlpo0KLvwFHQnz6VJ8yDyrQxSYtjVpOVSgfizkPl6PKgkJVAff-SWVaeMg0bP4MLtjCUjc68noSA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JX7PNVnrTvw3RkPfiytBEw&google_push=AXcoOmQbCTZXcOieGqqTTXjfafjlpo0KLvwFHQnz6VJ8yDyrQxSYtjVpOVSgfizkPl6PKgkJVAff-SWVaeMg0bP4MLtjCUjc68noSA

Request Chain 367

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN26uRCwm9vsMkynWlsH8zo&google_cver=1&google_push=AXcoOmTzrT7P6ZDbGy-hF11MwcI4LSnYCetxYhVERW2XShP12tfKdomtKsQo4pH1cpbBYW8zaD7Xs_gBPGbrPHO6FhD4MfiUFeAEzA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYVzFORlktMVUtMUE3Ug==&google_push=AXcoOmTzrT7P6ZDbGy-hF11MwcI4LSnYCetxYhVERW2XShP12tfKdomtKsQo4pH1cpbBYW8zaD7Xs_gBPGbrPHO6FhD4MfiUFeAEzA

Request Chain 368

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHCQuqqa8S6UjTkcKnadPFg&google_cver=1&google_push=AXcoOmRGuvmm-dI9NPJbkbyP2K5Gj1vD79jEUkkdZsQ__T87e-K0ULTZBgfolxfNWuBVdIfQ3RMQuHzvMaOjSAnm09XZVqNsU6hJ_g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRGuvmm-dI9NPJbkbyP2K5Gj1vD79jEUkkdZsQ__T87e-K0ULTZBgfolxfNWuBVdIfQ3RMQuHzvMaOjSAnm09XZVqNsU6hJ_g

Request Chain 370

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHCQuqqa8S6UjTkcKnadPFg&google_cver=1&google_push=AXcoOmQtWLDswNqbZ-ihPRI15-PFGLML4vR1kob_lw8sRpEuR6Z3Myv-k9rw7UxIVijojdA6JBGN0_8nklSOTiyC4cfJompB7Sb4vao HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQtWLDswNqbZ-ihPRI15-PFGLML4vR1kob_lw8sRpEuR6Z3Myv-k9rw7UxIVijojdA6JBGN0_8nklSOTiyC4cfJompB7Sb4vao HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

392 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.cifraclub.com.br/oasis/
Redirect Chain

https://www.cifraclub.com.br/oasis/st
http://www.cifraclub.com.br/oasis/st/
https://www.cifraclub.com.br/oasis/st/
https://www.cifraclub.com.br/oasis/st/letra/
https://www.cifraclub.com.br/oasis
http://www.cifraclub.com.br/oasis/
https://www.cifraclub.com.br/oasis/

1 MB
54 KB

6296ms
6296ms

Document
text/html

95.101.54.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 95.101.54.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-243.deploy.static.akamaitechnologies.com
Software: nginx / PHP/5.6.37
Resource Hash: 93c847517b3cf216c23cb5d78a221fb61658c9a0eee203ea5e7ccc504e5456e3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cache-control: no-transform, max-age=28772
content-encoding: br
content-length: 55261
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 10:03:32 GMT
quic-version: 0x00000001
server: nginx
vary: Accept-Encoding, X-Site-Version
x-debug-nocache: 0
x-powered-by: PHP/5.6.37
x-site-version: desktop

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 09 Dec 2023 10:03:25 GMT
Location: https://www.cifraclub.com.br/oasis/
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Accept-Encoding, X-Site-Version
X-Site-Version: desktop

GET
H2 200 opensans-light.woff2
akamai.sscdn.co/cc/font/opensans/ 18 KB
19 KB 249ms
56ms Font
application/octet-stream 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/opensans/opensans-light.woff2
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4f25af342124d142dd99b5b3a4b90e660cd4b96dc7c2bf4e54c1a802cc93d521

Request headers

Referer: https://www.cifraclub.com.br/
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 18472
x-debug-nocache: 0
last-modified: Fri, 03 Nov 2023 15:55:25 GMT
server: nginx
etag: "654517ed-4828"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 d8e28.desktop.css
akamai.sscdn.co/cc/css/ 435 KB
76 KB 236ms
44ms Stylesheet
text/css 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bfbd4734ccb0db8f1110b7a37a4cb2c648cde1a71454dd4121cd882a82024589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 77514
x-debug-nocache: 0
last-modified: Wed, 22 Nov 2023 20:44:24 GMT
server: nginx
etag: W/"655e6828-6cb5c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H3

200

3d130.client.css
akamai.sscdn.co/id/v2/
Redirect Chain

https://id.cifraclub.com.br/id/v2/client.latest.css
https://akamai.sscdn.co/id/v2/3d130.client.css

16 KB
4 KB

50ms
50ms

Stylesheet
text/css

2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/id/v2/3d130.client.css
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fcdd8078f60f8833861ca0b9f13aba67773278d96cbd4f459b21cdbac2d6a62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sun, 08 Dec 2024 10:03:32 GMT
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3749
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

Redirect headers

location: https://akamai.sscdn.co/id/v2/3d130.client.css
date: Sat, 09 Dec 2023 10:03:32 GMT
cache-control: max-age=300
content-type: text/html
server: nginx
expires: Sat, 09 Dec 2023 10:08:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 88ms
34ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

39c6dde7b3a7b75604778a4e722f23c4210f03424fa7582adf1337d5449e4129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 10:03:32 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 165ms
111ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

cd42b268d14bc0a73d319b03beab500911bbf0b88956bd6809cc8c9518473bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30006
x-xss-protection: 0
server: cafe
etag: 545 / 19700 / m202312040101 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:03:32 GMT

GET
H2 200 01c04.ads-manager.js Show response
akamai.sscdn.co/cc/js/ 6 KB
2 KB 263ms
90ms Script
application/x-javascript 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/01c04.ads-manager.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3d58d6b81013cd185fcaf14300457b228dff4e72deee5e7b6f40b88eb913942c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
last-modified: Tue, 19 Sep 2023 15:16:22 GMT
server: nginx
etag: W/"6509bb46-16d9"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1524
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 0ec6be4800965df731eeb34cffc86236.jpg
akamai.sscdn.co/letras/150x150/fotos/0/e/c/6/ 5 KB
5 KB 285ms
93ms Image
image/webp 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/150x150/fotos/0/e/c/6/0ec6be4800965df731eeb34cffc86236.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: beac3b574eef4f6cb4b210b9229be5f061c325bbe7e3ea9d2bbae6195a9e9885

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 4684
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 270 KB
66 KB 93ms
30ms Script
application/javascript 18.239.83.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:50:29 GMT
content-encoding: gzip
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 7d758b616f5473c7b4bee1c49ecfa98a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 22:47:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P5
age: 784
x-amz-server-side-encryption: AES256
etag: W/"aaba284d2b2910b9a4f56befae1e2e69"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: VsTMQhs9MKRjMKAuSPhPzM8qpZPuC8ZN2pqI3zNbLDY9HndH2SME_w==

GET
H2 200 firebase-performance-standalone.js Show response
www.gstatic.com/firebasejs/7.9.1/ 44 KB
13 KB 81ms
25ms Script
text/javascript 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

59e8f33be46fb7a03d8db862b344a3e581550c8d38e0a28345be72de04a6c0e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 370927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13255
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 21:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 03:01:25 GMT

GET
H2 200 ad3f20cdf6f21db3bf0647d5450fd22a.jpg
akamai.sscdn.co/letras/162x162/fotos/a/d/3/f/ 10 KB
10 KB 247ms
95ms Image
image/webp 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/162x162/fotos/a/d/3/f/ad3f20cdf6f21db3bf0647d5450fd22a.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 75785f289ef074e8f175731f45213f81b3ed60a25d6fe928eb672bc4cb0ff86b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 10038
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 288e4fc693c7c244065ebf6b324aa659.jpg
akamai.sscdn.co/letras/162x162/fotos/2/8/8/e/ 6 KB
6 KB 244ms
93ms Image
image/webp 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/162x162/fotos/2/8/8/e/288e4fc693c7c244065ebf6b324aa659.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1a1496e6481c42c667efab542075d1247514547ca36d577ca38f9525dab07663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 5672
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 c548846da3a03b6620a6fba78a6c6894.jpg
akamai.sscdn.co/letras/162x162/fotos/c/5/4/8/ 3 KB
3 KB 152ms
91ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/letras/162x162/fotos/c/5/4/8/c548846da3a03b6620a6fba78a6c6894.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

044276ed35bfe7ddbae68a48ebb014c332c3164f0d6056253d7b7c48acaca8b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="c548846da3a03b6620a6fba78a6c6894.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2893
x-request-id: J_XVx57YhMMTsVs5EacGm
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 b4506de4afd7f665e8e8c17e93fae1f2.jpg
akamai.sscdn.co/letras/162x162/fotos/b/4/5/0/ 2 KB
2 KB 155ms
94ms Image
image/webp 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/162x162/fotos/b/4/5/0/b4506de4afd7f665e8e8c17e93fae1f2.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 98b36d0f871ff10d79dc18923e6029ceeafff1805c244f50a548b40bf22d68e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2154
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 d31e40f85f7e42c285357f6a67d67c5d.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/b/d/2/b/ 17 KB
18 KB 160ms
157ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/320x320/palcomp3-logo/b/d/2/b/d31e40f85f7e42c285357f6a67d67c5d.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

53af0e9ff44aeaecd83a42311e55ab7c21d3421388f74c6a71bf3eb19741d0a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="d31e40f85f7e42c285357f6a67d67c5d.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 17851
x-request-id: ALyKLhV0tb0Xfj_jGbU7o
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 9aee29e9e4a84323aceb2d81815aee37.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/b/a/8/7/ 7 KB
8 KB 160ms
157ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/320x320/palcomp3-logo/b/a/8/7/9aee29e9e4a84323aceb2d81815aee37.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ffc12c783dd36405496154947df43d6d6204a694e06b56bf516c52ce82d348ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="9aee29e9e4a84323aceb2d81815aee37.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7679
x-request-id: J3y3WNCC35hsEELpnXfuW
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 931bc76a2bda4bbebfeb44349f862fa0.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/0/4/8/a/ 8 KB
8 KB 163ms
159ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/320x320/palcomp3-logo/0/4/8/a/931bc76a2bda4bbebfeb44349f862fa0.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3e8088157c8f2558e34ec624c6d585190aabf2e40d14379cc3e2177cbdb5f322

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="931bc76a2bda4bbebfeb44349f862fa0.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 8192
x-request-id: qp9zCac05fyBafYTUkrL2
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 eb17edcf634f4519829972ff799394d8.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/c/1/d/a/ 5 KB
5 KB 163ms
160ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/320x320/palcomp3-logo/c/1/d/a/eb17edcf634f4519829972ff799394d8.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

762067c0f275ae22abacab20f64e6af6d69859ad31bd1af4c8aa70a5f37ca89f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="eb17edcf634f4519829972ff799394d8.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 4874
x-request-id: R9NGe3PX5L0xQHyku5PsX
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 02db8d1cdbbc4f80a50ba1cb3d634a4c.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/1/f/a/b/ 7 KB
7 KB 163ms
160ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/320x320/palcomp3-logo/1/f/a/b/02db8d1cdbbc4f80a50ba1cb3d634a4c.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f74c249acb234b2ca8d04f7cd54696ef451479e8d6749f402daf6920200f72c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="02db8d1cdbbc4f80a50ba1cb3d634a4c.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7186
x-request-id: HeYNPuzlUM6XhLal9sQOO
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 d9ae6003f587475d86ed91c448848e26.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/5/8/9/5/ 4 KB
4 KB 166ms
162ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/320x320/palcomp3-logo/5/8/9/5/d9ae6003f587475d86ed91c448848e26.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d578b685b429ff4e0b09abc05805b8178d6de9d1a7b5bc8100c5d656d17d10f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="d9ae6003f587475d86ed91c448848e26.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3817
x-request-id: GeKf-sYPVMCCzqz1yTLNh
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 47n3r1gu8lg.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/2/1/ 2 KB
2 KB 167ms
164ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/2/1/47n3r1gu8lg.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

95d10ec7bac33c2bef6627247bf3afcf67508b129a231cafad92ad8752d1c46b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="47n3r1gu8lg.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1674
x-request-id: ElkEY4exmUYV1ccUI3iX0
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 4nkeril1zgy.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/4/6/ 1 KB
2 KB 168ms
165ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/4/6/4nkeril1zgy.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

11fce349dc88604a7014274185fb60fdb3169648750fdc0a86ee0c32397bc681

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="4nkeril1zgy.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1233
x-request-id: KrRgNs69Rc81rRbYE5tTG
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 4nej6o1iz7w.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/3/3/ 2 KB
2 KB 169ms
166ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/3/3/4nej6o1iz7w.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6900876eece5bf3972934097ac40a69bfcc2d15f24cde1cce4bf27ce3928df5a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="4nej6o1iz7w.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1572
x-request-id: QyGC07NPu2TxM27jI2nCQ
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 48cjej0sg5r.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/9/6/ 2 KB
2 KB 169ms
166ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/9/6/48cjej0sg5r.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e0051b91b479808abfc8563e754e4f107b8cbb60a37091807268987fabbfa600

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="48cjej0sg5r.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2029
x-request-id: GiLChkXivEZg_mU7JLHaF
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 4lvgg817mu5.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/1/4/ 1 KB
2 KB 170ms
167ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/1/4/4lvgg817mu5.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1598ef891d4bdf2edbdf92f70aa210a98d93bbb0863c106683ddde93a639f632

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="4lvgg817mu5.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1419
x-request-id: Wg7Rf4Tgp9dZgVeRE3S9Q
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 avatar.svg
akamai.sscdn.co/cc/img/desktop/ 2 KB
1 KB 80ms
78ms Image
image/svg+xml 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/avatar.svg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f82dfdfaea0bb707b71f4ac5500b61a91ae9f3850b09f642b3254a9cf44b9389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: gzip
last-modified: Fri, 24 Mar 2023 16:06:41 GMT
server: nginx
etag: W/"641dca91-84c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 740
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 4ftq1u965u4.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/7/6/ 2 KB
3 KB 170ms
167ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/7/6/4ftq1u965u4.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a744f9774a333ee0807e066e8e15fbea8f54c63794549c5defe2281b98637d8f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="4ftq1u965u4.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2301
x-request-id: e-hD5lkikpoOLQtsHbxRp
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 47pvu5sthcc.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/0/2/ 2 KB
2 KB 171ms
168ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/0/2/47pvu5sthcc.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

da0bb398000aa28a61206661b421c0eeb33d190dc30b5572fde742061804feb5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="47pvu5sthcc.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1970
x-request-id: Ob8URtAMDfS3VzDGdyA1g
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 4k7gsnlso7q.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/8/3/ 2 KB
3 KB 171ms
168ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/8/3/4k7gsnlso7q.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

110d539beb902a2116bc781c2299b38533f285e03dcc19e064c3315602910357

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="4k7gsnlso7q.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2446
x-request-id: zTJfwQrLy2R65GQhFuij-
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 4mnupmwyqnu.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/0/8/ 2 KB
3 KB 171ms
168ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/0/8/4mnupmwyqnu.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8448eec1b11709f6f960592ca4223988ee6f4d1a5cc28bc41b37fafa2f8b5771

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="4mnupmwyqnu.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2183
x-request-id: L6mVFHEbqzPCtNGOYwiz1
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 45wz4kuf6up.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/7/3/ 1 KB
2 KB 172ms
169ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/7/3/45wz4kuf6up.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

311724ef5b6741df264b9b084a77bc35deafe874b33248d0c8f8b8550b4d81e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="45wz4kuf6up.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1449
x-request-id: 4qDLVac_zuWkJZUMp_u9b
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 4l9n5imnkbt.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/4/3/ 1 KB
2 KB 172ms
170ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/4/3/4l9n5imnkbt.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e7cdf4e1314b3721d856cf8d24bd8456840e564d2bd254ceb8686b95bd536264

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="4l9n5imnkbt.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1492
x-request-id: RuBX4NBa1t86-qP-p87h3
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 instrutores.png
akamai.sscdn.co/cc/img/pro/ 14 KB
14 KB 107ms
104ms Image
image/png 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/pro/instrutores.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1f407355fa69f17827cc696408baea8cb67f184a71a47c205ef4022c1d7f44a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-debug-nocache: 1
date: Sat, 09 Dec 2023 10:03:32 GMT
last-modified: Mon, 16 Oct 2023 14:56:06 GMT
server: nginx
etag: "652d4f06-3832"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 14386
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H3

200

client.7da0f.js Show response
akamai.sscdn.co/id/v2/pt-br/
Redirect Chain

https://id.cifraclub.com.br/id/v2/pt-br/client.latest.js
https://akamai.sscdn.co/id/v2/pt-br/client.7da0f.js

219 KB
61 KB

50ms
50ms

Script
application/javascript

2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/id/v2/pt-br/client.7da0f.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7620fb859f2d4043d22636886cf9cab799f2a7c7e764febf3c9231eb3d469f3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sun, 08 Dec 2024 10:03:32 GMT
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
server: nginx
etag: W/"4bfaea6920b112f07e34c1f4a9713c3a"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 62601
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

Redirect headers

location: https://akamai.sscdn.co/id/v2/pt-br/client.7da0f.js
date: Sat, 09 Dec 2023 10:03:32 GMT
cache-control: max-age=300
content-type: text/html
server: nginx
expires: Sat, 09 Dec 2023 10:08:32 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 65ms
22ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

09e6e7ab41aec891950182f58c7f1a39145de07abed87b3ac708d707d88ff2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cifraclub.com.br/
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 10:03:32 GMT
content-md5: ViOVIRXie9H1ejbTAlB+bA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: mwUwxkZvRkr9s1kDonZK3320Pd3C5JanNeHSqY06J6+x2pmDBn2OPvIuBR5AN2b+ncPe1FIMJb/DcgNs1navtA==
x-fb-content-md5: f7e1e5f65d5ab1fc2db5c6185ece6f8d
cross-origin-opener-policy: same-origin-allow-popups
etag: "528c81b025e22b7065d5c598294aa0b8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:15:49 GMT

GET
H2 200 pt.js Show response
akamai.sscdn.co/cc/js/9bf7d.desktop/ 8 KB
3 KB 233ms
89ms Script
application/x-javascript 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/9bf7d.desktop/pt.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2c73ad08334e801d45ff3b490982500f67061656e3c2bdb686f5db03e1540071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 20:00:32 GMT
server: nginx
etag: W/"651489e0-1f37"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2508
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 2419b.desktop.js Show response
akamai.sscdn.co/cc/js/ 549 KB
131 KB 125ms
123ms Script
application/x-javascript 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/2419b.desktop.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 73ca54e7fd737f75e3c1e6aeab2359da4938a878600f9f5f3b2b28a210187be1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-debug-nocache: 0
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
last-modified: Wed, 06 Dec 2023 11:36:31 GMT
server: nginx
etag: W/"65705cbf-8942c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 133418
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 891ms
835ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a4387844ea355406e936ffea2c2e0b1eb84ace4fe9c2322830ee1bae264b73c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: oMbmV.0AF2GkkIfSAvohn0U.ljGYNNCf
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
date: Sat, 09 Dec 2023 10:03:33 GMT
last-modified: Tue, 03 Oct 2023 18:45:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
etag: W/"32d5cf5159a5742b9a45b5a348a320c6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: lDBFWJ_iyVJH_cMCH4eXlzwIh__xfGGlalEqt92wyHGlUUFwsF6Wlg==

GET
H2 200 violao_iniciante-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 13 KB
13 KB 81ms
78ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/violao_iniciante-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5ad947ccaa4ca7a75ebafb987ef274569c5de7298299dc743b22b6439de73412

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="violao_iniciante-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 12933
x-request-id: fy6Dq94GFiJeBrqrNA1WY
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 violao-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 13 KB
14 KB 82ms
80ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/violao-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

20230eebccf18cdac7ca5b8412b6e0672d1b37844927bcf43d0448352b19c104

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="violao-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 13557
x-request-id: bCS54YKwB6gvN1PrMpldo
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 viola%CC%83o_sertanejo-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 7 KB
7 KB 174ms
172ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/viola%CC%83o_sertanejo-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a916aa8e13a2a5c93b12839ea542732ff2c90e83bd05b016ee807910d377f7ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="violaÌo_sertanejo-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 6751
x-request-id: w2DXBoQ4UvsSyYgF0HPWO
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 dinhoatual-1689593496.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/ 8 KB
9 KB 154ms
152ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/dinhoatual-1689593496.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

83354326bf78aff6835472064ce3de6c701d8a7067f8d26cd385b9bb8fc3a7d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="dinhoatual-1689593496.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 8565
x-request-id: 0LxbCacgZf1TjG4UPoLGi
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 fofaocurso-1696446624.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/ 7 KB
7 KB 156ms
154ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/fofaocurso-1696446624.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

59c741e1e59a3b6d63c2342a5006051940b7d9eb6ce1d0bbe246d2af70d2ea75

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="fofaocurso-1696446624.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7210
x-request-id: xG49pnGY4ybZ84Ad3mDDq
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 lives-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 6 KB
6 KB 113ms
111ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/lives-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

050ab394bdfdc7a2557e1d9e1d08dff61f08059a9f58408ea5963f0a5b09c991

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="lives-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 5813
x-request-id: wVpSQp8INl3yPbk2xuvC7
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 canto-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 8 KB
8 KB 114ms
112ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/canto-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b88111ebcd854dbf472fdf7fb5134cc6edaee4691045fbd6a170e44147dbe452

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="canto-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 8198
x-request-id: YYLcId5HSkcyOzdX4aYxI
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 cursocanto-instrutorvivi-instrutor-2default-instrutor-3-3x-1685628836.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/ 7 KB
7 KB 115ms
114ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/cursocanto-instrutorvivi-instrutor-2default-instrutor-3-3x-1685628836.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07192a2c56c266c2d475b86131dbe71f5f5ca51b42608c20666c85876481c6af

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="cursocanto-instrutorvivi-instrutor-2default-instrutor-3-3x-1685628836.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7114
x-request-id: plP9K4uE4Y3Jxlcj46HDr
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 teclado-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 7 KB
7 KB 157ms
155ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/teclado-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

255eea6fe208bbc9fcc28a6946219f678587506d56fa69754fb0b8a49b72aee2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="teclado-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 6984
x-request-id: GpPvAz1UWoksPof6SzLS3
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 ukulele-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 9 KB
9 KB 117ms
116ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ukulele-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

61783a8faf823c61843dd3951d4d7b1b85cf1cc0f6803c0859348f79b96fbd86

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="ukulele-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9084
x-request-id: 6TAXU1edaKQst28EeBiRJ
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 bateria-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 7 KB
8 KB 174ms
172ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/bateria-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

81a8c2faaf160d3b5a4d7ef2763f73c361ed8c6c3fcc9e258d3f387aff562215

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="bateria-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7456
x-request-id: oNs8VanHmlvl97lXF8-OM
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 contrabaixo-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 9 KB
9 KB 119ms
117ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/contrabaixo-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bed642a636ea65103f61afc290e560d0c7141fddca44fa3087d97c8b6281517d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="contrabaixo-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9005
x-request-id: Zb64IoaCHjhL-ayhg4VWe
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 fingerstyle-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 12 KB
12 KB 180ms
178ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/fingerstyle-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b9c0cc1ec728610d8b8056922640385d1f89d00e42417b537f6f7aec0ccdc6e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="fingerstyle-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 12004
x-request-id: 2ZoAtpH7_UrzibqsXcrMo
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 teoria-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 5 KB
6 KB 181ms
179ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/teoria-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

901ed3484b7c73bf45f62170748ae78c51c1c83f0b835623a2b530fc7e69beb7

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="teoria-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 5374
x-request-id: 6d0tAA4CFseQkY5zEaooD
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 partitura-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 6 KB
6 KB 121ms
119ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/partitura-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

91ee756d52e2b61079db9e75c226c6163facdc58233ada92fc131831a47b464f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="partitura-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 5724
x-request-id: Uj-mqID4feVyFLFl7cofm
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 harmonia-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 9 KB
10 KB 181ms
180ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/harmonia-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f921e30c60eabbebc1d71747909d95b638bdf71c745d81dc286d47402743d984

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="harmonia-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9444
x-request-id: U_gqqiWURZy7cO1uo5-7w
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 guitarra-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 9 KB
9 KB 182ms
180ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/guitarra-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2c4a96b08ecfdd8f4394ffa5e8386e3ab3d1ed768030c64d22832455f0b8e8ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="guitarra-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9196
x-request-id: eK4IgvJnVTVmxR2Fi7_Sh
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 guitarra_blues-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 10 KB
10 KB 186ms
184ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/guitarra_blues-3x-2023-03-15.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

513237d505dc16f8ade46faf1f0eece35e05d994a34c15d9a14aa7da9d857a16

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:32 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="guitarra_blues-3x-2023-03-15.avif"
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 10020
x-request-id: Ky-QsL1892L7pcAGM3iV2
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
87 KB 24ms
22ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b66a5e96315503119dc4fd44a11a6a1e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

18ccd15f4451136a3a3a7a30c5991b0521908b7739179713db42ef18f61a2388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cifraclub.com.br/
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 10:03:32 GMT
content-md5: rEShnt4nHS54JDPCswx7og==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88320
reporting-endpoints
x-fb-debug: zYdVTzhUexA0Qum1cWM38cvNhcSDxyRHwN9opehVGBoCWtkTtZXm0DytKOkSwbNP1x7TZVzHmlcfLgNJsssshQ==
x-fb-content-md5: 0e316a4e60211560f61c2ab256fa7a61
cross-origin-opener-policy: same-origin-allow-popups
etag: "713e630b28cd84088f788dd4d49a3b90"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 08 Dec 2024 08:42:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
89 KB 30ms
30ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3BB4FZD3LP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1285d498cd3279edb34f0402c08b5967f5539dd60116b9df07ded8c14a87abb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90864
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 10:03:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 82ms
25ms Script
text/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 09:22:31 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2461
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Dec 2023 11:22:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 32ms
32ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-102201320-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fd1c2934b9189f3c145673b1eb8769031e59803a8fdbd9c47242773c7dda1d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68959
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Dec 2023 10:03:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 53ms
53ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-391658277&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

62f5f584c41abf3fa8e885b6e8cae690e68c30c2e1d088945fb9a6f74367ea95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74499
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Dec 2023 10:03:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 69ms
69ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-376007190&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

444e6135dcdb2ee26d10b212528c0f57e14f5b9a6c032de70c6b08a7f6bc8458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72463
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Dec 2023 10:03:32 GMT

GET
H2 200 ed469278-746b-4198-921b-c75d368907cc Show response
config.aps.amazon-adsystem.com/configs/ 537 B
814 B 81ms
24ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/ed469278-746b-4198-921b-c75d368907cc
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0fb7646d06b7161154c3a9a1d0daaf25f7a0ad5d6186fb8f1c5c3b74c58dfe48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:42:21 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1271
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: vbk6BOrJHdb7OKHFHR6QECVe4HU-OjxvYJwPXf8aO9VKVEZMlQxKzA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 36ms
35ms XHR
application/json 18.239.83.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.cifraclub.com.br&pubid=ed469278-746b-4198-921b-c75d368907cc
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-131.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 7c7731b06258428e27f94f19b7a9999e7aa67ce4c110504d0c7abc77f03e03d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:50:41 GMT
via: 1.1 7d758b616f5473c7b4bee1c49ecfa98a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
age: 7970
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1399
x-amz-cf-id: Ystxp28Dh4xKB5dQwQcU_qzvU05dufBFJBhrqglFawHH99hqDXkZxw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 190ms
132ms XHR
application/javascript 18.239.83.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
date: Sat, 09 Dec 2023 07:46:35 GMT
x-amz-cf-pop: AMS58-P5
age: 8218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: o7tsmzEBeR5gK1dGFnYxiO84Q9E6GmBr5P4jEROM9_E0av5w-CEj2g==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 432 KB
135 KB 23ms
22ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48834
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138293
x-xss-protection: 0
server: cafe
etag: 11350998454379829730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:29:38 GMT

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/f71ca18f-376e-4fdb-9d44-ab42f39b7e4b/ 2 KB
2 KB 88ms
24ms Script
text/javascript 18.66.97.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/f71ca18f-376e-4fdb-9d44-ab42f39b7e4b/launchpad-liveramp.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1293e34cf7955d387571847bc1eb3e1bbbf3e76216130dcca927b94407d04351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 4a67YMV30TlyhjL1nN4.FrVHRkaqurdi
content-encoding: gzip
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
date: Sat, 09 Dec 2023 06:59:31 GMT
x-amz-cf-pop: FRA56-P2
age: 11188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Mon, 07 Aug 2023 15:22:12 GMT
server: AmazonS3
etag: W/"40a2e6e75dc550891802657b9b2dda35"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: 9MEwO9cvuzI5YybV-FoKcSOHAErwF2KTQhTvTvE2FReUY4PQ1H0hjw==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 268ms
89ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:52:33 GMT
content-encoding: gzip
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 29460
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: jJL22F2XeXRxtnJ2jAv3VM607VQTgYz3l8HQAYeCIABOCtDT67QnUg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 39ms
39ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XBHRSMDBK4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102201320-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2029cc6fd9fb237036a9de988ad94167767e7f85967fdfc09f057a76c3d98709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81224
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 10:03:32 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/ 3 KB
1 KB 61ms
61ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/?random=1702116212359&cv=11&fst=1702116212359&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=2058028395.1702116212&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-391658277&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e5e973189341cfd0eb1b41bf2f1ea492f8c092904a5311efe7a7c3fa27a54ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 90ms
34ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3BB4FZD3LP&gtm=45je3bt0v868809808&_p=1702116212114&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=20116918.1702116212&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702116212&sct=1&seg=0&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&dt=Oasis%20%7C%20Cifra%20Club&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=13291
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3BB4FZD3LP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/ 3 KB
1 KB 64ms
64ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/?random=1702116212410&cv=11&fst=1702116212410&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=2058028395.1702116212&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-376007190&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4d9c012114fb7853ce7fce434ca2a6f05262f3c019be5686650a707a044e0b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 133 KB
51 KB 39ms
39ms Script
application/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-P6C6QNR&t=gtag_UA_446764_81&cid=20116918.1702116212

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

Google Tag Manager /

Resource Hash

65174a4c2da442ba5bb561973711add9fb989827a1f131988c51e0eb2316d4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 52081
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 10:03:32 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 119ms
29ms Script
application/javascript 18.239.83.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-58.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:13:05 GMT
content-encoding: gzip
via: 1.1 87e83cc6e8f384d40eab78133e901302.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 78628
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: rkg1_pl-oDx1YxREFinzdHMFkbWWuIPcktRAz4-_zOu5yNrJjd-b2A==

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 73 KB
21 KB 86ms
31ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:24:10 GMT
content-encoding: gzip
via: 1.1 google
age: 2362
x-guploader-uploadid: ABPtcPpREMvUNV6PbU2wpTiZdWPkcCx-Mf0VvVxmI-a9jVBa0GS4h3JQrPB_iYXBzQ7JocxsdX4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21234
last-modified: Wed, 13 Sep 2023 13:22:21 GMT
server: nginx/1.8.1
etag: "13721cc7c233ffe3299c16c1f82c8394"
vary: Accept-Encoding
x-goog-generation: 1694611341874847
x-goog-hash: md5=E3Icx8Iz/+MpnBbB+CyDlA==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 21234
accept-ranges: bytes
expires: Sat, 09 Dec 2023 11:24:10 GMT

GET
H2 200 logos.svg
akamai.sscdn.co/cc/img/desktop/ 69 KB
22 KB 64ms
39ms Image
image/svg+xml 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/logos.svg
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0874c93bc9a23ca21b5de6fe83b88fde608a3e72ff2f871228a520e5770f68e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 19:58:10 GMT
server: nginx
etag: W/"65148952-11499"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 22510
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 roboto-regular.woff2
akamai.sscdn.co/cc/font/ 19 KB
19 KB 69ms
45ms Font
application/octet-stream 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/roboto-regular.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 25ac51bd560661614f1f90a6cea5a82f526a8550afc34f725bb2471607ffa173

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
last-modified: Tue, 19 Sep 2023 15:12:51 GMT
server: nginx
etag: "6509ba73-4b88"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 19336
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 sprite.svg
akamai.sscdn.co/cc/img/desktop/ 118 KB
38 KB 63ms
41ms Image
image/svg+xml 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/sprite.svg?v=31
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 159f115c7db1557a4646c346f654d62d9147e3b661ec7c8bdbcff1d078d62b6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-debug-nocache: 0
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 14:56:06 GMT
server: nginx
etag: W/"652d4f06-1d68d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 38382
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 roboto-bold.woff2
akamai.sscdn.co/cc/font/ 19 KB
20 KB 63ms
41ms Font
application/octet-stream 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/roboto-bold.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ec62cfc76221123e1ab6ba0fdd1dd6a7b6e1919c152f67ca6e10d039b4b0f492

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
last-modified: Wed, 20 Sep 2023 12:53:49 GMT
server: nginx
etag: "650aeb5d-4cdc"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 19676
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 sprite.svg
akamai.sscdn.co/cc/img/desktop// 118 KB
38 KB 66ms
44ms Image
image/svg+xml 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop//sprite.svg?v=31
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 159f115c7db1557a4646c346f654d62d9147e3b661ec7c8bdbcff1d078d62b6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-debug-nocache: 0
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 14:56:06 GMT
server: nginx
etag: W/"652d4f06-1d68d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 38382
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 verified.svg
akamai.sscdn.co/cc/img/desktop// 1 KB
859 B 65ms
43ms Image
image/svg+xml 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop//verified.svg
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 77425a0c624cac6f784c90b7eddfaccc078aca01744acbc25ea142a43ab2c08d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-debug-nocache: 0
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 14:56:06 GMT
server: nginx
etag: W/"652d4f06-41d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 490
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 icn.svg
akamai.sscdn.co/cc/img/desktop/ 54 KB
18 KB 67ms
46ms Image
image/svg+xml 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/icn.svg?v=3
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f82fb7a91781ccc799972e3e565b454c194c1c305e78f2e0ba2e4be7b84ce7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
last-modified: Tue, 19 Sep 2023 15:12:51 GMT
server: nginx
etag: W/"6509ba73-d69f"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 17823
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 Montserrat-Bold.woff
akamai.sscdn.co/cc/font/ 85 KB
85 KB 63ms
49ms Font
application/font-woff 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/Montserrat-Bold.woff
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d5e2a3df9b4bd40c0ae5756d44b935365f06984de884b83dc812a162b9b092b1

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-debug-nocache: 0
date: Sat, 09 Dec 2023 10:03:32 GMT
last-modified: Wed, 25 Oct 2023 19:37:42 GMT
server: nginx
etag: "65396e86-15384"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 86916
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 Montserrat-Regular.woff2
akamai.sscdn.co/cc/font/ 61 KB
62 KB 151ms
138ms Font
application/octet-stream 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/Montserrat-Regular.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3737fc8d3882327f17b1e64831a922185678e38181e8eb0c5b75cfc3bc1146a9

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-debug-nocache: 0
date: Sat, 09 Dec 2023 10:03:32 GMT
last-modified: Wed, 25 Oct 2023 19:37:42 GMT
server: nginx
etag: "65396e86-f52c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 62764
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 Montserrat-ExtraBold.3b1849a0.woff2
akamai.sscdn.co/gcs/cifraclub-static/ 68 KB
68 KB 135ms
122ms Font
application/octet-stream 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/gcs/cifraclub-static/Montserrat-ExtraBold.3b1849a0.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 43151e7ead8d2cf1f507b44dadecade33fab074f1847e6447a533b25765e9ae3

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
last-modified: Mon, 30 Oct 2023 15:11:20 GMT
server: nginx
etag: "653fc798-10e70"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 69232
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 Montserrat-SemiBold.woff
akamai.sscdn.co/cc/font/ 84 KB
85 KB 133ms
133ms Font
application/font-woff 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/Montserrat-SemiBold.woff
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ddf14e7f01112832f2bf7fc86c4b5be0c9578dabd6d7fae81618b5387422065

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-debug-nocache: 0
date: Sat, 09 Dec 2023 10:03:32 GMT
last-modified: Wed, 25 Oct 2023 19:37:42 GMT
server: nginx
etag: "65396e86-15090"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 86160
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 logo_palco.svg
akamai.sscdn.co/cc/img/desktop/ 5 KB
3 KB 46ms
46ms Image
image/svg+xml 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/logo_palco.svg
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 282b5e1516d6c9ca234f2ce85e13cc85e76293cfd520fc8334815c757fc50e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
last-modified: Wed, 23 Aug 2023 19:18:23 GMT
server: nginx
etag: W/"64e65b7f-15fb"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2212
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H3 200 984a4.headerbidding.js Show response
akamai.sscdn.co/cc/js/ 361 KB
95 KB 132ms
131ms Script
application/x-javascript 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/01c04.ads-manager.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 03e7b6670a29e62d8e8a44ecf20be362d9f50313ff71e8758d90df814b325db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sun, 08 Dec 2024 10:03:32 GMT
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 97609
x-debug-nocache: 0
last-modified: Fri, 17 Nov 2023 16:17:11 GMT
server: nginx
etag: W/"65579207-5a36b"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
quic-version: 0x00000001

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 126 KB
26 KB 83ms
26ms Script
application/x-javascript 13.32.27.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/f71ca18f-376e-4fdb-9d44-ab42f39b7e4b/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1548aabd8c69698cd8f0247200a23f032283ebe6598bbc1cf166738ca8fcf332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: rdrhieZQC2WprZTCGMCd_who_ZPxalVg
content-encoding: br
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
date: Sat, 09 Dec 2023 09:46:07 GMT
last-modified: Thu, 07 Dec 2023 13:00:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1046
x-amz-server-side-encryption: AES256
etag: W/"c1b3b71914ce20f869f6824fcd85078d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: 30kGTP8BUFWODjYb1iSf700Pw2JhLMaZ9izO9ZfXW11nkddvz1Nd0Q==

GET
H2 200 /
www.google.com/pagead/1p-user-list/391658277/ 42 B
455 B 88ms
36ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/391658277/?random=1702116212359&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNUv8yA4gt7Jl93TJqta2or4yAu1ZjkA&random=2942034477&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/391658277/ 42 B
455 B 93ms
38ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/391658277/?random=1702116212359&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNUv8yA4gt7Jl93TJqta2or4yAu1ZjkA&random=2942034477&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 401 sponsor Show response
master.cifraclub.com.br/api/v3/ 0
146 B 859ms
230ms Fetch 177.54.145.110
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/api/v3/sponsor
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/2419b.desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.110 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx / CifraClubAPI/93a5a218
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Sat, 09 Dec 2023 10:03:33 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/93a5a218
content-length: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
53 KB 49ms
24ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/2419b.desktop.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 10:03:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: PMMlqcpB+xmaeWhGO40xz1wRJk+ndFsULBabwMv0y17eq8YK1PYJkRAP5eFkHnOyEW+Ot1YzyJ9fV6DeLbWs/w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 d2360.desktopArtist.js Show response
akamai.sscdn.co/cc/js/ 12 KB
4 KB 94ms
94ms Script
application/x-javascript 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/d2360.desktopArtist.js
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/2419b.desktop.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2df80d186eff42cfb081ee0bc6ec2905077808d678e695d6ba9829f9aa70791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sun, 08 Dec 2024 10:03:32 GMT
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 3672
x-debug-nocache: 0
last-modified: Tue, 24 Oct 2023 13:24:49 GMT
server: nginx
etag: W/"6537c5a1-3157"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
quic-version: 0x00000001

GET
H3 200 thumb-art.svg
akamai.sscdn.co/cc/img/desktop/ 3 KB
2 KB 102ms
101ms Image
image/svg+xml 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/thumb-art.svg?v=3
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e7284125e6c80cdc9129ab8916fdf6a5d3ae5cd6b6e23774062b8ce3fa716043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

quic-version: 0x00000001
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1682
last-modified: Wed, 27 Sep 2023 19:58:10 GMT
server: nginx
etag: W/"65148952-d6c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/376007190/ 42 B
108 B 35ms
34ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/376007190/?random=1702116212410&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNLrBMONCWRNnSzzOGxO0MvbngeKr1qg&random=3713390838&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/376007190/ 42 B
108 B 37ms
36ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/376007190/?random=1702116212410&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNLrBMONCWRNnSzzOGxO0MvbngeKr1qg&random=3713390838&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 35ms
35ms Image
text/plain 18.239.83.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1702116212765&ns_c=UTF-8&c7=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&c8=Oasis%20%7C%20Cifra%20Club&c9=
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-58.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
via: 1.1 87e83cc6e8f384d40eab78133e901302.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: 7uMDhyN84Qc6MaeED_63mt1kX20inKzgyl8ZDz7qzZlRHk0U3azTPQ==
x-cache: Miss from cloudfront

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
338 B 161ms
64ms XHR
application/json 34.248.85.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.85.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-85-3.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7053d70aef711c66662b8f49117974938629d4b3b2eadeb0f94ddb927ba5e881

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache
x-server: 10.45.16.40
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
30ms XHR
text/plain 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1692951825&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&ul=en-us&de=UTF-8&dt=Oasis%20%7C%20Cifra%20Club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUADQAAAACAAIAB~&jid=221606702&gjid=579593418&cid=20116918.1702116212&tid=UA-446764-81&sf=10&_gid=556162925.1702116212&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=Deslogado&cd2=Nunca&cd3=pt&jsscut=1&z=1561515967

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
608 B 23ms
23ms Fetch
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Dec 2023 02:00:21 GMT
via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront), 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 28991
x-amzn-requestid: 3a290c0f-3cd4-4a1e-bcac-e5667b311d84
x-amzn-trace-id: Root=1-6573ca35-412bfe931b03592f642bc282;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: PpyIaHVzjoEEatw=
content-length: 28
x-amz-cf-id: XoAjJ6yPZ0znS0e4YIjr1tlGNqrLQKdzpt2RTUZKkzcndyxQfVzADA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 110ms
52ms Preflight
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sat, 09 Dec 2023 10:03:32 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront), 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-apigw-id: Pq46TE1SDoEES2w=
x-amz-cf-id: 0HEjXavN99bssoTunHLiyCVji8IV12aHA2SdyNUjwgNk0cShoNhuLg==
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-amzn-requestid: a7d53ff3-7fe7-4820-a585-b544aa3325f3
x-cache: Miss from cloudfront

GET
H3 200 727884491260161 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 153ms
152ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/727884491260161?v=2.9.138&r=stable&domain=www.cifraclub.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

8ec200d236508e55b071298e107025d9b969700c45debdae4989801954f45623

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 10:03:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: X62Q5VXyA7x/5/gyI/pjzQmEt54nqda0C+kq2eFM5ZWf4Df2lL7RM06kKu1Bu+zSvwzUBg8ffPqKu51vzZjatQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 253ms
180ms XHR
text/plain 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-446764-81&cid=20116918.1702116212&jid=221606702&gjid=579593418&_gid=556162925.1702116212&_u=aCDAAUACQAAAACAAIAB~&z=2071337641

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 09 Dec 2023 10:03:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 401 sponsor Show response
master.cifraclub.com.br/api/v3/ 0
146 B 735ms
229ms Fetch 177.54.145.110
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/api/v3/sponsor
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.110 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx / CifraClubAPI/93a5a218
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Sat, 09 Dec 2023 10:03:33 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/93a5a218
content-length: 0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 73ms
29ms XHR
application/json 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231209

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e758e62d670591b92085ec18737455d389542f99b5f11fe5faba22dfd5733c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21757
x-jsd-version: 1.0.1898
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230113-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"636-y9eIXFcitx+9VFWtZsm4fbLDuTU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYnNZyoRwfYywFyZYd%2BL0g9EC7Mp11BPD0U3Bm4B4EU2%2B0SgNpR1v2Bt82FbsAoHXHkin6Pcec%2BO%2Fpat%2FEKfp%2B4pDCIODPtJ9rZ7Vd%2FzXfyluxaenc4SiWutoX1zFb%2FJb30%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 832c6b3aa92f04a3-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 118ms
64ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&pid=UWvW3plFQRk7H&cb=0&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22pub-cc-capa2_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x150%22%2C%22970x250%22%2C%221055x250%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A970x90%3Acapa%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-internas_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x150%22%2C%22970x250%22%2C%221055x250%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A728x90%3Ainternas%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-internasSquare_ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A300x250%3Ainternas%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-dynamicVertical_ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3AdynamicVertical%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-floatingAds_ad%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3AfloatingAds%22%7D%2C%7B%22sd%22%3A%22pub-cc-desktopFixed_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A728x90%3AdesktopFixed%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-bandsintown--artist_above_ad%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A320x50%3Aartista%3Areload%22%7D%5D&pubid=ed469278-746b-4198-921b-c75d368907cc&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: 2MZ0MB8404AG62FQ9R1S
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 9YgQ66YoWXa7ohXxPC_c3tIUZxnGZvlTA1qw69xh8Nwx7aDEVbfr6A==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 187ms
113ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Sat, 09 Dec 2023 10:03:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 13 KB
8 KB 381ms
305ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15546&site_id=101124&zone_id=1047730%3B1047736%3B1047732%3B673500%3B1924340%3B2850432&size_id=2%3B2%3B15%3B15%3B2%3B43&alt_size_ids=55%2C57%3B55%2C57%3B16%3B9%2C10%2C16%3B55%3B&eid_pubcid.org=d050ade3-b5e5-41bf-a1d3-de447c9db46b%5E1&rf=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&kw=Oasiscifras%2COasis%2Ccifra%2Cletracifrada%2Cletras%2Ctablatura%2Ctab%2Csolo%2Criff&tg_i.page=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&tg_i.domain=cifraclub.com.br&tk_flint=pbjs_lite_v7.39.0&x_source.tid=a0a32bfc-2cbc-410c-91dc-79a045759558%3B6cdbccb8-e33d-4ffd-9e09-a21d8d038bbe%3B365cd8f0-ea7a-436e-8384-e63016bc8193%3Ba1cdc2c0-aa1f-4cf1-a323-1c3fd284068b%3B7ed78428-a4aa-416d-92aa-994bae4b5b3b%3B041a9512-e61d-49f2-a3bd-822d5601ca54&l_pb_bid_id=91e6b382785cc5%3B106b64c0aaf4d3d%3B119e1051d63f278%3B122a33a3be8e90b%3B1307f25b67a3e62%3B142688101693fc5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=6&rand=0.6083686006583942
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0f1cc3140564fa9e19a7744a1c8390ab2f302432e204ab1985aea9dcd4167b22

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:33 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 425ms
372ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMSRPRR
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 40adf7eaae90847af4f5dcca72421a43f399d93a5216bb79512837fe62e2905d

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 10:03:32 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
374 B 1027ms
967ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 09 Dec 2023 10:03:33 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
568 B 616ms
128ms XHR
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
342 B 522ms
34ms XHR
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 624ms
135ms XHR
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 649ms
161ms XHR
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 606ms
120ms XHR
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 632ms
144ms XHR
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:32 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 698 B
1 KB 182ms
121ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

bb33d80819e6c246cb6eec4ee446044fa4fbb5e2ee6e437e808d0048c1ac3cb4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:33 GMT
content-encoding: gzip
an-x-request-uuid: 8a42d24e-5bbb-4ced-961d-34a9bdbb63f4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.184; 84.19.175.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 401 sponsor Show response
master.cifraclub.com.br/api/v3/ 0
146 B 679ms
230ms Fetch 177.54.145.110
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/api/v3/sponsor
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/2419b.desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.110 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx / CifraClubAPI/93a5a218
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Sat, 09 Dec 2023 10:03:33 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/93a5a218
content-length: 0

GET
H2 200 default.jpg
img.youtube.com/vi/X8ng4_7sZeg/ 4 KB
4 KB 93ms
39ms Image
image/jpeg 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/X8ng4_7sZeg/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

d355dc0bccc68e3eca035be49bc47f8813af00025856ea78b24e05f5405f5db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3683
x-xss-protection: 0
server: sffe
etag: "1657112391"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Dec 2023 12:03:32 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/0zAiP4x9xUU/ 3 KB
4 KB 90ms
36ms Image
image/jpeg 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/0zAiP4x9xUU/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

def188706410d20cdd773895932b9d54a3a8d55b93411f39165629400d5ef13c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3574
x-xss-protection: 0
server: sffe
etag: "1657112463"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Dec 2023 12:03:32 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/sw-l2PBSJLU/ 4 KB
4 KB 91ms
37ms Image
image/jpeg 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/sw-l2PBSJLU/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

479982149be5e64014364f19ee0ab6211f0ee3e717f0d435dd79c0ee171ec4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3726
x-xss-protection: 0
server: sffe
etag: "1657112392"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Dec 2023 12:03:32 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/lMghBT8iZlU/ 4 KB
4 KB 120ms
66ms Image
image/jpeg 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/lMghBT8iZlU/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

1cb039486b4c314d859125a12dccbe850384377459d2c8d4d7b7660d55bf51d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:33 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4112
x-xss-protection: 0
server: sffe
etag: "1657112404"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Dec 2023 12:03:33 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/yk_w0TC63a4/ 4 KB
4 KB 113ms
59ms Image
image/jpeg 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/yk_w0TC63a4/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

30f4c911942466581dab2a4eb1f974829aa217a1d0f559df48bb15a6696a3965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:33 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4080
x-xss-protection: 0
server: sffe
etag: "1657112380"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Dec 2023 12:03:33 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/Sfm95urr4Rc/ 4 KB
4 KB 96ms
43ms Image
image/jpeg 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Sfm95urr4Rc/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

3b534c83e1cd3b6fc573b9b2b2f42500282c91d0f75d8b4839db5632b6d82232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3823
x-xss-protection: 0
server: sffe
etag: "1657112379"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Dec 2023 12:03:32 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/2WA7nH5jwUQ/ 4 KB
4 KB 36ms
36ms Image
image/jpeg 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/2WA7nH5jwUQ/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

3b534c83e1cd3b6fc573b9b2b2f42500282c91d0f75d8b4839db5632b6d82232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3823
x-xss-protection: 0
server: sffe
etag: "1657113037"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Dec 2023 12:03:32 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/2omaEbJvuTo/ 4 KB
4 KB 33ms
33ms Image
image/jpeg 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/2omaEbJvuTo/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

5ecbc7b923367cbe0a0e615c5aa1bc0f9e28bf84819ef8fb5cad5d9fc17ac609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3725
x-xss-protection: 0
server: sffe
etag: "1657113316"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Dec 2023 12:03:32 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/cuoGwkQCcQw/ 4 KB
4 KB 50ms
50ms Image
image/jpeg 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/cuoGwkQCcQw/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

df71b390ca8b86d284e2e5f24b13f41f7591fa827c10ebaf4e8cc75dc818d3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:33 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3745
x-xss-protection: 0
server: sffe
etag: "1657113138"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Dec 2023 12:03:33 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/NmhsObul9UA/ 4 KB
4 KB 57ms
56ms Image
image/jpeg 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/NmhsObul9UA/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

b281b694ec639957a0f1451cf73308b092ebedd95752289842ebd8496bb11aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:33 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
server: sffe
etag: "1657112314"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Dec 2023 12:03:33 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/D8dkrHnQwWQ/ 5 KB
5 KB 54ms
53ms Image
image/jpeg 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/D8dkrHnQwWQ/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

c4b9a84583357b76159da1d03f909c5ca0423f0c815fdf193d9607c8061bc950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:33 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4779
x-xss-protection: 0
server: sffe
etag: "1657112262"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Dec 2023 12:03:33 GMT

GET
H3 200 Roboto-Bold.woff2
akamai.sscdn.co/gcs/studiosol-marketing/fonts/roboto/ 64 KB
64 KB 55ms
55ms Font
application/octet-stream 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/gcs/studiosol-marketing/fonts/roboto/Roboto-Bold.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/id/v2/3d130.client.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741

Request headers

Referer: https://akamai.sscdn.co/id/v2/3d130.client.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

quic-version: 0x00000001
date: Sat, 09 Dec 2023 10:03:32 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 65972
last-modified: Thu, 10 Sep 2020 19:32:09 GMT
server: nginx
etag: "5f5a7f39-101b4"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H3 200 Roboto-Regular.woff2
akamai.sscdn.co/gcs/studiosol-marketing/fonts/roboto/ 64 KB
64 KB 115ms
115ms Font
application/octet-stream 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/gcs/studiosol-marketing/fonts/roboto/Roboto-Regular.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/id/v2/3d130.client.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Request headers

Referer: https://akamai.sscdn.co/id/v2/3d130.client.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

quic-version: 0x00000001
date: Sat, 09 Dec 2023 10:03:32 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 65916
last-modified: Thu, 10 Sep 2020 19:32:11 GMT
server: nginx
etag: "5f5a7f3b-1017c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 08 Dec 2024 10:03:32 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 206 KB
80 KB 137ms
70ms Script
application/javascript 64.233.167.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: id.cifraclub.com.br
URL: https://id.cifraclub.com.br/id/v2/pt-br/client.latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f84.1e100.net

Software

ESF /

Resource Hash

aef79460d9d38f7a5349a194da19ef705d97dba070b4741344188a1f43edf015

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HKrdvTIBCrku-a1xGf7jvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-HKrdvTIBCrku-a1xGf7jvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sat, 09 Dec 2023 10:03:33 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/ 3 KB
1 KB 61ms
60ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/?random=1702116213020&cv=11&fst=1702116213020&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=2058028395.1702116212&uamb=0&uaw=0&data=event%3DDesktop%3Bevent_category%3DLGPD&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-391658277&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

07c71ed14b6a524f7c6943b6f53abd96915ffd60f34cad20dd13bee8ab486c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/ 3 KB
1 KB 60ms
60ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/?random=1702116213025&cv=11&fst=1702116213025&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=2058028395.1702116212&uamb=0&uaw=0&data=event%3DDesktop%3Bevent_category%3DLGPD&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-376007190&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2fd4b885cbab9959c8951a1928462e1386db4ffbe82629313b7eee87bf22a87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1280
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 32ms
31ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XBHRSMDBK4&gtm=45je3bt0v9124943832&_p=1702116212114&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=20116918.1702116212&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1702116213&sct=1&seg=0&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&dt=Oasis%20%7C%20Cifra%20Club&en=Desktop&_fv=1&_ss=1&_ee=1&ep.event_category=LGPD&up.login=Deslogado&up.subscription=free&tfd=13932
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XBHRSMDBK4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
master.cifraclub.com.br/geoip/ 2 B
245 B 556ms
228ms Fetch
text/plain 177.54.145.110
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/geoip/country
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/2419b.desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.110 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:33 GMT
server: nginx
access-control-allow-methods: POST, GET, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept
content-length: 2

GET
H3 200 loading.gif
akamai.sscdn.co/cc/img/desktop// 17 KB
17 KB 51ms
50ms Image
image/gif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop//loading.gif
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-80.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 778f6c203a6a2ea31e4cb3aa28a07e5e4d259a553807f9b2d8149f46e9483079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

quic-version: 0x00000001
date: Sat, 09 Dec 2023 10:03:33 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 17309
last-modified: Wed, 27 Sep 2023 19:58:10 GMT
server: nginx
etag: "65148952-439d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 08 Dec 2024 10:03:33 GMT

GET
H/1.1 200
OK 11 Show response
api.cifraclub.com.br/v3/comments/artist/ 1 KB
1 KB 1690ms
1494ms Fetch
application/json 95.101.54.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cifraclub.com.br/v3/comments/artist/11
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/2419b.desktop.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-243.deploy.static.akamaitechnologies.com
Software: nginx / CifraClubAPI/93a5a218
Resource Hash: 3c16fb350617fbae01d980ff008cb6b803f9e5e1db80470081940270498d3718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:03:34 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: CifraClubAPI/93a5a218
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: https://www.cifraclub.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Authorization,cookie
Content-Length: 621

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
23ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1692951825&t=event&_s=2&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&ul=en-us&de=UTF-8&dt=Oasis%20%7C%20Cifra%20Club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LGPD&ea=Desktop&_u=aCDAAUADQAAAACAAIAB~&jid=&gjid=&cid=20116918.1702116212&tid=UA-446764-81&sf=10&_gid=556162925.1702116212&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=Deslogado&cd2=Nunca&cd3=pt&jsscut=1&z=446483964

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 02:44:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26368
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 50ms
49ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-446764-81&cid=20116918.1702116212&jid=221606702&_u=aCDAAUACQAAAACAAIAB~&z=844089303

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 47ms
47ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-446764-81&cid=20116918.1702116212&jid=221606702&_u=aCDAAUACQAAAACAAIAB~&z=844089303

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 69ms
23ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727884491260161&ev=PageView&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&rl=&if=false&ts=1702116213166&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1702116213166.1130085405&ler=empty&it=1702116212815&coo=false&rqm=GET

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 09 Dec 2023 10:03:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 bundle.js Show response
d335luupugsy2.cloudfront.net/scout/ 45 KB
14 KB 821ms
821ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/scout/bundle.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-version-id: xvE1oD7N95F7Ryla0IJ0XqZzWjVm9lt6
last-modified: Thu, 28 Jan 2021 17:27:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: W/"88819ce057f99124674a75d611e4f53a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-amz-cf-id: gxsaogHI6uz4jzAXYbH1dZDzs6WijagRTXQoXQBUwVfxjQB36KgGRg==

GET
H2 200 /
www.google.com/pagead/1p-user-list/391658277/ 42 B
108 B 37ms
37ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/391658277/?random=1702116213020&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3DDesktop%3Bevent_category%3DLGPD&fmt=3&is_vtc=1&cid=CAQSKQDICaaNrRx6JQzvanBn-uWYDk4OuiLTywFc4iU_0E-xQXlsGPntJpon&random=1464638790&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/391658277/ 42 B
108 B 38ms
37ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/391658277/?random=1702116213020&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3DDesktop%3Bevent_category%3DLGPD&fmt=3&is_vtc=1&cid=CAQSKQDICaaNrRx6JQzvanBn-uWYDk4OuiLTywFc4iU_0E-xQXlsGPntJpon&random=1464638790&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/376007190/ 42 B
108 B 36ms
36ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/376007190/?random=1702116213025&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3DDesktop%3Bevent_category%3DLGPD&fmt=3&is_vtc=1&cid=CAQSKQDICaaN4JlzdDvSrCa2iGp_vaSi3G7PgXRRJWljpji7OMwQD8ohbNyn&random=3902932034&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/376007190/ 42 B
108 B 38ms
38ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/376007190/?random=1702116213025&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3DDesktop%3Bevent_category%3DLGPD&fmt=3&is_vtc=1&cid=CAQSKQDICaaN4JlzdDvSrCa2iGp_vaSi3G7PgXRRJWljpji7OMwQD8ohbNyn&random=3902932034&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 54ms
53ms Stylesheet
text/css 64.233.167.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f84.1e100.net

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-kqIPZzs4KWX0lNna6mP7iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-kqIPZzs4KWX0lNna6mP7iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sat, 09 Dec 2023 10:03:33 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
530 B 51ms
51ms XHR
application/json 64.233.167.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=1030638109871-ffp7d0aeu1q12ufr2d7teht7av9i6ufq.apps.googleusercontent.com&as=dZWW5eaxsEsEr7SruWzV1A

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f84.1e100.net

Software

ESF /

Resource Hash

a2403d259fed20292572c581434a550eb18dd295d06d1132920ec20834933c27

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TRnahbRml2UixmxxB8eqaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-TRnahbRml2UixmxxB8eqaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 394 KB
114 KB 941ms
940ms Fetch
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2095688612226720&correlator=4088716445906597&eid=31079525%2C44809721&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=3697496%2Ccifraclub%3A970x90%3Acapa%3Areload%2Ccifraclub%3A728x90%3Ainternas%3Areload%2Ccifraclub%3A300x250%3Ainternas%3Areload%2Ccifraclub%3AdynamicVertical%3Areload%2Ccifraclub%3AfloatingAds%2Ccifraclub%3Abg%2Ccifraclub%3AInterstitial%3Adesk%2Ccifraclub%3AcustomAds%2Ccifraclub%3A728x90%3AdesktopFixed%3Areload%2Ccifraclub%3A320x50%3Aartista%3Areload&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=728x90%7C970x90%7C970x150%7C970x250%7C1055x250%2C728x90%7C970x90%7C970x150%7C970x250%7C1055x250%2C300x250%7C336x280%2C300x250%7C300x600%7C160x600%7C336x280%2C1x1%2C1x1%2C1x1%2C1x1%2C728x90%7C970x90%2C320x50&ifi=1&sfv=1-0-40&fsbs=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&ists=60&fas=0%2C0%2C0%2C0%2C0%2C0%2C8%2C0%2C0%2C0&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702116213935&lmt=1702116213&adxs=436%2C436%2C1090%2C1090%2C0%2C0%2C-9%2C0%2C436%2C1080&adys=13111%2C102%2C417%2C3244%2C1200%2C1200%2C-9%2C1200%2C1110%2C347&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0%7C2%7C3%7C4%7C-1%7C5%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&vis=1&psz=1295x0%7C1295x0%7C415x0%7C415x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C728x-1%7C320x0&msz=728x0%7C728x0%7C300x0%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C728x-1%7C320x0&fws=0%2C0%2C0%2C512%2C512%2C512%2C2%2C512%2C512%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=20116918.1702116212&ga_sid=1702116214&ga_hid=1692951825&ga_fc=true&dlt=1702116212093&idt=353&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.43%26hb_adid_rubicon%3D390e91c574292bb%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.43%26hb_adid%3D390e91c574292bb%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%7C%7C%7C%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&cust_params=reload%3D0%26page_visibility%3D1%26viewport_height%3D1200%26viewport_width%3D1600%26connection%3D4g%26page%3Dartista%26artista%3Doasis%26idioma%3Dpt%26domain%3Dwww.cifraclub.com.br&adks=1256583580%2C70520306%2C1414448433%2C1074996685%2C3836274097%2C2615809906%2C31671829%2C2750821183%2C3249029758%2C4164029453&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ddd297dc7f4f638ea0116934818a16c8d379a2c4d7bf096e28a41b089ce466ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116870
x-xss-protection: 0
google-lineitem-id: 6244215731,-1,-1,-2,-2,-2,-1,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425323356,-1,-1,-2,-2,-2,-1,-2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B3B2 6 KB
3 KB 128ms
59ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:34 GMT
expires: Sun, 08 Dec 2024 10:03:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 39 KB
14 KB 21ms
20ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4005
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13834
x-xss-protection: 0
server: cafe
etag: 17155732702192029938
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Dec 2024 08:56:48 GMT

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 22ms
21ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
date: Sat, 09 Dec 2023 05:02:29 GMT
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 18066
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: olEdoSbd4I_yYWSg5et2PrDH6sWQtVqsC_vuAEtP_9Rxkc02t4xKIg==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 23ms
22ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:50:49 GMT
x-amz-version-id: QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 17:04:37 GMT
server: AmazonS3
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"dae3ed517b23abad11d0bd6b79f24080"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 25966
x-amz-cf-id: uNCMaGxR_TQGo79RA9vhjyYvtXgrlUMxmBOFoIsywjGmkNfILz8ysw==

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 28ms
27ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:29:39 GMT
content-encoding: gzip
age: 38035
x-guploader-uploadid: ABPtcPpEZvk7czUCgXbiztEnxVX4Uv8uimy-K0D5cXHLaElBP0KHrtfY02VzcYCMGdOdT0jdQNA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6116
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash: crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation: 1694696370171925
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6116
accept-ranges: bytes
expires: Sat, 09 Dec 2023 23:29:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 40ms
40ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-931232517

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

81155f395a4803d786b6dd72933dd5e44ac01c5bf7a9c57e6b04a5ec49ccd5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74590
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Dec 2023 10:03:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 47ms
47ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8522541018da32806c183c3c61005178d84d33ad681cfd1d4ea98cad997746eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80962
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Dec 2023 10:03:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 66ms
66ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ecaf9786b37e35c90c172ecc4d5dcd3e895e81d1766b09c67f984ac43af6969f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80998
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Dec 2023 10:03:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 47ms
47ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

843b2adb2755e2ce1e31ba43d0288c3353118c28e1300f648eab94c779d970b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81108
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Dec 2023 10:03:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 73ms
73ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b3a0c298c99a1608c2e10279d0be9701f184b1e45ee82ebf6121b381a8d8d95b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83383
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Dec 2023 10:03:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 70ms
70ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b1812bed29b6d4fe1ee6acbfc18306625e0432b97c065bf8ca4c876ae6b644eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72512
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Dec 2023 10:03:34 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 131ms
74ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

4b9f523c5b41cc16454ef5f93f478a2cf6d79e26fa2410dec93264d69e1c66df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12088
x-xss-protection: 0

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
622 B 549ms
177ms XHR
text/html 35.223.116.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.116.223.35.bc.googleusercontent.com

Software

Resource Hash

a61001fdab2b5fb9c913546598136b598b3a1dd67139e4bf5d861cd5c99b3107

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/ Frame 0
0 98ms
38ms Preflight
text/html 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.cifraclub.com.br
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 09 Dec 2023 10:03:34 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/ 629 B
687 B 291ms
291ms Fetch
application/json 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

ESF /

Resource Hash

92632556d181946b918e0a32fd1cb80099d7620c950c4dc38e1026852de2129f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://www.cifraclub.com.br/
x-goog-api-key: AIzaSyD2I8uP0YAQbvdfovfJrBhJN48fh468rJw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: application/json

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 497
x-xss-protection: 0

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 25ms
25ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:08:21 GMT
content-encoding: gzip
age: 46513
x-guploader-uploadid: ABPtcPrvHpePaKdqjPs4ZG9WahwxG4QEuLYVwsUt9vy9ZIdh_SQBWc0pg2Uwn22p--Cu_tie-3ERkxmXUw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash: crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation: 1694696370056280
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8334
accept-ranges: bytes
expires: Sat, 09 Dec 2023 21:08:21 GMT

GET
H2 200 trk
tt-9964-3.seg.t.tailtarget.com/ 70 B
680 B 173ms
124ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:par-cifraclub:1|_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1702116214&tM=direct&tL=direct&tN=direct&tY=3&tZ=529577326
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
488 B 174ms
122ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 91e132de4aff8aaddb6b3ad39d1d4ee874b9af6037a5e88e8a425f2d8f6048e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 3 KB
1 KB 59ms
59ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1702116214362&cv=11&fst=1702116214362&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=2058028395.1702116212&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

bbdcddbb306bdedcdd069f454c0c766bb68d6e1cfb6df66deb23c478234bb6fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1276
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 3 KB
1 KB 59ms
59ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1702116214388&cv=11&fst=1702116214388&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=2058028395.1702116212&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3d23d098e5ded670710398ec3eceda9d070dfe2753d9e8735af92c6cfd68910f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1269
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 118ms
68ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 10:03:34 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 3 KB
1 KB 61ms
61ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1702116214411&cv=11&fst=1702116214411&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=2058028395.1702116212&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801247112

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

289b000444f6b24ce80580d8edc63d446375da2b2fb25c6e1795b9f54fa47fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1275
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/814785950/ 42 B
64 B 35ms
34ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814785950/?random=1702116214362&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNxdasco3vlCVlcL1pwF9ChGOqAMqRzqeWcjiKBMkjtYqdCEu-&random=3763283392&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/814785950/ 42 B
64 B 36ms
36ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814785950/?random=1702116214362&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNxdasco3vlCVlcL1pwF9ChGOqAMqRzqeWcjiKBMkjtYqdCEu-&random=3763283392&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/AW-931232517/ 42 B
64 B 36ms
36ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1702116214388&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNN0-T6g_Yqy0-89l89Vq7tZvU4KeVCxL7dzffe8RHvEKPxtWS&random=1511220932&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/AW-931232517/ 42 B
64 B 34ms
33ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1702116214388&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNN0-T6g_Yqy0-89l89Vq7tZvU4KeVCxL7dzffe8RHvEKPxtWS&random=1511220932&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/801247112/ 42 B
64 B 35ms
34ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801247112/?random=1702116214411&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNLfwjZu0eiJJ4Z4w7oPz_UrSMtLDMMuntbvKUZQzBCrYYUl1R&random=1246213472&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/801247112/ 42 B
64 B 34ms
34ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801247112/?random=1702116214411&cv=11&fst=1702116000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNLfwjZu0eiJJ4Z4w7oPz_UrSMtLDMMuntbvKUZQzBCrYYUl1R&random=1246213472&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 92 B
533 B 124ms
124ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=2&tU=0100007F763B7465E806CD6A02E66908&tX=b.52&tZ=923932733
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 41b6a8dc410661d05df3bac202e4e88d4be990193ecd012a498146271ab8e6b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DDC1 13 KB
5 KB 22ms
21ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 23:42:12 GMT
expires: Sat, 07 Dec 2024 23:42:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4687 829 B
560 B 34ms
33ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

775f5223d53b606d96bdf0f8b71b09ca0d6bff28508880d6708e3c33ca98a883

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sSebRVwL6uhqBzggCtZPJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sSebRVwL6uhqBzggCtZPJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:34 GMT
expires: Sat, 09 Dec 2023 10:03:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame DDC1 39 KB
15 KB 70ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 18:50:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4687 0
0 81ms
58ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=2095688612226720&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 202 KB
56 KB 25ms
24ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83952115381c2cdde2f36cd1d256ec2e19f3c45c45cb52747b11abc7fcc2eaca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:12:23 GMT
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-version-id: oomtdpM6oP_XzYJszm90PPsmQplWgfJZ
last-modified: Wed, 23 Aug 2023 17:09:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 60671
etag: "051eaa8016019d816c2ed2a9645c6935"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 56782
x-amz-cf-id: ZO8012eD32rGulIeaqOPsZWp7m6tL70STk7kr00VKGhVzn18kTjPJQ==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DDC1 0
10 B 22ms
22ms Image
text/plain 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hSVOEQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 13 B
248 B 586ms
204ms XHR
application/json 34.68.90.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://popups.rdstation.com.br/popup/show.json?account_id=435534&uniq=_6ppwvhxby&ref=aHR0cHM6Ly93d3cuY2lmcmFjbHViLmNvbS5ici9vYXNpcy8%3D

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

188.90.68.34.bc.googleusercontent.com

Software

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=7776000
date: Sat, 09 Dec 2023 10:03:35 GMT
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
content-length: 13

GET
H3 200 41821520942.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/8/2/ 825 B
852 B 90ms
89ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/8/2/41821520942.jpg

Protocol

Security

QUIC, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b9c77e2af07a3ed44291f27fc4ed0aeb924ce68062ebd4334b4f1a25093c1236

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

quic-version: 0x00000001
content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:34 GMT
content-disposition: inline; filename="41821520942.avif"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 825
x-request-id: epPCJv7bJMk65yRdYXAWH
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 08 Dec 2024 10:03:34 GMT

GET
H3 200 39118139871.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/8/9/ 910 B
937 B 87ms
87ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/8/9/39118139871.jpg

Protocol

Security

QUIC, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7b925405d4f26f334cfa297d693df8fa29c67273b7574122c4566cbf8b115aab

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

quic-version: 0x00000001
content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:34 GMT
content-disposition: inline; filename="39118139871.avif"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 910
x-request-id: yYz4k55OThWDfaCnqVL5L
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 08 Dec 2024 10:03:34 GMT

GET
H3 200 39501721926.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/2/4/ 2 KB
2 KB 86ms
86ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/2/4/39501721926.jpg

Protocol

Security

QUIC, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

abe1befc84344451d90492779fc73a2e13b5ba88c9b413431cb702345dbfd621

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

quic-version: 0x00000001
content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:34 GMT
content-disposition: inline; filename="39501721926.avif"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1747
x-request-id: sTBm5B9GG6ovPk3E8ZALV
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 08 Dec 2024 10:03:34 GMT

GET
H3 200 38989123692.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/6/2/ 2 KB
2 KB 95ms
95ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/6/2/38989123692.jpg

Protocol

Security

QUIC, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

362ebd155f136aaef66cbea0731b4172fa0840542b52fbc9dab3f5991204cb30

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

quic-version: 0x00000001
content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:34 GMT
content-disposition: inline; filename="38989123692.avif"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1697
x-request-id: Q-lStxqP2C7tZs0pSGafr
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 08 Dec 2024 10:03:34 GMT

GET
H3 200 38809746892.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/5/2/ 1 KB
1 KB 88ms
88ms Image
image/avif 2.21.74.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akamai.sscdn.co/tb/75x75/ccid-avatar/5/2/38809746892.jpg

Protocol

Security

QUIC, , AES_256_GCM

Server

2.21.74.80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-74-80.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d59bda1d7b4fc1afa89a80bbdbdbde352ee0715498e81864f74066639d7b17a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

quic-version: 0x00000001
content-security-policy: script-src 'none'
date: Sat, 09 Dec 2023 10:03:34 GMT
content-disposition: inline; filename="38809746892.avif"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1272
x-request-id: ZWDE4CnobDeXtPNcR-_17
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 08 Dec 2024 10:03:34 GMT

POST
H3 200 fireperf:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/ 1 KB
503 B 240ms
239ms Fetch
application/json 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/fireperf:fetch?key=AIzaSyD2I8uP0YAQbvdfovfJrBhJN48fh468rJw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

ESF /

Resource Hash

45810e801cb08b31e14f7a5dec400d9d28a7468032dff660aa4d9d882e78821b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
Authorization: FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6MTA0NjU0MTE0ODQ2MTp3ZWI6ZTAzZjU2N2QxYTAyZDM4ZWI2YjNhNCIsImV4cCI6MTcwMjcyMTAxNCwiZmlkIjoiY2VvNk5pVXdMUWoybmloSjF3NVJ0UCIsInByb2plY3ROdW1iZXIiOjEwNDY1NDExNDg0NjF9.AB2LPV8wRgIhAN-Duz3oVlgQAJRtlRFsG6eoUkbX0i6ngvccQyVBFd2ZAiEAnUpS3mmr0gFbXpi50U24RZy0CT4uNVZES2y21XkhWOg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-integral-accord-651-fireperf-fetch--322601489
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 479
x-xss-protection: 0

OPTIONS
H2 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/ Frame 0
0 40ms
33ms Preflight
text/html 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/fireperf:fetch?key=AIzaSyD2I8uP0YAQbvdfovfJrBhJN48fh468rJw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.cifraclub.com.br
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 09 Dec 2023 10:03:34 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 ca Show response
tt-9964-3.seg.t.tailtarget.com/ 83 B
117 B 124ms
124ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=790204488
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 53ee10278a7f8a3ca21a883e03f4b0ff61e253ff8a41c07c22db6e3450618fb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tr
www.facebook.com/ 0
54 B 27ms
26ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 09 Dec 2023 10:03:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

doubleclick
cm.t.tailtarget.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEHnXwBrLoLxJjBIygrSIo4s&google_cver=1&google_ula=862479430,0

70 B
365 B

126ms
125ms

Image
image/png

34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEHnXwBrLoLxJjBIygrSIo4s&google_cver=1&google_ula=862479430,0
Protocol: H2
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
via: 1.1 google
server: nginx/1.17.8
content-type: image/png
cache-control: no-cache
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEHnXwBrLoLxJjBIygrSIo4s&google_cver=1&google_ula=862479430,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F043 6 KB
3 KB 26ms
25ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:34 GMT
expires: Sun, 08 Dec 2024 10:03:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 999B 6 KB
3 KB 24ms
24ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:34 GMT
expires: Sun, 08 Dec 2024 10:03:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 33ms
33ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3BB4FZD3LP&gtm=45je3bt0v868809808&_p=1702116212114&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=20116918.1702116212&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=2&sid=1702116212&sct=1&seg=0&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&dt=Oasis%20%7C%20Cifra%20Club&en=Desktop&_ee=1&ep.event_category=LGPD&_et=633&up.login=Deslogado&up.subscription=free&tfd=15827
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3BB4FZD3LP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2704 6 KB
3 KB 27ms
27ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:34 GMT
expires: Sun, 08 Dec 2024 10:03:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FE8B 624 B
242 B 65ms
64ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYu-rw8wEwAQ&v=APEucNUFcpVXfX5Wsioy7t8Wf3sSTzNkwEaqZarg7744qtNYUpyd6d0k3Vwcr1ZWu4TnkxI9_ayJ3eJFTIQXRkkLbmbtH9XkExENe-j8hHp_xmeSpqkc5fcVEfRMKq6RdYpElXBhCiahiNnsEqudVdoq9I8aH81eAY2KR-Apl5PtYd6B5-wEfkw

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame F043 24 KB
9 KB 25ms
22ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:57:09 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame F043 7 KB
3 KB 26ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:57:09 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F043 0
0 122ms
67ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuw7WVtIK5lB_0ANhcWXo4paXlRmna6Jh76L0pd-HW5P8m4KU_XOVd7ndtGGrv8QsN2FBT86j777m5Jh5Lf3EnaM4fJMVqzIlBeYDr3NtUAoXzHcA9cTZEA4EMaF07gN5TxGk215vMOUSzGafgSxf4T-GFNAXWYf57_hDDp_XW9dHVl6Y2a0LUff235CwPGJQ8ZlFF5Uy-uJ-Q_5HG7ZrRuiCtaWV4rjJ_mTxxxBy_aEHJ_Fu9JqXp6469oWVnWre83U_HmLU-mKzcYCeSTlq0TKAtL0mc-9UIbGyU3kpLx97XKzARdVNghlQ4zcZP18-RBi7sGjbVVTyOpVxdBM-wwS1JX3v8bqioDawUgc-bzSGZrzL2-AIjzq1G2p-PFgs9rLarqsb5pHXmBb1fcT-QhcTS2cZxoz0jQThIHYCoN1-Hiznj-Sr73tXsXnlmc-0X2GsihpqhLLK26dY2uu27WMSaLCfJ2Ds-ayALFifNr_tsW-3fIp7kEO3IJEmNdldHd8yCWwwA77BCVyk2WMBlxViecMKI58kh1I2HZJjnJsKe6i4PK14vf7kUN54o_YuMFseOlNTPwfXWQsHk8bfm4OJfKFWmYg_WxTXX5O1zP6uHGZ7IQ-z4xGfnpgCMXHsybrMt3Y1J4rKqM8aI6-wrh90p6c3F-DL65HSMk_ed_Nsuan92jRxww4rBI1pBUHP8V5tpcS8hJxBOjmJ85Bhf44CJucfp9l2FRHsiwsblP3ltOwix3V8kJg4M0aFhYjdfDTAu_mFajKrV-pQcsLSTq_eFthedDJlgYC0XPsiQnsq4uZBy5BYxuSvwDL62iyfWSU89A4Q2_Q4cFqGoYmLfTCFOL_vhVN-vQGsNitw6kwcjkIKDLvICCTP6BYFBQNNeiGkIM-8UPsKUNSjr8MgJNwoMEZ-bh7UkqEm-82-3P1bu0mm0Gb0ua4h6CJit9B3CLW9ztlDEGxZYjls_c9mQJPZiyunb5mU0HZJfp1tjgTcysJ0vcbN6qygVT9lMV7iAs361P83a6EuWdj6U7jqVqaFBZQ9nI1VoNn2g-d2QIbfFltnxPP0Qd55aTqVxl-49JvRksUK9rsugnGVT2zD9m5PSa2n3FN5E05mBgrfS5_f8KeS9d-dIJfv_O1N6qXuJZIV8MPM1f-NGz1JVUsKrxB3m91H3UDvC4iOvzgJ4_UwL9U3jzrNkteBm1BaapEPSotbuH3dH_eF8tAFEa-Xntjy857na_WO5ThIiU5FGIJ-5RC2jL-5i6Kga4PNQhC_uh1MAYociFmJ-tB33VQwMS9TYLLgTf3W-qTPWemVkNwG8gpvPQqh6-iUjA1ocZd5pztJOByuh_CHsYIrmQYN4NA6-af4F76QMUuCwHz2xpRMHrTQDmrff3PntZ4rUq9BZm-Ooj7JMQABVYqiGJlkI_Q-zEOJt_egpQ0PYpfMGwmtFfiNP5qx0Cjuxln_8EhdcD9GtzwXGiNpvMp4P5vjujkfqzPkHLofEO8kgo6Ld5I2rxlbcFZh2SBg7gbw&sai=AMfl-YSx1xmTheFT-FB8M8Zb3muQPuTgpqx1WNLxwss1ipgfVwIUDCl3DBCm8gAVqR7ZRlt2WcBf91pfPU5i3Vw9LgnlWBuoCjiyjZFo6rihY1YNGjvee8RsuxaS9kKBaqXVBfyjjMJaHeojo1TdfcfqG2elBMScivM6mhO-uvqU726K6izPtVza_WDc3dkfe7uVGAIjuPDVjaRau9TDR_o4F8PCxN5wqs0qNNACBbsAkF9pIZoYmpYLniFsI33VTA0XTt3Qb10sJsnA0OVgR794as8Mq6moMVf4MSy9DC_h8tdNb_8CH2IkW4rU30-STDJF96sfSYoWqBLLQUk8kfWs7IOsOPZiU27KjMgu4Lnmw206WxlDKwplITyqwgwuZAIg81agNZB6NhHyqtzLn_zWiA9V6qiUMvrYPxtnYLHIxe8OQe3rpvA&sig=Cg0ArKJSzKxL9hS5mdijEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9wYXlwYWwuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231206.29267&arae=0&ftch=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F043 41 KB
14 KB 27ms
24ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F043 3 KB
1 KB 33ms
29ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 66DB 1 KB
643 B 29ms
25ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F043 20 KB
8 KB 28ms
25ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F043 42 B
63 B 59ms
56ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AEYNiU4MgY4_rKYr-h3FS6SKhagCly6SMbdKE8JTJmfKf5x67jV9CjK7jbwzIfIRsbHw65w8Qkw9QrSL6046RKrxhnnA-GsyHvnvhf3-mBSwdG6uo

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F043 0
0 33ms
30ms Image
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaTWlHptAGCG1NBNatq-7Vg7yAP09rZIwLzORAbUTkhuI7hUKZr0YeqWgQkEW2AnVxBBh-gkCUk_ckeyCYNEhhqYYJnA
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F043 202 KB
64 KB 99ms
40ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:03:35 GMT

GET
H2 200 13418336537760165250
s0.2mdn.net/simgad/ Frame F043 53 KB
54 KB 81ms
23ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13418336537760165250

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

sffe /

Resource Hash

b6dffed263cc0c871c01e8fe5ffb09b87b8950333137af73b9f21afee19620f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:52:44 GMT
x-content-type-options: nosniff
age: 40251
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54779
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 14:16:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:52:44 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
289 B 125ms
123ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=___de_1702116214585_1410576312&tJ=CA15437,CA15795,CA15771&tQ=par-cifraclub,r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007F763B7465E806CD6A02E66908&tX=b.52&tY=1&tZ=582707666
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 container.html Show response
12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5461 6 KB
3 KB 23ms
23ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:34 GMT
expires: Sun, 08 Dec 2024 10:03:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 260F 6 KB
3 KB 22ms
22ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:34 GMT
expires: Sun, 08 Dec 2024 10:03:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6CB0 640 B
262 B 66ms
65ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhiq46n8ATAB&v=APEucNWZhn63hrkxVDPxYIXBcwmK-OUVS4k5p-Aj4iM9Gdd62b6v-jgCClAtYvvcFSdFYupdURMgQ7g7HOOCPVJgHBgnp9EeMCX3BZgQR6MA6o-mlrB3Pf9MoC1k7A0u02FD5BrEM8HJM42FJMAzGsHrTXunUYeigTTkv5rzmGJy8H29mYlyCao

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 999B 89 KB
31 KB 89ms
89ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:03:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 999B 42 B
63 B 64ms
63ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIs1o3oEWpbfhQ1CRtH_Bff7zE3b_x7uKWlSlVMGrqIDnentbg0vkjJTGgdNx-jUjzn-th8Sgcy_ZoVX0PUDka1KiF8gFTuetx0tffNvAuE4liNfc

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 999B 3 KB
1 KB 23ms
22ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 999B 20 KB
8 KB 25ms
24ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 999B 0
0 31ms
30ms Image
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSmvOlMSycWTG6Y4sAKN5T8ZJFcCSx5U4HHLPpqvO_OayMMOW4G0yU0cdrmapRst6w4jDxWkNLEYk9m2smhJqleKFW9g
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 999B 202 KB
64 KB 109ms
89ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:03:35 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2704 4 KB
744 B 92ms
33ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 09:31:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 10:03:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 76C6 14 KB
2 KB 84ms
32ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 09:33:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 10:03:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 76C6 2 KB
822 B 24ms
23ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:43:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 76C6 24 KB
9 KB 25ms
23ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:52:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9249 143 B
166 B 23ms
21ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 09:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 76C6 3 KB
1 KB 41ms
39ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3A31 1 KB
643 B 26ms
25ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 76C6 20 KB
8 KB 30ms
28ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 76C6 0
0 39ms
37ms Image
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRI0OrkfC84mOMpoDc7RnXUrt15h30RLZB3qJlBmncIz887g21rFwHs0fzRH1Eoo5U4X5hCe9fB9BYF-f7gdtbCuQT3ww
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76C6 202 KB
64 KB 73ms
70ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:03:35 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 76C6 37 KB
15 KB 26ms
24ms Script
text/javascript 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 04:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 04:32:39 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 2704 22 KB
9 KB 29ms
29ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9231
x-xss-protection: 0
server: cafe
etag: 9385233705467680479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:57:47 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2704 205 B
295 B 33ms
33ms Image
image/png 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:17:49 GMT
x-content-type-options: nosniff
age: 45946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Dec 2024 21:17:49 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2704 604 B
900 B 31ms
31ms Image
image/png 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:12:31 GMT
x-content-type-options: nosniff
age: 35464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 08 Dec 2024 00:12:31 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame FE8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4rt0DKyrcI5dFeQ-wduPU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4rt0DKyrcI5dFeQ-wduPU&google_cver=1&C=1

43 B
337 B

64ms
64ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4rt0DKyrcI5dFeQ-wduPU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYu-rw8wEwAQ&v=APEucNUFcpVXfX5Wsioy7t8Wf3sSTzNkwEaqZarg7744qtNYUpyd6d0k3Vwcr1ZWu4TnkxI9_ayJ3eJFTIQXRkkLbmbtH9XkExENe-j8hHp_xmeSpqkc5fcVEfRMKq6RdYpElXBhCiahiNnsEqudVdoq9I8aH81eAY2KR-Apl5PtYd6B5-wEfkw
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqO3plP6Ul7CWC7dJHZ6p3MXgeE6OWLw2Jq0o3k%2FUVGROTiDdPSL8zQzXKv60EKuYpULNknOhdMpGM692SAN5uVi7XpaZYh5nLbQrThIwDHKSHYGZpYsqZw5zwoeUnMvLlKySQB2KM6kOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832c6b4b3dfe6a77-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJ4lq%2BeJYxujKTSIgTUG46tD2Ytnww6vX8aEHOsa9xkS7%2FEzkkZtFxg7R4zxJsXkvA1VcNmduJd%2BmnxCVgr9H39ndc%2FFCHX9T2mIgMU0YRKtkOyj20NP4%2FLPSpaEPUjWC57xfLXziKX3Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEC4rt0DKyrcI5dFeQ-wduPU&google_cver=1&C=1
cache-control: no-cache
cf-ray: 832c6b4accef6a77-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FE8B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXQ7d75gIeQn.jxCQHFf5AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4rt0DKyrcI5dFeQ-wduPU&google_cver=1&google_hm=2

43 B
770 B

67ms
67ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4rt0DKyrcI5dFeQ-wduPU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYu-rw8wEwAQ&v=APEucNUFcpVXfX5Wsioy7t8Wf3sSTzNkwEaqZarg7744qtNYUpyd6d0k3Vwcr1ZWu4TnkxI9_ayJ3eJFTIQXRkkLbmbtH9XkExENe-j8hHp_xmeSpqkc5fcVEfRMKq6RdYpElXBhCiahiNnsEqudVdoq9I8aH81eAY2KR-Apl5PtYd6B5-wEfkw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhzLZyCb%2FKF5mhZYCfgFJM%2FKgAOH3jpwQNQutgcJ2jmPZfMQsdm9SeZFeVHpyIEHlAeZDV7vVfwndKNI%2BvEYj8Wad1hs7m6GLuqBiVGzZJhJ9BYgGjpBY0Mi7yVyePlrOg1TDDf4syRBYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832c6b4be9d7453a-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4rt0DKyrcI5dFeQ-wduPU&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame FE8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEElYvaLNu0p0w1UR_WSZawI&google_cver=1

43 B
841 B

31ms
30ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEElYvaLNu0p0w1UR_WSZawI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYu-rw8wEwAQ&v=APEucNUFcpVXfX5Wsioy7t8Wf3sSTzNkwEaqZarg7744qtNYUpyd6d0k3Vwcr1ZWu4TnkxI9_ayJ3eJFTIQXRkkLbmbtH9XkExENe-j8hHp_xmeSpqkc5fcVEfRMKq6RdYpElXBhCiahiNnsEqudVdoq9I8aH81eAY2KR-Apl5PtYd6B5-wEfkw

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
an-x-request-uuid: f60c3ad5-e620-490b-b03f-da503c929a30
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.184; 84.19.175.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEElYvaLNu0p0w1UR_WSZawI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE8B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzOTYyMjYyMDQzNjc4NDI2OQ%3D%3D

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzOTYyMjYyMDQzNjc4NDI2OQ%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
an-x-request-uuid: a00d61db-1df8-441a-b761-0ddb834161d2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzOTYyMjYyMDQzNjc4NDI2OQ%3D%3D
x-proxy-origin: 84.19.175.184; 84.19.175.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6E9C 640 B
262 B 62ms
61ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhi16Kn8ATAB&v=APEucNUwQ7VeA2PHi9uvsRUk0AwB1xi7CO4h3Aceog7pZ7mwlihDO7JvBJR3wPs_NsayMHPK4lWW8MZnGvUNnxtjsggOUVvec5lU-DUWahKee4V-TXfnQpFfUDXxnrtbnHzHNEw2NER7H08QhXm4nLwgNXLGO4NM6rMsFVP_zEbcnf4feTNALd0

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5461 89 KB
31 KB 99ms
97ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:03:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5461 42 B
63 B 58ms
56ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AopHwr0In9newZJQ0DaWvNS5ZWedi4kspz-1cp2J8w1Wi4mlJ-Po7-NjAjoSrqYzOKEbnRe6A7sicX3p6MF-nW19v8LMNFV5JY9eMzD8UnWEeLCRA

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5461 3 KB
1 KB 24ms
23ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5461 20 KB
8 KB 25ms
24ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5461 0
0 31ms
30ms Image
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdsLuTR54UCqESSsn2PTEuGrizEPtUMAZqdLFXOiOlhi_fz2vci_pOnKzxZE1GyWTHtAfmmCicf1QdzPK4J1nTzj-FuA
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5461 202 KB
64 KB 88ms
86ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:03:35 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BBF1 640 B
262 B 69ms
64ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIY2KOt-AEwAQ&v=APEucNUXxmHRVlDqsMh7UDz-Dct2pkUirqTRl6DxeXd8xW_bUP68FjTYzzk4brFcOki27v70JwmPLYBJYs9B9sUj07OZoEcy-eUPCehnhYjpuYljOjMJ8_afuXjjcWWKeZu3IFUZ9VgwqpywCqsRL92TJPpL1LNJA8AQRI8bo9LYjjQUP6En73Q

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 260F 89 KB
31 KB 101ms
96ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:03:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 260F 42 B
63 B 62ms
57ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACuuvSD6ESr-79r2KY2JHNeiD2gw-axxxV-EVgCMlwN7Jg1Bi8qRdYJNdfntAqYJvCa9tore3gBhFk2CZr_wmbGDF16XREgE-Db0y-js2CrvlOnQc

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 260F 3 KB
4 KB 282ms
37ms Script
text/javascript 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=68151431;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=19904691783&extPm=19904691783&extCr=520835544&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CbEy6djt0ZZ6jAf_j1PIPxea64AS7w_bob9ru2aSVEvKe3KDUARABIOC8rSNglaqzgsAHoAH2vq2YKMgBCakCYi2If_cOsj6oAwHIA5sEqgSpAk_QuYZjJ36SPupJRXxebskeNNhFPJM5225OEwosJp9AmG9U8ckSQbWCIXYAML04moen5c7ObpMMEYwNFeoX6E_SJ9WK2vfdFLEhu-VZEgY5Gtkygy4qrVfE5yKuLMB9QHme8HosMHNNQSJ1rjjeHLSHJT1E9vvC7GDWjpppri-gYP2bc8xr3ctHuTnyYpGHHQz_gqqVFeDJVrUqcuK-omVl_2aiIFYlEg8Jemhm7pxkbT5yGcYU97SNzLLRKwij0T8CYaxdwJHjTFIV0FDhOE-cHZ_7MhaRyGJoCFPy70cGFhG4MMrSAZrXwtD1SiADDauN0u_oz9YfxLId6HpMw48uS8pWSDXyRAuNrXG5T7Y1ilfQbly-Lzjop40qT7ovDEqJP1f05s-kcMAEtffWsqUE4AQDiAXH_KWTSpAGAaAGTYAH9vb99wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljni7OCjYKDA4AKA5gLAcgLAYAMAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7ECqg0CREXiDRMI1uyzgo2CgwMV_zFVCB1Fsw5MsBO8luIV0BMA2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&sig=AOD64_06ifrhJuzKcqGywXbEUOq6ifvxPA&client=ca-pub-5289793328419085&dbm_c=AKAmf-DqXbdk-0sPyw7VJeXHSkj7GwMp8nXnjn2jZezmFow8gd2uj7ii-_v2mKIriy1bsBJ6ZrY_EQnxZJk3dVJeSb6oMAd7Z5ZvnEcJTxNVV-rmTbFSzTYDjRXcTuqTtC5uIhVBawrH25jjuni_VgAmCEhzJeL4YWNQMoAULBrjev508YoJI58&cry=1&dbm_d=AKAmf-BDRWRCJuJC0_aTrXyZh-sqAmsD3X6AQMAu__GC684NNh7RMRT-Rr1rhHL0co1KJj1CEXv00ywxrhyP3gh3SuZHr0q2bclERv3SnadgrXizw9XxUX2P12hgMN9OKpc0X4sohRlCFjxd8xg1HyFczy6s6MdvDcGvcSEh98dJfXWbKZ7TE1OLQ6DIw1cl9QjFct6p5Q9LtJZS9ocDhkiFKBzKoOeSwGeeecP_P1jQK9U9RUzmzE27jVsQJpXYDeroVXx6vA_vi4GgL_X9YbpwkSh2ZzDlICtOgNhPoVFhwEVY4M_xAK3zNDvmFSzwL6ppfhSc69uRsHczdtSfDWqotcMDUBT-uIn1yz2DUx4-KFU4OQZCD4XFOhbKbubQidxmzMNO3r-8tvYKZmQDz-hZO6JIetT4MkeP9gY9hQPyiPat2D1nxjFwWglO94JlOUb0RZJpYqIDIu-iqoTI30q2VjEv6aIDBBbqXMC7bH1xnZyYyYcdsTchVWugMMiuEDtRLkBURlgmvBeD7maTW6iPQM9GR1X72ypaCqYTqzy1Qz8QMHW0elwwOEpsjpL2LE_qYaN_MF8y&adurl=

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d57cd6887e68ff25cb1fb7190a72821f42074d11467b3c51f8000d9968c8f35a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3020
expires: -1

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame 260F 60 B
1 KB 290ms
32ms Script
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=19904691783&extPm=19904691783&extCr=520835544&rnd=1702116214020894

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

2a5197525b2d844bd1ce5852e89988181164abcd15bcba5767e37a0800445ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:03:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Sa, 09 Dez 2023 10:03:35 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1756
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 260F 3 KB
1 KB 28ms
22ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 260F 20 KB
8 KB 28ms
23ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 260F 0
0 35ms
30ms Image
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEKDNz2l7jteusJA9H2nAx2Kj-nn3GXNCxkLIsPjt9WAUUgghiGYCnJSGX5KiCMQJ3LY3OdHDFWS8gr6Qaahk3E2y1TA
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 260F 202 KB
64 KB 112ms
100ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:03:35 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 66DB 35 B
464 B 265ms
23ms Image
image/gif 91.228.74.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFAbY6t0Fvfb0wHZ9KtF6H0&google_cver=1&google_push=AXcoOmTG9K0uyfcVHCePYxpCQ84Qr7EI1LnQDQwNoUj3I6uVNiNQ96WWY5cdrDsqXlYLky3GacdtqasgPX3--roGawBGo5gsqNoxfw

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.206 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 66DB 0
103 B 301ms
59ms Image
text/plain 63.215.202.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIkOjb7YUc0pcRTpTtaJpDg&google_cver=1&google_push=AXcoOmSHQBYpPpbEnxnjYEQ1gkd-0RrPR3A52ckIVd8G8EHJuT4NowHI2zj8U6DKvzimaNi-9-MrqXNY5RwM4lXEormPdVOPbXO-8w
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 66DB
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmSyRr0LlxcQuZu1MPKj-XN_eLGqbm33Uiu1RPO9SDHI_Wk88LQNp88mkvzirJtiqDY175j0j_HsatGJX8x4gohzMctNWx9-&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmSyRr0LlxcQuZu1MPKj-XN_eLGqbm33Uiu1RPO9SDHI_Wk88LQNp88mkvzirJtiqDY175j0j_HsatGJX8x4gohzMctNWx9...

43 B
422 B

193ms
193ms

Image
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmSyRr0LlxcQuZu1MPKj-XN_eLGqbm33Uiu1RPO9SDHI_Wk88LQNp88mkvzirJtiqDY175j0j_HsatGJX8x4gohzMctNWx9-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSyRr0LlxcQuZu1MPKj-XN_eLGqbm33Uiu1RPO9SDHI_Wk88LQNp88mkvzirJtiqDY175j0j_HsatGJX8x4gohzMctNWx9-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 832c6b4bf85771be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1672
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmSyRr0LlxcQuZu1MPKj-XN_eLGqbm33Uiu1RPO9SDHI_Wk88LQNp88mkvzirJtiqDY175j0j_HsatGJX8x4gohzMctNWx9-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSyRr0LlxcQuZu1MPKj-XN_eLGqbm33Uiu1RPO9SDHI_Wk88LQNp88mkvzirJtiqDY175j0j_HsatGJX8x4gohzMctNWx9-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 832c6b4acf2671be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66DB
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGF1O9Wl_KycTyDASLV7cE0&google_cver=1&google_push=AXcoOmQntarz8pH1DgTpBN8Ul7-6pKJyIsiapqAJpHeP4ZHQ6Fg3UIZrMG_Ld2El8Ry4RqMcbQ3XFEfUducvVmEB3q31BhM6TUjVVg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AADDDB9C1CE24DA499C4C9FCC7C164B0&google_push=AXcoOmQntarz8pH1DgTpBN8Ul7-6pKJyIsiapqAJpHeP4ZHQ6Fg3UIZrMG_Ld2El8Ry4RqMcbQ3XFEfUducvVmE...

170 B
188 B

31ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AADDDB9C1CE24DA499C4C9FCC7C164B0&google_push=AXcoOmQntarz8pH1DgTpBN8Ul7-6pKJyIsiapqAJpHeP4ZHQ6Fg3UIZrMG_Ld2El8Ry4RqMcbQ3XFEfUducvVmEB3q31BhM6TUjVVg

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 10:03:35 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AADDDB9C1CE24DA499C4C9FCC7C164B0&google_push=AXcoOmQntarz8pH1DgTpBN8Ul7-6pKJyIsiapqAJpHeP4ZHQ6Fg3UIZrMG_Ld2El8Ry4RqMcbQ3XFEfUducvVmEB3q31BhM6TUjVVg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 08 Dec 2023 10:03:35 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66DB
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOqThzHR8_BOCoAUEzCz44E&google_cver=1&google_push=AXcoOmT-U_sSLU57Lpf85tU86ZopFALuCQ6-vmU6L11hoTolJFNTsO3W7A7JJJYm0Tx5AGABcj58KqFA8oNUxF...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDUzMzQ3NzQyNjU5MTg4NQ%3D%3D&google_push=AXcoOmT-U_sSLU57Lpf85tU86ZopFALuCQ6-vmU6L11hoTolJFNTsO3W7A7JJJYm0Tx5AGABcj58KqFA8oNUxFKTH9...

170 B
188 B

34ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDUzMzQ3NzQyNjU5MTg4NQ%3D%3D&google_push=AXcoOmT-U_sSLU57Lpf85tU86ZopFALuCQ6-vmU6L11hoTolJFNTsO3W7A7JJJYm0Tx5AGABcj58KqFA8oNUxFKTH9Ktf6sd4qEMaQ

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDUzMzQ3NzQyNjU5MTg4NQ%3D%3D&google_push=AXcoOmT-U_sSLU57Lpf85tU86ZopFALuCQ6-vmU6L11hoTolJFNTsO3W7A7JJJYm0Tx5AGABcj58KqFA8oNUxFKTH9Ktf6sd4qEMaQ
Date: Sat, 09 Dec 2023 10:03:35 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame 66DB 43 B
145 B 263ms
22ms Image
image/gif 52.57.96.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA76vz5o7ZZV1OuYWa7EN2c&google_cver=1&google_push=AXcoOmSk77SSGJu9iVvhafYBRFNuy_S2ZQaJ44zMgkrwoGVdsHP84EXdhFHtAWIBtGhByWBNe0E-WLcY387W2GfwTrRYuwofxKPQ4g
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66DB
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGOKg27IKlDnUuS2bWUD6PA&google_cver=1&google_push=AXcoOmTQLFQUMCWDXsmpRGDhW1YKPx6a7HIxwpWNyRWIe1h1zEK6b2_NT77rkVkntbKrjzvpz8TuRVyVwm-XXjfAAZHA5C7...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGOKg27IKlDnUuS2bWUD6PA&google_cver=1&google_push=AXcoOmTQLFQUMCWDXsmpRGDhW1YKPx6a7HIxwpWNyRWIe1h1zEK6b2_NT77rkVkntbKrjzvpz8TuRVyVwm-XXjfAAZHA5...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTQLFQUMCWDXsmpRGDhW1YKPx6a7HIxwpWNyRWIe1h1zEK6b2_NT77rkVkntbKrjzvpz8TuRVyVwm-XXjfAAZHA5C7sKqDcvg

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTQLFQUMCWDXsmpRGDhW1YKPx6a7HIxwpWNyRWIe1h1zEK6b2_NT77rkVkntbKrjzvpz8TuRVyVwm-XXjfAAZHA5C7sKqDcvg

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTQLFQUMCWDXsmpRGDhW1YKPx6a7HIxwpWNyRWIe1h1zEK6b2_NT77rkVkntbKrjzvpz8TuRVyVwm-XXjfAAZHA5C7sKqDcvg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 66DB 0
12 B 31ms
28ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IlXf2ZhTR4fbOhpuiRBkUI4HmxB5TFn8Dzd78-mGJqsAeg8eIjr1Um6fibIR1tq89e2ngy

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame ECCE 38 KB
13 KB 28ms
24ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F043 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9ad9d1088e52ce8fc1f7ad9281481b75027db24df768da4e132dd82a34e8d66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6CB0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwRydECUgkJoVIthPn-Dpc&google_cver=1

43 B
105 B

226ms
37ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwRydECUgkJoVIthPn-Dpc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhiq46n8ATAB&v=APEucNWZhn63hrkxVDPxYIXBcwmK-OUVS4k5p-Aj4iM9Gdd62b6v-jgCClAtYvvcFSdFYupdURMgQ7g7HOOCPVJgHBgnp9EeMCX3BZgQR6MA6o-mlrB3Pf9MoC1k7A0u02FD5BrEM8HJM42FJMAzGsHrTXunUYeigTTkv5rzmGJy8H29mYlyCao
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwRydECUgkJoVIthPn-Dpc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 6CB0 43 B
295 B 255ms
35ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhiq46n8ATAB&v=APEucNWZhn63hrkxVDPxYIXBcwmK-OUVS4k5p-Aj4iM9Gdd62b6v-jgCClAtYvvcFSdFYupdURMgQ7g7HOOCPVJgHBgnp9EeMCX3BZgQR6MA6o-mlrB3Pf9MoC1k7A0u02FD5BrEM8HJM42FJMAzGsHrTXunUYeigTTkv5rzmGJy8H29mYlyCao
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 6CB0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENyFobyaTrdE4B9OboyBr5I&google_cver=1

23 B
163 B

408ms
246ms

Image
image/gif

2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENyFobyaTrdE4B9OboyBr5I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhiq46n8ATAB&v=APEucNWZhn63hrkxVDPxYIXBcwmK-OUVS4k5p-Aj4iM9Gdd62b6v-jgCClAtYvvcFSdFYupdURMgQ7g7HOOCPVJgHBgnp9EeMCX3BZgQR6MA6o-mlrB3Pf9MoC1k7A0u02FD5BrEM8HJM42FJMAzGsHrTXunUYeigTTkv5rzmGJy8H29mYlyCao
Protocol: H2
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sat, 09 Dec 2023 10:03:35 GMT
pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESENyFobyaTrdE4B9OboyBr5I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 6CB0 23 B
163 B 368ms
158ms Image
image/gif 2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhiq46n8ATAB&v=APEucNWZhn63hrkxVDPxYIXBcwmK-OUVS4k5p-Aj4iM9Gdd62b6v-jgCClAtYvvcFSdFYupdURMgQ7g7HOOCPVJgHBgnp9EeMCX3BZgQR6MA6o-mlrB3Pf9MoC1k7A0u02FD5BrEM8HJM42FJMAzGsHrTXunUYeigTTkv5rzmGJy8H29mYlyCao
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sat, 09 Dec 2023 10:03:35 GMT
pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3A31
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEO88Vy66Gf7poaIevmujuOY&google_cver=1&google_push=AXcoOmQtEuKkaOVBeizyygdiuX5WhQxQ-cVLiVQ9hiVaVnq0fvaAsQgyqGdW1nQQIxmkoOVw8mxeLxV6J_5JNfvJ__MtiwCe8n5iEA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzMyNjU0MTEzMzU5OTE4MTI3Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEO88Vy66Gf7poaIevmujuOY&google_cver=1

43 B
398 B

37ms
37ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEO88Vy66Gf7poaIevmujuOY&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEO88Vy66Gf7poaIevmujuOY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3A31 0
104 B 267ms
59ms Image
text/plain 63.215.202.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIkOjb7YUc0pcRTpTtaJpDg&google_cver=1&google_push=AXcoOmRrcpCGGav1tF5WVKDRHe_zpKFWxFENpPejpRZfCRvvB1XhPSxXI8qAqX-v1LSzVxdV_oijZWFd7bbmZ7XhQaR4EZ4oA0sdtQ
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A31
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM3bh9HIpBN3XN_qcvEWCF0&google_push=AXcoOmRE1WMKn0oDXbNyF5zyIyxtuQ5jLHWoy2OzwtrYcqnSdDxQviOx4N...

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM3bh9HIpBN3XN_qcvEWCF0&google_push=AXcoOmRE1WMKn0oDXbNyF5zyIyxtuQ5jLHWoy2OzwtrYcqnSdDxQviOx4NgAwBKNvOyKdqtvPZVHKOgee8BbyLU1Xh0E9JRB2MUPWQ

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cph2320051-CPH
pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1702116215.493433,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM3bh9HIpBN3XN_qcvEWCF0&google_push=AXcoOmRE1WMKn0oDXbNyF5zyIyxtuQ5jLHWoy2OzwtrYcqnSdDxQviOx4NgAwBKNvOyKdqtvPZVHKOgee8BbyLU1Xh0E9JRB2MUPWQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3A31 0
187 B 237ms
30ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESELzKwCcndBRc48ZULtb6kbA&google_cver=1&google_push=AXcoOmQFuvn4T9QxTKyLVjCPYc8bndRgO_F2iwGpXq1xJG2Oorepp7m23ElOzf07dSN1Z5tWgZKtsjQifCjLUULdulz0114AZHKA5g
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sat, 09 Dec 2023 10:03:34 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3A31 0
173 B 238ms
30ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESED-IXlrGrDnDUNEeO3qjdS4&google_cver=1&google_push=AXcoOmQPw47t6lVt3fqHt_oES1HBu0H097J1pIG7X8QT7G-h5sy8xe9Gq-Cwdcu8MuETtKSRwM_Dh0iofI2Qt9UH3v3x-yid7rphSA
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 3A31 43 B
146 B 229ms
21ms Image
image/gif 52.57.96.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFPe5tvrg0rbQBrbU8JKREk&google_cver=1&google_push=AXcoOmTSPZeNXUYmkKMPqM9u673PReSkLwSobala62j3gEFD9vmd1tYZYut3wmfKcabhWYU-GeNekFP-TOjAVkfRL1HzLiGWeAB7oQ
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET /
csync.loopme.me/ Frame 3A31 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3A31 0
12 B 31ms
30ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JaJYQnjzLWXCJtvV_Xmx4w6QVk3JmDSG-9uA4TKlDgiAxBTgTmb7cWCMWq4At2_u6JDth29BU

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F043 0
0 62ms
57ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuw7WVtIK5lB_0ANhcWXo4paXlRmna6Jh76L0pd-HW5P8m4KU_XOVd7ndtGGrv8QsN2FBT86j777m5Jh5Lf3EnaM4fJMVqzIlBeYDr3NtUAoXzHcA9cTZEA4EMaF07gN5TxGk215vMOUSzGafgSxf4T-GFNAXWYf57_hDDp_XW9dHVl6Y2a0LUff235CwPGJQ8ZlFF5Uy-uJ-Q_5HG7ZrRuiCtaWV4rjJ_mTxxxBy_aEHJ_Fu9JqXp6469oWVnWre83U_HmLU-mKzcYCeSTlq0TKAtL0mc-9UIbGyU3kpLx97XKzARdVNghlQ4zcZP18-RBi7sGjbVVTyOpVxdBM-wwS1JX3v8bqioDawUgc-bzSGZrzL2-AIjzq1G2p-PFgs9rLarqsb5pHXmBb1fcT-QhcTS2cZxoz0jQThIHYCoN1-Hiznj-Sr73tXsXnlmc-0X2GsihpqhLLK26dY2uu27WMSaLCfJ2Ds-ayALFifNr_tsW-3fIp7kEO3IJEmNdldHd8yCWwwA77BCVyk2WMBlxViecMKI58kh1I2HZJjnJsKe6i4PK14vf7kUN54o_YuMFseOlNTPwfXWQsHk8bfm4OJfKFWmYg_WxTXX5O1zP6uHGZ7IQ-z4xGfnpgCMXHsybrMt3Y1J4rKqM8aI6-wrh90p6c3F-DL65HSMk_ed_Nsuan92jRxww4rBI1pBUHP8V5tpcS8hJxBOjmJ85Bhf44CJucfp9l2FRHsiwsblP3ltOwix3V8kJg4M0aFhYjdfDTAu_mFajKrV-pQcsLSTq_eFthedDJlgYC0XPsiQnsq4uZBy5BYxuSvwDL62iyfWSU89A4Q2_Q4cFqGoYmLfTCFOL_vhVN-vQGsNitw6kwcjkIKDLvICCTP6BYFBQNNeiGkIM-8UPsKUNSjr8MgJNwoMEZ-bh7UkqEm-82-3P1bu0mm0Gb0ua4h6CJit9B3CLW9ztlDEGxZYjls_c9mQJPZiyunb5mU0HZJfp1tjgTcysJ0vcbN6qygVT9lMV7iAs361P83a6EuWdj6U7jqVqaFBZQ9nI1VoNn2g-d2QIbfFltnxPP0Qd55aTqVxl-49JvRksUK9rsugnGVT2zD9m5PSa2n3FN5E05mBgrfS5_f8KeS9d-dIJfv_O1N6qXuJZIV8MPM1f-NGz1JVUsKrxB3m91H3UDvC4iOvzgJ4_UwL9U3jzrNkteBm1BaapEPSotbuH3dH_eF8tAFEa-Xntjy857na_WO5ThIiU5FGIJ-5RC2jL-5i6Kga4PNQhC_uh1MAYociFmJ-tB33VQwMS9TYLLgTf3W-qTPWemVkNwG8gpvPQqh6-iUjA1ocZd5pztJOByuh_CHsYIrmQYN4NA6-af4F76QMUuCwHz2xpRMHrTQDmrff3PntZ4rUq9BZm-Ooj7JMQABVYqiGJlkI_Q-zEOJt_egpQ0PYpfMGwmtFfiNP5qx0Cjuxln_8EhdcD9GtzwXGiNpvMp4P5vjujkfqzPkHLofEO8kgo6Ld5I2rxlbcFZh2SBg7gbw&sai=AMfl-YSx1xmTheFT-FB8M8Zb3muQPuTgpqx1WNLxwss1ipgfVwIUDCl3DBCm8gAVqR7ZRlt2WcBf91pfPU5i3Vw9LgnlWBuoCjiyjZFo6rihY1YNGjvee8RsuxaS9kKBaqXVBfyjjMJaHeojo1TdfcfqG2elBMScivM6mhO-uvqU726K6izPtVza_WDc3dkfe7uVGAIjuPDVjaRau9TDR_o4F8PCxN5wqs0qNNACBbsAkF9pIZoYmpYLniFsI33VTA0XTt3Qb10sJsnA0OVgR794as8Mq6moMVf4MSy9DC_h8tdNb_8CH2IkW4rU30-STDJF96sfSYoWqBLLQUk8kfWs7IOsOPZiU27KjMgu4Lnmw206WxlDKwplITyqwgwuZAIg81agNZB6NhHyqtzLn_zWiA9V6qiUMvrYPxtnYLHIxe8OQe3rpvA&sig=Cg0ArKJSzKxL9hS5mdijEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9wYXlwYWwuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=130&vt=11&dtpt=129&dett=2&cstd=0&cisv=r20231206.29267&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9249
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

30ms
30ms

Document
text/html

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:35 GMT
expires: Sat, 09 Dec 2023 10:03:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:03:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
66ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=2095688612226720&bg=!JiWlJWrNAAY3kmNgF5I7ADQBe5WfOCV4qIteWcQFGIwcJvkhvcgIZfgsYcnpnV77K_9FpYAcdeNXCcOfeQALcmZRveV_AgAAAEBSAAAAAmgBBwoAi9RkGLX8sGxKkPGVD2wngVZi5DqhAdTB1U8BRoK3WH9am_7dzUpDlN4evb5zAnhc3y3LEfRjjUYnQmX1M9qt9iYpZHPETkizSIQ6Q279urvIQGWZrvsst0jEzKX0YuJ9nMDuVPrzZN6jCtUY89EdG255avKQDe6u1G5zd9KZZVMh2dGcUsjRlS1qn_qZAvejfIpli-O9oabSoizJ8WZyaWEYmQEB4_fW-_j_6jMrIMB-3eS3GSqB-0BCMNYM_VS6vsIWNPBR_rKHv9p2pXA1YOmwz_PCc9JLrHHyGVE2Ax8j1fWA3LFzyU4E-Q29hQWc_zTBsvd6JEcjB1iOSZOQIEC0_fy0Yo6iCT-9QXgiwEgk5EdGnzVvGkyVgu1xP_eguQGwkwCnOes2TMp8tU3OdUd1YuIR8OgzfwSDZrFqqp8XQGAb2OTu_yJOQLeHmGTMsSC9-AdTFNU0w2IJW7eIA-LnOCqPRz-PC06q5ENft_a-bafglx5AY0XqLUoKS1FolnfGhw7PoeiE4X1UOeFcIkXDIJLOE-B3SWZfX6kPvGiKRWQzs4M9-NHAoT0ImmnEiAiA-IC5MIjHhiOG0k4mIiUXF6K32lCFxLfQQnFC0ftgd98NRTFFTazz2uSwKSEC370RolxYRQFMuT5pdS6TkjDaG_JDruFXFCNMOD16BSUqx7IR8VGRFUsB7vdQEhZ83cDKAsazPPDm7N5DfRHmLufW5-ziAIcSK4p3bjaYNvNhMmQhYStjZnDEiRoT3z4Qh3cdQoy-8ESTVcZgSNkI0-vGCXCdHNXCf54VYFdcrqjZ966mOrobXNTWdmLJAtmzFZoT7GDye3ZQdr-UpkYGlxb8sEtrHzZBIDEnRf9v1KTqtNgukAGe89bC2tjvK0Ru07r00j6EdLDgOmYJd7ev5SY1THA7HQb7OOsfh9iUqSDRcQgRWWX4QJ_O-1vmzIfCeKKSaln3PSPqXuY3Gv4SZPyIAwy264ww3h6OSHZCoBt535QAkdGQ5boIQdXRL-bqOwLKuC6jYzlgOdsuCyKffPCmsQh04sapDmjFB2Q9eo6BORlyAdR60nQHwIA7ab2f2ah3dgAMKfpWBh_-l7sdrqmy3OYCUc0NtpTXiVfUusm6efaVtwfKNsMS48x0nKZ3rLHw9DhXJ-H87r0rQSFKujAgZ23v0AgXYvRpc6_waIkfd3dfl_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 999B 0
20 B 56ms
56ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6829461344316&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 999B 0
20 B 58ms
58ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6829461344316&version=m202309260101&ct=76&x=1&cor=11412550731278938000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 999B 82 KB
38 KB 69ms
69ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Do0mRlCxc9KgrnVQe-0J-j7QgnYWJr0ZwiBdfNfRE3z9byfrupnfeph4dLQ8Jrs7OVnXA7PlfZ8sS4DHcp-SXYEHeYiZjJoSJ6oN4BRjaR8monHxp7RLFeGcIIXOPMLfPgKF8AUasEYYw0zugqyAbmggimhpVM4mZluewWHPOe3MigTEk&dbm_d=AKAmf-AyK3EsDiUPtlPmXGZih9__XQZvQ3VLcL0hUrDbVql1eTvoZwJWfQJnik6MQWgT7Y6F2tfsNddyN2z3UdjIo6odvdzIkCyE-olqQ3wzjp1Ns4CMqb5TgKZWOjKBdVHbRs1acK0IrWgJuaggKVXABHmRq6MTfDT3OWbnsv_LNA7znlwpZz1jGWKgISaeAGc_W51wOfOFgk9R6SxtJH4dotbWC2mWqweomEWZPrgFloeZOeejC2P4-TLXZzKLr1An3ecG2yrrzrTxK4xGDBDOJCOCY-J9oA3PCJAO6q25IQeXjFLDVpsSneLLk1UBkRSMQQ1ZW0fzKMiQUXNOc8xeg423kDztHRzk_lJQa1zE4xIYpbfRAJkn3Q8wp4CACMurApCuPGnQrP5LxaDnCAoMzAzU1MvCFbJWho5wA7l9GqBL591wkeShRhvstAQz7YXihzJ3N4Tlf2bFrI5ebdMo_Vb_t31em-PMdQnDY5bIrnHVcorD0A9IWnihI5jtni6mZZisPA0Kxiv7UIzN76NNowLnjZxibW9RA1ZiaR0klz3m8UKLQCUIO_JB6_YjU649eB2_edN1M64m1y5XCueVLhB9v96etPhSvejzDN0QBAEP1qd_Z9jzWb8THZGd8ZhARHeZrbXnT3WCubLD2WKDqkQ3PcfVckewfBIqil5sxF2fy90RQNBro6KSzHIPN2zEHOpOuTw_KZxOGu7UvuVLbAdavp2owpS9VuBxCjGIskao9oEY6cj80QMX2BG1j7TvvsPgUiIaiSFnrnd9ENFyj4QDnnixnFrRdH4W4HFpBzcyQCt7wrs36pRM08Yf9m7Xe0wS3E2iPoA1428ZhChCIN_o96IiHsPcFXbpZbb0EECrpSBB7t8FYSAhCSLwBhRDaZJ8j0E7P5oSxrOM1ngnOKpkCwRWLSizyG0Xx3JLNoQGQC8odbLPJRQFyGoVMOyf8CX-ocvGHkcdIPOB9JPECruud_OdZ4YnfoyyB8AaZxTHGn21VHetGS-oxEBsnFXDW8cOV_AAOpCmaVPZaZxlS1bVT6IWIzsKIQ3xoBBFVdnLdETMj1B2xit_75Np9thdCBjbXnNWlyOopENKCXTagm8waiLBAYZgWV2ydBB-lNPpnuEf42ifuy1rTs8fBF3yPgm1fQaDNfavE_0RQOQjkWx29Lw03_bGPhgL8BFhQ_nyOtkvybjV_vx73H4xFw_qxcgQ1qEgAOmc4sxmafXA_SYUF0j6-fIbhFEikYnh49PgpvvgGFD7Av6mU38rY0lb18lPuy8aFNcWSoG0fZZ_1ZEK_Dqi_1sSlPqkKEApHB631IoqAvilfT-fYxhnrQfhj_xm7-oJwa6YXSZj_d6btu5tC6FN72xB3FbwS_Zx9ka_CxeTqSAWfj4pq1coor9WVqLUg04XuqM9o5C6w2U7MuOpXjjhbA2sjGbGQTXCkAQOVtbnuzn4OMbCDVi49p2nFloAqgYfa_tbI5YzRpSqBsNWDUIzld62GVzWv4ZWEuEcgHJX1P0tIvCbi9btDv00_6RG4Obgom0WpuIAqXM3v0ZMpg4CZQ5s-CXx-hyuBhXdQkRxubozK_th0vsu_YUp9zeLyAb1UQCfTpX8_PiQQyugOycOq0xQN813eY4R2mIiFoamGTIIzOaUXySuUivaTyN0YBoNDnHtWXdUTlRRjweimYrnRzGiPAf1R_dwlaMJOc93Ub5DzR6lE2FoT0uZHxEiuOl_DAHswlzXhJKYLSjJ3054u3Ai28BMVfaDC9sNU0uej63LeL0tZQWpcTOH9t3ZKJxtISFKMXJUgfZV2MlOyv_vNnsO5g1FEAgeae-LpYn814boVHIliUNo5lugKgyqsaq13qlCCE1wfhNtsB--Rh6zpCjAlSRlSTDmjbDn93Aq2lhaq7k2PcSaGRef31U-FpW28m-nzVMQ4C8ooZYNV46VzPo3nUm7Ls5bl-e-S6NKk5sUNcmkDoHFz7qWjY8NS2kPUqREwKKJCNWE67hk6AgLBy6h1KLUY1xnBaAYAz24TEVbgxoEWXTNzQB5gP-Zf8p_hD5gP0Snie6QZTFTGDp4CRcNforlN5QgzYPDHwhdpmhKkzcT01aZCmovrHxN9Ez5f9q1mFYY_bp9hkd9JLmfsdno38l7QR6oRLg3JreuvAdu5VaHv7mSEYeRmbk0N4G0Afmouwig_1p9JqF7YY6EkqyxwM9MUwN8vx5zC3FOkg7uw5XemWgT_eZPXst1zpd7rHaNzjBosDhUlrJpGz91BvEU1JrfUaiC83pw5m8qmnf2n-prtxja2M--_9ZmDmRjW2iw1CBQafRGHJpmPmlw6jsMFiL34aetZ6BFaImY0Aog6JQKTr4_mtbe06wPZGXqtVmWeWc1k0h0SYfnduzjjs_qDkrwiRK_idoQ3mMt3-34LB7tmq_3tGxVeHH4g9hRxQ7kn8x1Xvu6XIK9-HHGHJ5ZxO3SmTFcYiCoucclJEZsRrlj0CwjQU2_ZkfElU7orUQK8BBE-i3uwpSSEnYosF5dwFxnl0SX6gbZw6junKOLU-Vag9jWK1O7XrHqzuoqvBtXIpbiK02e2Xv47hA3rjeoA1QnH6zrDgL_z3DL9QXzhyYUSPhgPhp1wl4LEWMjjpGtIxvSQAI5wWV1EAR0YzEcosrsXe-XY0TQT1_hKr-izv-ivGjUW-OleFIvDjSjweviQXlTygjkr-cjdpVpUVkjBM3NdbycouppUuoan7Lo4gG30Rr2Jzenr6qe9_TzNufQwYkYtdHBZvCMF4QEsvAbAeeq91PuOyifKxMtnf7GnN7dzlr6LZoNyjPEel7FWv4lc7kFS4YL6dw2KqRdQpTP4jd0nKqmL3KtwDQCdPA8bhux0A8IWnSLEyt0GLOYmViKv6ml2XEDTY9rpOqloc4oyyM_HMYQGpCksAEFB0dW2O2ax1q3oSPNWoaQO3ja0918NF8jDtkT15gh5kIfZrntBKFdLFyWPb9he-4YzKGUuQ_DQJVSzl3-tyk1WvSgR9JzAZtg7Q_uk9_tf-YARN9TxO8q0E6Yi-XG4lh2dh4V9skAUyTUIddeFwD_xRPH3ZoMK0l2R3FgUvXZJKs893HOTszKYpYx2cV3DCyJQ6fDip7UefeWFzDWu8k5n2Xg7xVqD0bVh7vNY4bngjhQLStJIbHwUFY6BXm_mnfmQ8zRkaIdM6vmCGrBKMUqmYHsgHq7gr3o36DE8zZ8FKfWWpRQhAGmAR1G8iJCVRuCGH7v6TYebZP2Dpno1r0Y-uG3kb5IFIoeZ1yB4etygHFeMeLc9TzA1tsKAoiXNhP91bt0YRqwkjd318WUupz5oLvGBxvZ_xsK-Y0_cfuPMIoVQDfAVfDN471z06ZgFHtOLHJIKTCHby3K13r0Vo1cqWXES71PcaaCYRpWgUWS4uu5qtyKrVDo2xDIl_C7E3qIjNxOR73EkO7Q0MIX0gxhJmLx129Xh3mJ5COqrVG1CFx94u8_IvuzJz0vl0-x5X1s3mlySTgaTZ1kX8lDsbdw48UU8cWDiDbNvqBx45lz-AJ-_sdddDWPtzL2BFUcXE9r-7zh0CkQAUnIw1ItXTMRZ6YHnfv67RQKluBwEfSWCS7_Ei4eH8kSI2fasq28vZZoCMLjEt9gtMUoOXbsFiXleictxsuBH6ID7A3VJjUOZJI7zyWWbOua3uLk6eR4sVnY4swH-LhfPe69AK1HfP0p-HnAGs6m99gdK-eZuHWcIxrgV-LsJ4gZtRnqpABsBLo2eAq6LkqIV6j3a1mXWAokQTTH&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.cifraclub.com.br%2F&ds=l&xdt=1&iif=1&cor=11412550731278938000&adk=2857193499&idt=101&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

51146e11e134d84c3a0efda4487de0bbceae1111c8a2cb90e0a6942b65cc6603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38527
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame ECCE 39 KB
15 KB 24ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 18:50:25 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5461 0
20 B 56ms
56ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6250127684886&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5461 0
20 B 57ms
57ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6250127684886&version=m202309260101&ct=76&x=1&cor=12486868328248822000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5461 82 KB
38 KB 112ms
111ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVuqb360EVSoWlO0hhnryY6605HaAEo-GXB_sg9r4qZi8FZWVvXYd2V18yxuwD1tIpISTlwjEcSNSQAsKhNs5LVERf7DHrxEtyjK8AvNwJxgaz6oD7M3Ds8eEv-PyNju_XASgztVDjworQ0udXUBEOvH_k2OjmTTA0iqRkP69VZsSNSVk&dbm_d=AKAmf-DZEmlBIiCaRDH3CXKQv_2v8lkPf8P8O2l8-GFAeo04NSE5nmYpN0AT9DwZB9U5A_tVvvd--9sWGfb-Axc_mdNrvBM3ww9Ahq9iQz5xclzyWDTANmuk-Pblr6Gz97JHGsvPWl-riaTmv2ZGEaacpFQTf-JF0z6uJwvNu0m7l5toy2-haz4QLAWrZ7a3uFyLEj4wuXOwuQzIIRwxlXGv7qpw7SgaCMYHWzlkSCjfP3A2qHehAj_qgvF2MbssR2GqKfMVZbKGbSkWVvY0FfZZo9Dy79iwtGQ35vz1QabiZ0TvaVN0Vdc8dWqj2gbBIX2SjxJFHjmgnjaIj4BEWTisxjO4hk5WybOOFa_TYuXgQ1dyJ6K13YF83KFSzR8pmmMZWnZJGWkZlmOl7n61lhCD7Sk8TAqlbg8WT78cF3wAqGe5zFPIWeTUm2EwY9NQCX9kAr1v8fENo8f48GvWG86Wj5I2BNRB10i2QvGLov-Z-xDGvB9Ks7BCFDbHheRZp3WcSTWIsG4InjPH-C0UnLXNz4eXs4dmibOZytt3rWwQSYzTDHkrT7s_2EeIDYYPYGDneZPaQhVXfXApqDRJR1LblHqAf7PngKaepneXkkyrBEYejfjp6JrlMmjQlc1AGmDOssZ-9u34EXGiar1xr8P-52p0a9usDoV-sUZ4XTuiz8VeTx1deKC0m__rgocNfaVUaNj1DKR9phc1LCxsRj13nHYxttHuqk7aA9_ODHCAst_zKDUEtBRsNI2Tz4bOwvm9Cv7wX_Ux7ox_NzkQLw_bZ1_kQpLZrPjfDvRIcgagWh84c-OWe0oBqq6dRnmnrc9MUzNHD50FqJX4fZRg0CCcEAA6Q4HqSpRhjdLBvqNBZmW6Nh07cY2Qph_scKpv8xlP-B6tGeXV5Pfs4tz7HpQfWMM0F1daYz9T3fany5mKQ4Gn5rXKXAclyd-Rq0D5vuZq31WhmA0KzCmvo7b-z75XiD18KeqgBj97WuplZF8Nb88Orm-yy7hIcJsjYyUyWE91KIsTxT_ZhgPHrqwoVMFlCzeQVzIrXKiW-5qS6N8GbjzkcmWdSpyF0eTsDaCgyXtgY22x50nQC8fAQGrTHW0tI1DVHMeKpCXBimEM1sk-tkqpRQyGw9JyniBBR_3aBYpgTxRq2NZJyO6gzt5P48VI45vGxYkZQlqh7QUCfjSfzJ1o5xWCWWmPaq-_PtTTAFCWveCkk7JI25Kclv_mKCcjAB1VDyrpyVkFeP7mcdtBe5_2w8c6MWIDftkU87yrlu5uqNGlCweE1q-nXlYZ9ZtdBcOVGGYLvglCjhdswjAdccePTZmPGkaitNLXtx1QOPU6MO0Sc2_tEjPdRbCbTcrLUzV2hMiBqmn8lQBuKLUaUhAXKmU-AZBQgZJIM0-DUm4fP6bBuHSo-wEdfLQ8-7Evi71eRf0k0vlM-iXL7nqsSj-uNyUdjQpSUDKKHhVkK5VndU8ZVkpGo9fDcvyvTI8B1ooJwJzFyapzSfTYvMg3kafZcmYnNGo0DKxz1jOhhaw5oBwk4ZclY8IBkvUXU3dip-iCuuYFT3yFdCcBJzt9yBdE3TN9tGtXdOktNZfvfSuWVvC91sbxufE0jsUOAjCjgnOnE15rqvncqpsU3wiAQ9HdsB0hi1zSbED6I7-NaV8FkI2VHWud-cD571q_5VkBUYEIE8cF-9Vaw-lYqm6yypE5Pqa6ITxDu2qlW0rLyyElC_YZxW4pYHybJrTQC5x3B1toI0PUzKSJ8j4vl4vjAPaS-akrI7uDVWn8chpE7XpsTkrXJHZbP0o9q-cWONpEXo_ZRi9WwHlSKfpUq-LhdSftpOt9F5ky9KFN7_lV4eYUKimYAUHDNhwu1C88OaWLvTR9mLIlen3zjWpZRgR6NwI__9KKEObSTg61STny0MVpUr7JEc5NOgsDbX8JnyHKSqkfTiEx2lsEZMiFEinG2SDbdBwT6K_g9zFoPSPOmEDjlE3lJLzPxXOfugz8ZlIAhUxEcb9OjyGmSxEgdDKt-LTQ-ucrNfwGR7JtJ3rDPidjhIg_zfcYxl41zP0vIrZKM-6OP6fAWD1v52B5ZNHGyfloXtK4EsZeyeExJ8s12NYUwJbAhZVaahp5U7Q3cdGd9ZnAG5IHgml58V-kh9aV5PZKujKHqMy4-QKQInQ9VN6pWqqyUvEKfBW09SVnHt8jrsHIXnziYArIQsXlpJU7i4_0sq2vYAZoQ87mTeQe3mOw51Rbo0V05Vw4gQcr56mm7VS74i_woGBber6NUlfsVCoOzvmwM-EPAKdpOr0lQwybOHwo5lNPYA6e0uEsNNiRy5e8qCnK_Ek_p3Hyop76Mm9GKqJbFiN08VDjNecASGuBITB-bFFALkYsHsHlAllQGJaELTt4yoX48ADXgXTEvuWxSwmzmRGJgjF-C2N4SOB0MfNlv4LmfPE_dajFcsMQ-hP8ZYQOrNttF2o3BcQr6_MvqKf_rLu9SrsqrNUO9IEee9xCVntFZ7f3gsb0kl0mz6kUOMi2IlDbHrbnKC7gNKiv31VIJxxHNi7mS_P44GslKQ550hEJHyXPknkm22ddxbtnm9hnehunB1zJEOAOX-3TdPOGR4Qc0bB3wgW28qwpQzLlI60w25JeylnU5JybrGMo8VIMMfYyFYxsfVjdSkB4UtN-IgTJxW9J_2mVyqE-WVO5QlUZkDttbPcEB7IJqg2Hgmei2vJa5rz99VXzbBO9_SpE_cXQcsozOXlAS37CZOSQnOsVbgcgbHcNdLLX9gxaRh-uYC6YVqh61iZbhU69BZYcpkRDOmqHhIrMGOrFKC2W7vDdDaqDBDwNw6HPiCtjZLXtBVKbfBSNyNVQ-KUgrwB2eWdpUdpHe2r7XJSF4xu59gdaBDJCgEpxkqGMSDuFI--Z8iNLVIfN6_tgvJLAvOe1tr18f3PSOsej9nz9RcxTo3eOn8_VVvSJgZ26zCBFg83u8jmyr6Z_ScgG__Jgovq_lybWL0WR-JjTyLiucWioJScUNek7F0wUgn50iwsD0fLc3Jsp5jLyY2Pu8BubnrQP_rfnu7Yn4Kv4FfqC7PrRJ5I1aDeZJXYm4NtRM8kAaqhSO8LihfBifxI2YyGj9zsuPLzsCjnE8GCRWHp103idG9c6gkRzx41NV2GyEqRMljZzBcvj0GRe-iZ-quyvqmMAMxki1d2YyH2LnkT03-IaOqL7n551Lyc2A01D3b9gs6dep0TLdMZEvtVna9u2YG3XbydSHTmgku5ZUT8xlOEyne9MUtLVuy7QxC-T9xl_BoqiwY0wgbvWmUcxbkC9TQlVorQUD15ZXCm2O0PsTsdCNr8NfULYRywo8FW7nhbGfQvKcON0_dS3gnD5XomzZ4WLQKp4mAZRa-iKl8daOQ9AtX45crukaqMwyvEq5xWhDKwj7llZioNcToRM2FU22Npl-WRfPnod0ZOtoQe98HAF0LN3qWoGgzVxGxctsZuy0db0nfLlloVPWaNHjT0NBVV4V1M1l5cM1XB4nas4ryWK5bfSA3ip9MyZkmzCX0fCsES-OdZl5Qp8TxFcxrhbbDpxoy5LKjfwqHq-v-ClwB7ddBinp-zOjUz7Zvs933bqHp44GO369TeAMuu1J93YGdvmr5sq0DzTMpCP15lYUCdmHzerTRabfF02n1HPbr_itdYE_Dw8a0hnGb1t79R6axmt9pD2jxu8NpT2ZNkv9z0xFRvB9yJFMNiQNGANgCIscYXD1JBYM6m-Ve8uCxf5lfJVzeQ&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.cifraclub.com.br%2F&ds=l&xdt=1&iif=1&cor=12486868328248822000&adk=3944675603&idt=106&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9b2ddb4fdcd73f55a03dcf4e1b5aba016bb2713c61f115673381945de7e07ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38582
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 260F 0
20 B 57ms
57ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9376529366986&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 260F 0
20 B 56ms
56ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9376529366986&version=m202309260101&ct=77&x=1&cor=14075709654430970000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 260F 34 KB
19 KB 59ms
58ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEBndgbq96Ci2bkfNbbJRnVzDLVFWjo5aQvGrn0Qln8vHjtqTMU6O8Xa_w5J6UbBhX2F6MKjxNXomGYiU35ijl1eOeSKWsxPs6iX8juvN-OvkjaSzaz_UNgW9QCW4ORmLeZGUPb1t45c2Im0FeDbueuKXNqOoEYzAdSeHaujppcCnlqZ0&cry=1&dbm_d=AKAmf-DXgqu3A3Jm6Xij7S9MLa2mzeqU1BTqmcD9ImhunZs88Ioba2Hcvfj510nS1KsDmQiwIRfS5_dvJkHShEPZmDL1zUrupxss5uAqQB0bpJGizaVgVRPglsaqFeYdMENm0a2CQvACXgBqsg82slVsjpDJYgVaEBAUuKZR68jmABsAaPoV-1CQMwnFujpocUQad5AM1hMA9jERMw9Fa9n1P42O6ixB9PJo-Vvdf-ceXK21IDTIDGYR7O5lNC2wxAW8ehpLtqhzHoK5ounuuUZWj8xlOrfJCRNPVHry55_GbwApJBXkYVwXYj3tUHwFmsO9j1mU2ccpOABMgUSSel_0YzkfPCjvpizJtHEEjMqA26uqQk32eq0EoVon7G4BSwFcO9AZ8pkhwuRnKfDBvX4F0Kk-2SeW5F_E6FNyGEXCj63FDLqFah-8v6mRy3U1ULgdRclqZchfsFZO1smF2rSzsKfR4UFtYyAC5rwUT7MlsZLQf0IXdwAY8b8bM-r5iwqjqjZ5zEEP6o33RjWTKFayVM_C_CrfKWtd5WKwsM2kTnqpLhsJFwAi9VlHXq_4AL6vlSf5xrmWj4wpSH16sVgMottPNfaXlrxwnv_YEELgQtcWTojb1oiYLSQAxS1hRPC-JI7TTSRaWmb3HCtypGTqPwSGU-NybK8rWDXHmS16j77red33_OVhM9RKr7qH1xg6YJyIEVY7tZ_oqBbJ6w6OlE6345-dr8m_GDlk0AAIXQqlBuIR5aylvp_ixu7ocnbTctWYccgzIlP18weyP1Cc6uGxI4T57H0zRL9g2oqBbcOa6YPsnmKwZ00TLJm8UfFc1NJd1fI2o1yhx08U_UEqv-1CyQHNOlyov3Fsm5Ksy0EbR7jFaV7fHyUa3bYogV3GBPAH96jxja3INi-ULVU6fJNoHSCxgmSkln5uN6-MolqB5rqknNoCcuG7Cc2xfEVIOlVSJmoKQvAUqkmGkT8vd6xjwko3Q1VeNVGSXMOQNMsTtVAA7_48zseIHejXV4trIcOOwrVCegs6XHZnp7uwtb4pD94HvJPAyXwpt4c43Ph_CDZwSg1iLhuUMtGlWh0xVL3L8GUgpOqJ3eQ2qTYvuFW__71SfHhHU2uccUfNseSK0uBDpr-mosR-K6s1benYYaIdGCATQvhcfArR_rPFqyh7m2Mf7lNMKDrYhGT2VdcHBAHLDzR7w79eaQQQuHef0bRfh1Vc9A8i10lhxwcsYdEAp0ARS8BXnSB9lTa9LkxNnFMfiunXbEeIOmTC7xS-bE7W1C2FnWPScuPWeNShdwUwKtbHWOB4a4L1ILm7ZvgPBsDGmv9Gkmax2x8599VIQ6wL83kv6qq_vfDKWa5cL1cRotKhdna3vamfRzOS0V80kyrfIpibiMUxDBipaf_jxJlTfwckj5S1fatl8smikBVAKC62o2SG34YCg9fcYk5ZLoHlKJsO4LsYKioRwPirJS3hWu-7zi06Ns8371Yr4humHDGCNpCpB1ybS5eA6WcBK3IGZQsBob_RbwBLD3AVlYxgfjlnX9wrWx_cc_nSAdG9RokormH_X0yQwwrg4rCKZgPzPF46IhFj95_aQVMpLbuhMhHs8ukr4jIhrsWC_vfIpMIzclP0sULZOGbNoYVNRlP2WpGDvGjS_Gfo8wAhL4Lk3RkiSlU2cFtiMafDAEdUG_BzaXwJAZmllrxfrWtD5-BEzlTLAu0bS2yGdPWBXTMLCawKxCdL9svmO92c8FIS9srFkY_j63YaLXsO0EdMk4rLy9R4NenIusocSLCkZIxBROn4xivAK-lJeU5cFk4fJidn4JlQWTfEPBIN-o7AgUQeZ034wbiiHB1mRDvawe_xnEeYuwCz_WDBTVH2T9IrDCtr8Bu6D-mKLuKnBzFOIz8m9fSbOeWZOoJnUM2HWS_naEsZB4gVowuL4fKpnXyf6ZdxNBwKyWo4Os33CGC9ISs1INVNGe5fJhqCfA3_xnvwIm18vT74D1iFEV2g_-ErccWh7nOAlGtK1Q203hUZQLEwOu_1tLgrZe3D1iSvvcaxDp5x01VyfY0EEA-t76lAboWjgoPjdfGnpMAhZG_sWHY9HZTjR_CoIc28dsPZaFK3EQmU7VAVU0mLMaIBvVFUlSqVCEplCx9-WOCGyhxDXFLDdApv6eAuAZCsVpOxJJF5r2BiqrN-p22ckpG6H5SmiqwmFW2mFxbOfsbvMmdrJuocQkccKsQnBWnEdIqqO2hLKMx6wPEk5pdyO1f9ZP-VqypisH6UFLjwnde3Dla2agmGZnqZERRHgoL2b-W08xejYfrIhHtS9Ny2sV2abWxY4mq91ZuxJtjuagfL8P1tlgpTpyk0bnn17_UcaQbTnH_OIMD_4a7jiJdgRcuuYaCslrPH36P7MQf1I5WUAph9_cFYngF9HvXEoToH4ovIOcr_vIKyMrYG6c3e1L5HJzOX9qf-XOAuYDF3u1LzfcSvf5c6ZmnRv6CbWIESNRKUuOK5uiSLVKpLEnA03AIeIHFs9MBRaSQPBYj6_f79pXj0WwFbCWuglgZw0iUyjn9Mg1VVLjldBAQGkL2ZLHBmiGAhXgUr-7PMxJVFRcjOyvNknl1z9ngwhBCXzBkTVIxo0oRwANoqpBv0KdYqV14segRH3DNWiThgd4mHMX75wSxlxafWvjVb6hAA4S2TrDuv39R5fxnP-LeOs6vgtFiJdh__-EU55VaUQ9DeKNP_npokUgUFDYSQ5xv1nIpGFUd_LrmRz0M7d68xfI3IrKxiUnUAPNV7dKN1u5RNZGeAOucoBPtUUOn9uZXnhjkibX_3_if_GPtgLBV6p4A6eD0ep0M4JekmCKiREP1iE3k_FtAHdbhFEz89uWPXdxoLO3D3oY5RY1EK4NxtcnwJBF8bjTpY-DVku-PQBq1df51bP0NuCoZ475ulzGqTtgsSihHooQfkYfG6lLUHHpI45JLXvNbEAUEP1DM3JRDXTJrW--YAUIY6BlLFFozOXKOkVQohjy9lvsAoCssofd6QEOY47EitBKpNQjaw_ZLGHCVfHX_fQ0AWpp2RRv6cz0mgV74j6Duc_JvCxOXwmTQRGgvokj1Uvbs8VWES84SRH6oi9By39bE8u7PUCrJm2TfilSWZdYbCZWNg6CIzhjDvp1teP5ZUpoLMVj-JNSObu6oiwm6us7Ebx8yIQGIZzqq6AeqV6ljHWB177RVVnaGxMdD_0JYDXiRMWBGPx8bP77tOjZywxwsfrX1qdFcd_8FGEu6WNBjd7fe1nsMRo42NpQhKiWzD_Sgb69DtwB8-wqZJGSZKudjvW_mST51DG0STaJi7WZv5JKMDvGst_xR-00iSbcA6Z13pyjv8cRlQy05oZSSLq-_viHjZwy6hL7sRBtOeAz9MIYGPqSbYwqWhQLPEbXiyELJNtzP9vit9BXxFFo8qokdrspje7j6v2phMOGTzsO3BzaodalLnzDqCl8yUBDwrNZELep01c6dhwuY64eHoRHII68flqbOYytFm3liJDnuqwoljRot8AlCaC_JXBdVkWD0tpUHKOtlG02SmYI1MjSGLH8SB3iADGxCqWIz6CGVU9WFzwOXILkwtsXP-TeiudoBuXW9_FG9CS6gvPXfqs5WsoGLx8z3Gu3WYcjOEXAlQWBrLIc0JQx3xMh4X3sujFTux-TNzuMfFgKnFBBFDqM4zVzVjAtplJqE1pL-IABgINa_X9VE-823WLIVjXqVD7g5ZE-uOcYy4jAdvRKgV6ZHNxNGKLDuWdeJbURI9fJNp18D7PoQuP_sn5HdZi-JmYLfc4S28XdjhzBiCPj_jQ2_hs352Ioy27P1pwWcDeLX9ew3BNqZDkcvTeIgTJH70jn3WVG5rkPWSyOOn_mr_CBIgQ5JOleyLg1Rnk8zqs79GxOpqpplMqO9eciYncF9leMI9YDr1EO3gTcriol1JNEYTVyGw_zFEc5u07uAkIlHZJddtwbBs7kmZju73EXlVl3ttYJNftJbBjOR5ey9Uvm6PW_R8LnVta628Iswf_xPqHouoMxFvS_2UmasSJqrBeO87JqHS6WCZq3PMOwmgr7z6-wr8rpLg-taJqVzhIrGB-hGs&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.cifraclub.com.br%2F&ds=l&xdt=1&iif=1&cor=14075709654430970000&adk=943508964&idt=110&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c4ce0ebaf10a8b63b71e222dc207851b5c5e69198a84ee393c4583b1d63cb640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19935
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6E9C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwRydECUgkJoVIthPn-Dpc&google_cver=1

43 B
97 B

35ms
34ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwRydECUgkJoVIthPn-Dpc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhi16Kn8ATAB&v=APEucNUwQ7VeA2PHi9uvsRUk0AwB1xi7CO4h3Aceog7pZ7mwlihDO7JvBJR3wPs_NsayMHPK4lWW8MZnGvUNnxtjsggOUVvec5lU-DUWahKee4V-TXfnQpFfUDXxnrtbnHzHNEw2NER7H08QhXm4nLwgNXLGO4NM6rMsFVP_zEbcnf4feTNALd0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwRydECUgkJoVIthPn-Dpc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 6E9C 43 B
111 B 55ms
35ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhi16Kn8ATAB&v=APEucNUwQ7VeA2PHi9uvsRUk0AwB1xi7CO4h3Aceog7pZ7mwlihDO7JvBJR3wPs_NsayMHPK4lWW8MZnGvUNnxtjsggOUVvec5lU-DUWahKee4V-TXfnQpFfUDXxnrtbnHzHNEw2NER7H08QhXm4nLwgNXLGO4NM6rMsFVP_zEbcnf4feTNALd0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 6E9C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENyFobyaTrdE4B9OboyBr5I&google_cver=1

23 B
163 B

102ms
97ms

Image
image/gif

2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENyFobyaTrdE4B9OboyBr5I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhi16Kn8ATAB&v=APEucNUwQ7VeA2PHi9uvsRUk0AwB1xi7CO4h3Aceog7pZ7mwlihDO7JvBJR3wPs_NsayMHPK4lWW8MZnGvUNnxtjsggOUVvec5lU-DUWahKee4V-TXfnQpFfUDXxnrtbnHzHNEw2NER7H08QhXm4nLwgNXLGO4NM6rMsFVP_zEbcnf4feTNALd0
Protocol: H2
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sat, 09 Dec 2023 10:03:35 GMT
pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESENyFobyaTrdE4B9OboyBr5I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 6E9C 23 B
163 B 274ms
260ms Image
image/gif 2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhi16Kn8ATAB&v=APEucNUwQ7VeA2PHi9uvsRUk0AwB1xi7CO4h3Aceog7pZ7mwlihDO7JvBJR3wPs_NsayMHPK4lWW8MZnGvUNnxtjsggOUVvec5lU-DUWahKee4V-TXfnQpFfUDXxnrtbnHzHNEw2NER7H08QhXm4nLwgNXLGO4NM6rMsFVP_zEbcnf4feTNALd0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sat, 09 Dec 2023 10:03:35 GMT
pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BBF1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwRydECUgkJoVIthPn-Dpc&google_cver=1

43 B
97 B

38ms
32ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwRydECUgkJoVIthPn-Dpc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIY2KOt-AEwAQ&v=APEucNUXxmHRVlDqsMh7UDz-Dct2pkUirqTRl6DxeXd8xW_bUP68FjTYzzk4brFcOki27v70JwmPLYBJYs9B9sUj07OZoEcy-eUPCehnhYjpuYljOjMJ8_afuXjjcWWKeZu3IFUZ9VgwqpywCqsRL92TJPpL1LNJA8AQRI8bo9LYjjQUP6En73Q
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwRydECUgkJoVIthPn-Dpc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame BBF1 43 B
111 B 52ms
36ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIY2KOt-AEwAQ&v=APEucNUXxmHRVlDqsMh7UDz-Dct2pkUirqTRl6DxeXd8xW_bUP68FjTYzzk4brFcOki27v70JwmPLYBJYs9B9sUj07OZoEcy-eUPCehnhYjpuYljOjMJ8_afuXjjcWWKeZu3IFUZ9VgwqpywCqsRL92TJPpL1LNJA8AQRI8bo9LYjjQUP6En73Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame BBF1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENyFobyaTrdE4B9OboyBr5I&google_cver=1

23 B
163 B

97ms
96ms

Image
image/gif

2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENyFobyaTrdE4B9OboyBr5I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIY2KOt-AEwAQ&v=APEucNUXxmHRVlDqsMh7UDz-Dct2pkUirqTRl6DxeXd8xW_bUP68FjTYzzk4brFcOki27v70JwmPLYBJYs9B9sUj07OZoEcy-eUPCehnhYjpuYljOjMJ8_afuXjjcWWKeZu3IFUZ9VgwqpywCqsRL92TJPpL1LNJA8AQRI8bo9LYjjQUP6En73Q
Protocol: H2
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sat, 09 Dec 2023 10:03:35 GMT
pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESENyFobyaTrdE4B9OboyBr5I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame BBF1 23 B
163 B 144ms
130ms Image
image/gif 2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIY2KOt-AEwAQ&v=APEucNUXxmHRVlDqsMh7UDz-Dct2pkUirqTRl6DxeXd8xW_bUP68FjTYzzk4brFcOki27v70JwmPLYBJYs9B9sUj07OZoEcy-eUPCehnhYjpuYljOjMJ8_afuXjjcWWKeZu3IFUZ9VgwqpywCqsRL92TJPpL1LNJA8AQRI8bo9LYjjQUP6En73Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sat, 09 Dec 2023 10:03:35 GMT
pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 260F 31 KB
12 KB 30ms
22ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEBndgbq96Ci2bkfNbbJRnVzDLVFWjo5aQvGrn0Qln8vHjtqTMU6O8Xa_w5J6UbBhX2F6MKjxNXomGYiU35ijl1eOeSKWsxPs6iX8juvN-OvkjaSzaz_UNgW9QCW4ORmLeZGUPb1t45c2Im0FeDbueuKXNqOoEYzAdSeHaujppcCnlqZ0&cry=1&dbm_d=AKAmf-DXgqu3A3Jm6Xij7S9MLa2mzeqU1BTqmcD9ImhunZs88Ioba2Hcvfj510nS1KsDmQiwIRfS5_dvJkHShEPZmDL1zUrupxss5uAqQB0bpJGizaVgVRPglsaqFeYdMENm0a2CQvACXgBqsg82slVsjpDJYgVaEBAUuKZR68jmABsAaPoV-1CQMwnFujpocUQad5AM1hMA9jERMw9Fa9n1P42O6ixB9PJo-Vvdf-ceXK21IDTIDGYR7O5lNC2wxAW8ehpLtqhzHoK5ounuuUZWj8xlOrfJCRNPVHry55_GbwApJBXkYVwXYj3tUHwFmsO9j1mU2ccpOABMgUSSel_0YzkfPCjvpizJtHEEjMqA26uqQk32eq0EoVon7G4BSwFcO9AZ8pkhwuRnKfDBvX4F0Kk-2SeW5F_E6FNyGEXCj63FDLqFah-8v6mRy3U1ULgdRclqZchfsFZO1smF2rSzsKfR4UFtYyAC5rwUT7MlsZLQf0IXdwAY8b8bM-r5iwqjqjZ5zEEP6o33RjWTKFayVM_C_CrfKWtd5WKwsM2kTnqpLhsJFwAi9VlHXq_4AL6vlSf5xrmWj4wpSH16sVgMottPNfaXlrxwnv_YEELgQtcWTojb1oiYLSQAxS1hRPC-JI7TTSRaWmb3HCtypGTqPwSGU-NybK8rWDXHmS16j77red33_OVhM9RKr7qH1xg6YJyIEVY7tZ_oqBbJ6w6OlE6345-dr8m_GDlk0AAIXQqlBuIR5aylvp_ixu7ocnbTctWYccgzIlP18weyP1Cc6uGxI4T57H0zRL9g2oqBbcOa6YPsnmKwZ00TLJm8UfFc1NJd1fI2o1yhx08U_UEqv-1CyQHNOlyov3Fsm5Ksy0EbR7jFaV7fHyUa3bYogV3GBPAH96jxja3INi-ULVU6fJNoHSCxgmSkln5uN6-MolqB5rqknNoCcuG7Cc2xfEVIOlVSJmoKQvAUqkmGkT8vd6xjwko3Q1VeNVGSXMOQNMsTtVAA7_48zseIHejXV4trIcOOwrVCegs6XHZnp7uwtb4pD94HvJPAyXwpt4c43Ph_CDZwSg1iLhuUMtGlWh0xVL3L8GUgpOqJ3eQ2qTYvuFW__71SfHhHU2uccUfNseSK0uBDpr-mosR-K6s1benYYaIdGCATQvhcfArR_rPFqyh7m2Mf7lNMKDrYhGT2VdcHBAHLDzR7w79eaQQQuHef0bRfh1Vc9A8i10lhxwcsYdEAp0ARS8BXnSB9lTa9LkxNnFMfiunXbEeIOmTC7xS-bE7W1C2FnWPScuPWeNShdwUwKtbHWOB4a4L1ILm7ZvgPBsDGmv9Gkmax2x8599VIQ6wL83kv6qq_vfDKWa5cL1cRotKhdna3vamfRzOS0V80kyrfIpibiMUxDBipaf_jxJlTfwckj5S1fatl8smikBVAKC62o2SG34YCg9fcYk5ZLoHlKJsO4LsYKioRwPirJS3hWu-7zi06Ns8371Yr4humHDGCNpCpB1ybS5eA6WcBK3IGZQsBob_RbwBLD3AVlYxgfjlnX9wrWx_cc_nSAdG9RokormH_X0yQwwrg4rCKZgPzPF46IhFj95_aQVMpLbuhMhHs8ukr4jIhrsWC_vfIpMIzclP0sULZOGbNoYVNRlP2WpGDvGjS_Gfo8wAhL4Lk3RkiSlU2cFtiMafDAEdUG_BzaXwJAZmllrxfrWtD5-BEzlTLAu0bS2yGdPWBXTMLCawKxCdL9svmO92c8FIS9srFkY_j63YaLXsO0EdMk4rLy9R4NenIusocSLCkZIxBROn4xivAK-lJeU5cFk4fJidn4JlQWTfEPBIN-o7AgUQeZ034wbiiHB1mRDvawe_xnEeYuwCz_WDBTVH2T9IrDCtr8Bu6D-mKLuKnBzFOIz8m9fSbOeWZOoJnUM2HWS_naEsZB4gVowuL4fKpnXyf6ZdxNBwKyWo4Os33CGC9ISs1INVNGe5fJhqCfA3_xnvwIm18vT74D1iFEV2g_-ErccWh7nOAlGtK1Q203hUZQLEwOu_1tLgrZe3D1iSvvcaxDp5x01VyfY0EEA-t76lAboWjgoPjdfGnpMAhZG_sWHY9HZTjR_CoIc28dsPZaFK3EQmU7VAVU0mLMaIBvVFUlSqVCEplCx9-WOCGyhxDXFLDdApv6eAuAZCsVpOxJJF5r2BiqrN-p22ckpG6H5SmiqwmFW2mFxbOfsbvMmdrJuocQkccKsQnBWnEdIqqO2hLKMx6wPEk5pdyO1f9ZP-VqypisH6UFLjwnde3Dla2agmGZnqZERRHgoL2b-W08xejYfrIhHtS9Ny2sV2abWxY4mq91ZuxJtjuagfL8P1tlgpTpyk0bnn17_UcaQbTnH_OIMD_4a7jiJdgRcuuYaCslrPH36P7MQf1I5WUAph9_cFYngF9HvXEoToH4ovIOcr_vIKyMrYG6c3e1L5HJzOX9qf-XOAuYDF3u1LzfcSvf5c6ZmnRv6CbWIESNRKUuOK5uiSLVKpLEnA03AIeIHFs9MBRaSQPBYj6_f79pXj0WwFbCWuglgZw0iUyjn9Mg1VVLjldBAQGkL2ZLHBmiGAhXgUr-7PMxJVFRcjOyvNknl1z9ngwhBCXzBkTVIxo0oRwANoqpBv0KdYqV14segRH3DNWiThgd4mHMX75wSxlxafWvjVb6hAA4S2TrDuv39R5fxnP-LeOs6vgtFiJdh__-EU55VaUQ9DeKNP_npokUgUFDYSQ5xv1nIpGFUd_LrmRz0M7d68xfI3IrKxiUnUAPNV7dKN1u5RNZGeAOucoBPtUUOn9uZXnhjkibX_3_if_GPtgLBV6p4A6eD0ep0M4JekmCKiREP1iE3k_FtAHdbhFEz89uWPXdxoLO3D3oY5RY1EK4NxtcnwJBF8bjTpY-DVku-PQBq1df51bP0NuCoZ475ulzGqTtgsSihHooQfkYfG6lLUHHpI45JLXvNbEAUEP1DM3JRDXTJrW--YAUIY6BlLFFozOXKOkVQohjy9lvsAoCssofd6QEOY47EitBKpNQjaw_ZLGHCVfHX_fQ0AWpp2RRv6cz0mgV74j6Duc_JvCxOXwmTQRGgvokj1Uvbs8VWES84SRH6oi9By39bE8u7PUCrJm2TfilSWZdYbCZWNg6CIzhjDvp1teP5ZUpoLMVj-JNSObu6oiwm6us7Ebx8yIQGIZzqq6AeqV6ljHWB177RVVnaGxMdD_0JYDXiRMWBGPx8bP77tOjZywxwsfrX1qdFcd_8FGEu6WNBjd7fe1nsMRo42NpQhKiWzD_Sgb69DtwB8-wqZJGSZKudjvW_mST51DG0STaJi7WZv5JKMDvGst_xR-00iSbcA6Z13pyjv8cRlQy05oZSSLq-_viHjZwy6hL7sRBtOeAz9MIYGPqSbYwqWhQLPEbXiyELJNtzP9vit9BXxFFo8qokdrspje7j6v2phMOGTzsO3BzaodalLnzDqCl8yUBDwrNZELep01c6dhwuY64eHoRHII68flqbOYytFm3liJDnuqwoljRot8AlCaC_JXBdVkWD0tpUHKOtlG02SmYI1MjSGLH8SB3iADGxCqWIz6CGVU9WFzwOXILkwtsXP-TeiudoBuXW9_FG9CS6gvPXfqs5WsoGLx8z3Gu3WYcjOEXAlQWBrLIc0JQx3xMh4X3sujFTux-TNzuMfFgKnFBBFDqM4zVzVjAtplJqE1pL-IABgINa_X9VE-823WLIVjXqVD7g5ZE-uOcYy4jAdvRKgV6ZHNxNGKLDuWdeJbURI9fJNp18D7PoQuP_sn5HdZi-JmYLfc4S28XdjhzBiCPj_jQ2_hs352Ioy27P1pwWcDeLX9ew3BNqZDkcvTeIgTJH70jn3WVG5rkPWSyOOn_mr_CBIgQ5JOleyLg1Rnk8zqs79GxOpqpplMqO9eciYncF9leMI9YDr1EO3gTcriol1JNEYTVyGw_zFEc5u07uAkIlHZJddtwbBs7kmZju73EXlVl3ttYJNftJbBjOR5ey9Uvm6PW_R8LnVta628Iswf_xPqHouoMxFvS_2UmasSJqrBeO87JqHS6WCZq3PMOwmgr7z6-wr8rpLg-taJqVzhIrGB-hGs&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.cifraclub.com.br%2F&ds=l&xdt=1&iif=1&cor=14075709654430970000&adk=943508964&idt=110&cac=0&dtd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:19:18 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 260F 41 KB
14 KB 31ms
23ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjExNjIxNTM4MDc5MgogIHNlcnZlcl9pcDogMTI2MDYzMjc5CiAgcHJvY2Vzc19pZDogOTczODk4NjI5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDU4NTk3NzQK...
ad.doubleclick.net/ddm/activity/ Frame 260F 0
22 B 70ms
62ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjExNjIxNTM4MDc5MgogIHNlcnZlcl9pcDogMTI2MDYzMjc5CiAgcHJvY2Vzc19pZDogOTczODk4NjI5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDU4NTk3NzQKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3ZvZGFmb25lLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDgKZXZlbnRfaW1wcmVzc2lvbl9pZDogNzI2OTcyNDE0NTgxOTQ3NTQ4NApkZWJ1Z19rZXk6IDEyMjk1MjA4NTYwODQ5NjAzMjYwCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wOSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDU4NTk3NzQKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNzY5Njc4NTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDc5MTM3NzA4MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxOTkwNDY5MTc4MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDUyMDgzNTU0NAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly92b2RhZm9uZS5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL290ZWxvLmRlIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vbGlvbmdhdGUuc29sdXRpb25zIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xdc61a026a736a1aa0000000000000000","13":"0xa98e253607a781530000000000000000","14":"0x4a2acad682adab0b0000000000000000","15":"0x75b903d9ce2f5f1d0000000000000000"},"debug_key":"12295208560849603260","debug_reporting":true,"destination":"https://vodafone.de","event_report_window":"345600","expiry":"691200","filter_data":{"14":[],"21":[],"8":["5859774"]},"priority":"0","source_event_id":"7269724145819475484"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 999B 31 KB
12 KB 24ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Do0mRlCxc9KgrnVQe-0J-j7QgnYWJr0ZwiBdfNfRE3z9byfrupnfeph4dLQ8Jrs7OVnXA7PlfZ8sS4DHcp-SXYEHeYiZjJoSJ6oN4BRjaR8monHxp7RLFeGcIIXOPMLfPgKF8AUasEYYw0zugqyAbmggimhpVM4mZluewWHPOe3MigTEk&dbm_d=AKAmf-AyK3EsDiUPtlPmXGZih9__XQZvQ3VLcL0hUrDbVql1eTvoZwJWfQJnik6MQWgT7Y6F2tfsNddyN2z3UdjIo6odvdzIkCyE-olqQ3wzjp1Ns4CMqb5TgKZWOjKBdVHbRs1acK0IrWgJuaggKVXABHmRq6MTfDT3OWbnsv_LNA7znlwpZz1jGWKgISaeAGc_W51wOfOFgk9R6SxtJH4dotbWC2mWqweomEWZPrgFloeZOeejC2P4-TLXZzKLr1An3ecG2yrrzrTxK4xGDBDOJCOCY-J9oA3PCJAO6q25IQeXjFLDVpsSneLLk1UBkRSMQQ1ZW0fzKMiQUXNOc8xeg423kDztHRzk_lJQa1zE4xIYpbfRAJkn3Q8wp4CACMurApCuPGnQrP5LxaDnCAoMzAzU1MvCFbJWho5wA7l9GqBL591wkeShRhvstAQz7YXihzJ3N4Tlf2bFrI5ebdMo_Vb_t31em-PMdQnDY5bIrnHVcorD0A9IWnihI5jtni6mZZisPA0Kxiv7UIzN76NNowLnjZxibW9RA1ZiaR0klz3m8UKLQCUIO_JB6_YjU649eB2_edN1M64m1y5XCueVLhB9v96etPhSvejzDN0QBAEP1qd_Z9jzWb8THZGd8ZhARHeZrbXnT3WCubLD2WKDqkQ3PcfVckewfBIqil5sxF2fy90RQNBro6KSzHIPN2zEHOpOuTw_KZxOGu7UvuVLbAdavp2owpS9VuBxCjGIskao9oEY6cj80QMX2BG1j7TvvsPgUiIaiSFnrnd9ENFyj4QDnnixnFrRdH4W4HFpBzcyQCt7wrs36pRM08Yf9m7Xe0wS3E2iPoA1428ZhChCIN_o96IiHsPcFXbpZbb0EECrpSBB7t8FYSAhCSLwBhRDaZJ8j0E7P5oSxrOM1ngnOKpkCwRWLSizyG0Xx3JLNoQGQC8odbLPJRQFyGoVMOyf8CX-ocvGHkcdIPOB9JPECruud_OdZ4YnfoyyB8AaZxTHGn21VHetGS-oxEBsnFXDW8cOV_AAOpCmaVPZaZxlS1bVT6IWIzsKIQ3xoBBFVdnLdETMj1B2xit_75Np9thdCBjbXnNWlyOopENKCXTagm8waiLBAYZgWV2ydBB-lNPpnuEf42ifuy1rTs8fBF3yPgm1fQaDNfavE_0RQOQjkWx29Lw03_bGPhgL8BFhQ_nyOtkvybjV_vx73H4xFw_qxcgQ1qEgAOmc4sxmafXA_SYUF0j6-fIbhFEikYnh49PgpvvgGFD7Av6mU38rY0lb18lPuy8aFNcWSoG0fZZ_1ZEK_Dqi_1sSlPqkKEApHB631IoqAvilfT-fYxhnrQfhj_xm7-oJwa6YXSZj_d6btu5tC6FN72xB3FbwS_Zx9ka_CxeTqSAWfj4pq1coor9WVqLUg04XuqM9o5C6w2U7MuOpXjjhbA2sjGbGQTXCkAQOVtbnuzn4OMbCDVi49p2nFloAqgYfa_tbI5YzRpSqBsNWDUIzld62GVzWv4ZWEuEcgHJX1P0tIvCbi9btDv00_6RG4Obgom0WpuIAqXM3v0ZMpg4CZQ5s-CXx-hyuBhXdQkRxubozK_th0vsu_YUp9zeLyAb1UQCfTpX8_PiQQyugOycOq0xQN813eY4R2mIiFoamGTIIzOaUXySuUivaTyN0YBoNDnHtWXdUTlRRjweimYrnRzGiPAf1R_dwlaMJOc93Ub5DzR6lE2FoT0uZHxEiuOl_DAHswlzXhJKYLSjJ3054u3Ai28BMVfaDC9sNU0uej63LeL0tZQWpcTOH9t3ZKJxtISFKMXJUgfZV2MlOyv_vNnsO5g1FEAgeae-LpYn814boVHIliUNo5lugKgyqsaq13qlCCE1wfhNtsB--Rh6zpCjAlSRlSTDmjbDn93Aq2lhaq7k2PcSaGRef31U-FpW28m-nzVMQ4C8ooZYNV46VzPo3nUm7Ls5bl-e-S6NKk5sUNcmkDoHFz7qWjY8NS2kPUqREwKKJCNWE67hk6AgLBy6h1KLUY1xnBaAYAz24TEVbgxoEWXTNzQB5gP-Zf8p_hD5gP0Snie6QZTFTGDp4CRcNforlN5QgzYPDHwhdpmhKkzcT01aZCmovrHxN9Ez5f9q1mFYY_bp9hkd9JLmfsdno38l7QR6oRLg3JreuvAdu5VaHv7mSEYeRmbk0N4G0Afmouwig_1p9JqF7YY6EkqyxwM9MUwN8vx5zC3FOkg7uw5XemWgT_eZPXst1zpd7rHaNzjBosDhUlrJpGz91BvEU1JrfUaiC83pw5m8qmnf2n-prtxja2M--_9ZmDmRjW2iw1CBQafRGHJpmPmlw6jsMFiL34aetZ6BFaImY0Aog6JQKTr4_mtbe06wPZGXqtVmWeWc1k0h0SYfnduzjjs_qDkrwiRK_idoQ3mMt3-34LB7tmq_3tGxVeHH4g9hRxQ7kn8x1Xvu6XIK9-HHGHJ5ZxO3SmTFcYiCoucclJEZsRrlj0CwjQU2_ZkfElU7orUQK8BBE-i3uwpSSEnYosF5dwFxnl0SX6gbZw6junKOLU-Vag9jWK1O7XrHqzuoqvBtXIpbiK02e2Xv47hA3rjeoA1QnH6zrDgL_z3DL9QXzhyYUSPhgPhp1wl4LEWMjjpGtIxvSQAI5wWV1EAR0YzEcosrsXe-XY0TQT1_hKr-izv-ivGjUW-OleFIvDjSjweviQXlTygjkr-cjdpVpUVkjBM3NdbycouppUuoan7Lo4gG30Rr2Jzenr6qe9_TzNufQwYkYtdHBZvCMF4QEsvAbAeeq91PuOyifKxMtnf7GnN7dzlr6LZoNyjPEel7FWv4lc7kFS4YL6dw2KqRdQpTP4jd0nKqmL3KtwDQCdPA8bhux0A8IWnSLEyt0GLOYmViKv6ml2XEDTY9rpOqloc4oyyM_HMYQGpCksAEFB0dW2O2ax1q3oSPNWoaQO3ja0918NF8jDtkT15gh5kIfZrntBKFdLFyWPb9he-4YzKGUuQ_DQJVSzl3-tyk1WvSgR9JzAZtg7Q_uk9_tf-YARN9TxO8q0E6Yi-XG4lh2dh4V9skAUyTUIddeFwD_xRPH3ZoMK0l2R3FgUvXZJKs893HOTszKYpYx2cV3DCyJQ6fDip7UefeWFzDWu8k5n2Xg7xVqD0bVh7vNY4bngjhQLStJIbHwUFY6BXm_mnfmQ8zRkaIdM6vmCGrBKMUqmYHsgHq7gr3o36DE8zZ8FKfWWpRQhAGmAR1G8iJCVRuCGH7v6TYebZP2Dpno1r0Y-uG3kb5IFIoeZ1yB4etygHFeMeLc9TzA1tsKAoiXNhP91bt0YRqwkjd318WUupz5oLvGBxvZ_xsK-Y0_cfuPMIoVQDfAVfDN471z06ZgFHtOLHJIKTCHby3K13r0Vo1cqWXES71PcaaCYRpWgUWS4uu5qtyKrVDo2xDIl_C7E3qIjNxOR73EkO7Q0MIX0gxhJmLx129Xh3mJ5COqrVG1CFx94u8_IvuzJz0vl0-x5X1s3mlySTgaTZ1kX8lDsbdw48UU8cWDiDbNvqBx45lz-AJ-_sdddDWPtzL2BFUcXE9r-7zh0CkQAUnIw1ItXTMRZ6YHnfv67RQKluBwEfSWCS7_Ei4eH8kSI2fasq28vZZoCMLjEt9gtMUoOXbsFiXleictxsuBH6ID7A3VJjUOZJI7zyWWbOua3uLk6eR4sVnY4swH-LhfPe69AK1HfP0p-HnAGs6m99gdK-eZuHWcIxrgV-LsJ4gZtRnqpABsBLo2eAq6LkqIV6j3a1mXWAokQTTH&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.cifraclub.com.br%2F&ds=l&xdt=1&iif=1&cor=11412550731278938000&adk=2857193499&idt=101&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:19:18 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 999B 11 KB
4 KB 28ms
27ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:06:33 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 999B 0
0 129ms
72ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUWzKzU2SdabG-zsKpM3ZGxtZdC-Nqx6IEDDnyQFIY-UYVb-VwMSFoGKVsEp-dZOQ3RpQqsK7lHvaV-wNk414RnRmVWaVlr91STqzGffFZlEsnPBl7fhT5CU1aCut6uDQRxWXK3DQPJ7tQ0F0RTCAbI8vqT1HgaMMFUFjqlRfN6dh1McRNc030o0xE5y82RzNh0ZMbRnGR0SIc4z0ANANu2iEWKK5Ir80Tur1MiSQNHEHrCJQO5Flpy4A2fOI4-s-mS3dgWjX1phwEodAelFU7k56MNIrBASBAKCr1gGDPlXW_9WwhG1sryybNh3BM7xN5hUq8ip0RY5nIaWT8hnlqec4DbWJa_I3HONFdM9HUZhmFnoG3m5S_GVekdBOx19h6Ed0lIu-v0I2VthJMTzg_7C5VvlMagTRgfK3_9T_9UZBx47F79Pibcq2GomGK4SKMrFCcrbQc1iNUIf35k6XPMAxxYU6pagceHWZFf4YLopqjP7sNQ8h4LD7lFcVj2d2iK43xdcjITNE8L4qf_EGb_rM86N0BGnFpP_XDtEDAWj3AForeP2dqA-YQYtHM_R21QcoDWapxg-dB_u7Wh8C-CBxStinxiVSiiYg1zaqc3Zq9YGunskm8GnnnS7LsyLBbkub_e8SqQJrly3a3PQkhpUQEvu2730GMRjGurQ9q3qtcX0-Ye4kTaeu6gHRi8Ur65SN-nL_7PILkZMEvkSjw0fyO8efZySarIs7IHhq8pEYze2g-4Zqnz3fyJC86svBktOctYxEqtNpjkl_5nnGkIJItwqJTr9V5lUeKXrTe5pbNosR1ThLlwX_kV1iYBLNuqz-9yucFGLHaa0znRGTXxkDGJN5l15zZby-s6XtHShsqiHxowl1bI6EFM3KQl_DpoB-Dpx5-XaMxdbLn7Z-WWVOl7k1vqidp6i9ISSYW0dYa56BpMAbT3NSNAyzLHTGzO6p_dleUYk_3LSTC6UDFsMJPU7mz5hq40FzRR-UT6yOgzS2YdCX9kEReip99brqpH1zRuLJttmoYWE4SBYhfl_sVBWy9pz2ceBvTgGOMHciRrUOX8HWCAcidI10lPrOw7wOKAplXvXhmS6bjR2oFnlBYVda_0tbbauimVh9Pbrw-cYH5XE_G73AmHIYbo7l6sSfRTtX4ARmK7cRYgNaYyXHdTIyzB4M-IXytgcCAbRSo4JpsUM_EfD2r4o8i6_EmvNjO3YBe0t_58LxFNeB38TeFxWM0d7xolujKQpHzIHXDQq5goh98scrI5CRNYpP-iS-MzcNOFJUeIgG8QgjxmFt166-wO-_3Au8Crcr390EF-vSPS7I8dgJJzlKb1Lus-OrPsbre8a1mc9PWdpRUsSnZkcK6kmYjkmflKzVYu4WeE0eQhbnFdWWJ7D76UL8mUdwNP7ZYsZs5NSixotQc2X26Pswx2sW4cZHTnENyoRXnbHdgrDXzCbTD6DA3MkGKySponD--BfML2Y-Xw6bnmkNacSKv5vmzkg&sai=AMfl-YS60qE1nVmvz4j3FpmDESLt_b4i5EdeAGMs_392HyYbSR_zELnwk4akcuNMorhnaOZfm6qvs1coXabj-WTj0Qw25j9sNqgJ7hxmp_N7gCkMahVBaiIPXPk61m5jfboNJbfJoZnkbSif8QDG4K0fxfxCBmnP6RnMrAI_IFNL8f_nAoKozye6985OqwzjjO23UWeBM4d-uc_KEI442Yk3kT5THg_54eJihpLcI6xXFP90GAVLwC_dq9OYWbCQPwuZsPTyUViDCadOKW61GFDyvTm899kF&sig=Cg0ArKJSzAUDQ_xpRsSuEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231206.39373&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 999B 41 KB
14 KB 23ms
23ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H2 200 14639594052140872195
s0.2mdn.net/simgad/ Frame 999B 67 KB
67 KB 24ms
23ms Image
image/jpeg 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14639594052140872195?sqp=uqWu0g0ICPoBEKwCQGQ&rs=AOga4qkWawYAUcmdZQekr96zuHSfda6rtw

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

sffe /

Resource Hash

4fd08991cc0d265646431832f91dd7d41714becd4b410fc366701d1d72e1c5ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:31:52 GMT
x-content-type-options: nosniff
age: 48703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68435
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:34:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 20:31:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ABEA 1 KB
643 B 26ms
25ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 5461 31 KB
12 KB 24ms
22ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVuqb360EVSoWlO0hhnryY6605HaAEo-GXB_sg9r4qZi8FZWVvXYd2V18yxuwD1tIpISTlwjEcSNSQAsKhNs5LVERf7DHrxEtyjK8AvNwJxgaz6oD7M3Ds8eEv-PyNju_XASgztVDjworQ0udXUBEOvH_k2OjmTTA0iqRkP69VZsSNSVk&dbm_d=AKAmf-DZEmlBIiCaRDH3CXKQv_2v8lkPf8P8O2l8-GFAeo04NSE5nmYpN0AT9DwZB9U5A_tVvvd--9sWGfb-Axc_mdNrvBM3ww9Ahq9iQz5xclzyWDTANmuk-Pblr6Gz97JHGsvPWl-riaTmv2ZGEaacpFQTf-JF0z6uJwvNu0m7l5toy2-haz4QLAWrZ7a3uFyLEj4wuXOwuQzIIRwxlXGv7qpw7SgaCMYHWzlkSCjfP3A2qHehAj_qgvF2MbssR2GqKfMVZbKGbSkWVvY0FfZZo9Dy79iwtGQ35vz1QabiZ0TvaVN0Vdc8dWqj2gbBIX2SjxJFHjmgnjaIj4BEWTisxjO4hk5WybOOFa_TYuXgQ1dyJ6K13YF83KFSzR8pmmMZWnZJGWkZlmOl7n61lhCD7Sk8TAqlbg8WT78cF3wAqGe5zFPIWeTUm2EwY9NQCX9kAr1v8fENo8f48GvWG86Wj5I2BNRB10i2QvGLov-Z-xDGvB9Ks7BCFDbHheRZp3WcSTWIsG4InjPH-C0UnLXNz4eXs4dmibOZytt3rWwQSYzTDHkrT7s_2EeIDYYPYGDneZPaQhVXfXApqDRJR1LblHqAf7PngKaepneXkkyrBEYejfjp6JrlMmjQlc1AGmDOssZ-9u34EXGiar1xr8P-52p0a9usDoV-sUZ4XTuiz8VeTx1deKC0m__rgocNfaVUaNj1DKR9phc1LCxsRj13nHYxttHuqk7aA9_ODHCAst_zKDUEtBRsNI2Tz4bOwvm9Cv7wX_Ux7ox_NzkQLw_bZ1_kQpLZrPjfDvRIcgagWh84c-OWe0oBqq6dRnmnrc9MUzNHD50FqJX4fZRg0CCcEAA6Q4HqSpRhjdLBvqNBZmW6Nh07cY2Qph_scKpv8xlP-B6tGeXV5Pfs4tz7HpQfWMM0F1daYz9T3fany5mKQ4Gn5rXKXAclyd-Rq0D5vuZq31WhmA0KzCmvo7b-z75XiD18KeqgBj97WuplZF8Nb88Orm-yy7hIcJsjYyUyWE91KIsTxT_ZhgPHrqwoVMFlCzeQVzIrXKiW-5qS6N8GbjzkcmWdSpyF0eTsDaCgyXtgY22x50nQC8fAQGrTHW0tI1DVHMeKpCXBimEM1sk-tkqpRQyGw9JyniBBR_3aBYpgTxRq2NZJyO6gzt5P48VI45vGxYkZQlqh7QUCfjSfzJ1o5xWCWWmPaq-_PtTTAFCWveCkk7JI25Kclv_mKCcjAB1VDyrpyVkFeP7mcdtBe5_2w8c6MWIDftkU87yrlu5uqNGlCweE1q-nXlYZ9ZtdBcOVGGYLvglCjhdswjAdccePTZmPGkaitNLXtx1QOPU6MO0Sc2_tEjPdRbCbTcrLUzV2hMiBqmn8lQBuKLUaUhAXKmU-AZBQgZJIM0-DUm4fP6bBuHSo-wEdfLQ8-7Evi71eRf0k0vlM-iXL7nqsSj-uNyUdjQpSUDKKHhVkK5VndU8ZVkpGo9fDcvyvTI8B1ooJwJzFyapzSfTYvMg3kafZcmYnNGo0DKxz1jOhhaw5oBwk4ZclY8IBkvUXU3dip-iCuuYFT3yFdCcBJzt9yBdE3TN9tGtXdOktNZfvfSuWVvC91sbxufE0jsUOAjCjgnOnE15rqvncqpsU3wiAQ9HdsB0hi1zSbED6I7-NaV8FkI2VHWud-cD571q_5VkBUYEIE8cF-9Vaw-lYqm6yypE5Pqa6ITxDu2qlW0rLyyElC_YZxW4pYHybJrTQC5x3B1toI0PUzKSJ8j4vl4vjAPaS-akrI7uDVWn8chpE7XpsTkrXJHZbP0o9q-cWONpEXo_ZRi9WwHlSKfpUq-LhdSftpOt9F5ky9KFN7_lV4eYUKimYAUHDNhwu1C88OaWLvTR9mLIlen3zjWpZRgR6NwI__9KKEObSTg61STny0MVpUr7JEc5NOgsDbX8JnyHKSqkfTiEx2lsEZMiFEinG2SDbdBwT6K_g9zFoPSPOmEDjlE3lJLzPxXOfugz8ZlIAhUxEcb9OjyGmSxEgdDKt-LTQ-ucrNfwGR7JtJ3rDPidjhIg_zfcYxl41zP0vIrZKM-6OP6fAWD1v52B5ZNHGyfloXtK4EsZeyeExJ8s12NYUwJbAhZVaahp5U7Q3cdGd9ZnAG5IHgml58V-kh9aV5PZKujKHqMy4-QKQInQ9VN6pWqqyUvEKfBW09SVnHt8jrsHIXnziYArIQsXlpJU7i4_0sq2vYAZoQ87mTeQe3mOw51Rbo0V05Vw4gQcr56mm7VS74i_woGBber6NUlfsVCoOzvmwM-EPAKdpOr0lQwybOHwo5lNPYA6e0uEsNNiRy5e8qCnK_Ek_p3Hyop76Mm9GKqJbFiN08VDjNecASGuBITB-bFFALkYsHsHlAllQGJaELTt4yoX48ADXgXTEvuWxSwmzmRGJgjF-C2N4SOB0MfNlv4LmfPE_dajFcsMQ-hP8ZYQOrNttF2o3BcQr6_MvqKf_rLu9SrsqrNUO9IEee9xCVntFZ7f3gsb0kl0mz6kUOMi2IlDbHrbnKC7gNKiv31VIJxxHNi7mS_P44GslKQ550hEJHyXPknkm22ddxbtnm9hnehunB1zJEOAOX-3TdPOGR4Qc0bB3wgW28qwpQzLlI60w25JeylnU5JybrGMo8VIMMfYyFYxsfVjdSkB4UtN-IgTJxW9J_2mVyqE-WVO5QlUZkDttbPcEB7IJqg2Hgmei2vJa5rz99VXzbBO9_SpE_cXQcsozOXlAS37CZOSQnOsVbgcgbHcNdLLX9gxaRh-uYC6YVqh61iZbhU69BZYcpkRDOmqHhIrMGOrFKC2W7vDdDaqDBDwNw6HPiCtjZLXtBVKbfBSNyNVQ-KUgrwB2eWdpUdpHe2r7XJSF4xu59gdaBDJCgEpxkqGMSDuFI--Z8iNLVIfN6_tgvJLAvOe1tr18f3PSOsej9nz9RcxTo3eOn8_VVvSJgZ26zCBFg83u8jmyr6Z_ScgG__Jgovq_lybWL0WR-JjTyLiucWioJScUNek7F0wUgn50iwsD0fLc3Jsp5jLyY2Pu8BubnrQP_rfnu7Yn4Kv4FfqC7PrRJ5I1aDeZJXYm4NtRM8kAaqhSO8LihfBifxI2YyGj9zsuPLzsCjnE8GCRWHp103idG9c6gkRzx41NV2GyEqRMljZzBcvj0GRe-iZ-quyvqmMAMxki1d2YyH2LnkT03-IaOqL7n551Lyc2A01D3b9gs6dep0TLdMZEvtVna9u2YG3XbydSHTmgku5ZUT8xlOEyne9MUtLVuy7QxC-T9xl_BoqiwY0wgbvWmUcxbkC9TQlVorQUD15ZXCm2O0PsTsdCNr8NfULYRywo8FW7nhbGfQvKcON0_dS3gnD5XomzZ4WLQKp4mAZRa-iKl8daOQ9AtX45crukaqMwyvEq5xWhDKwj7llZioNcToRM2FU22Npl-WRfPnod0ZOtoQe98HAF0LN3qWoGgzVxGxctsZuy0db0nfLlloVPWaNHjT0NBVV4V1M1l5cM1XB4nas4ryWK5bfSA3ip9MyZkmzCX0fCsES-OdZl5Qp8TxFcxrhbbDpxoy5LKjfwqHq-v-ClwB7ddBinp-zOjUz7Zvs933bqHp44GO369TeAMuu1J93YGdvmr5sq0DzTMpCP15lYUCdmHzerTRabfF02n1HPbr_itdYE_Dw8a0hnGb1t79R6axmt9pD2jxu8NpT2ZNkv9z0xFRvB9yJFMNiQNGANgCIscYXD1JBYM6m-Ve8uCxf5lfJVzeQ&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.cifraclub.com.br%2F&ds=l&xdt=1&iif=1&cor=12486868328248822000&adk=3944675603&idt=106&cac=0&dtd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:19:18 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 5461 11 KB
4 KB 28ms
26ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:06:33 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5461 0
0 104ms
72ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmQx2tQyK6ftHpkxUasxxIkWAersTnK7y7qyeDswmlT4I_br_rfFRaFwFoymlS1DKZPxpdMz6jYMORfgSQ3wVE0FojGUMCG_WlONgHeTDjxdfvqKoz7OIXvazEtUNBV_19HcStnm2yfJzSS9K4oZ8WY7kgT8acdnz9OfahtRTrRKbkPZH5JV7XPliqsSIRPoOSN-zSyordNyeii1DK5SnsPvCCUWwzvkXYO21tDgYs1SdKQhL3EhyieadAWwLmEpAjzdPoQVGDantwJI1ZOSxeQig_bz7UhPsW0iRbFFAFBsteWcSlyy7BZgZU9AYlOMkpFuYUieMBo3soVYRLbczcEYMBcd6t1CletF3DuNBvyJPEfvxWNbZlw0KjniJU2W68ym4K8f7kSK0F1g8RR3DC4NU9MrGaxOHGboQ4gLidEsBVgmDUh-CleS4xaYPq6NuiKBMVWbZNyAjjaK_aHQgk_yjkmPpmM75onBB8bWUCFiKqe7QN5euKSkSFl644UreVORehYZwWm6sGgxTrFMamXrdiZRnSxsWKR-i4xwO-toFgi6tH3T2Res2nXL12l7FRH0jxjcByTMKa2ko6huGJI6wgjp9XwnWb2yPvhiCAk8jM--SWhYsVG7OjzNJeTRm4sG4TGYgtUKnvi0bb4o_zRVLe2RCWP-D9hBEXRnwwXfudOgEcIS1L2sxsYmytrhQrve3JqDyqaZ3jUMaKHjwKOfoFegqugPkJA387MMvJxC1-gIZhvoX3apPcPa1zbFF_gTd8zTh1E4W8y2iw_5hSe-fVK9quSVHHX77ED0L_pHy9mc1guzA5RiSoQy2XfPvH5IPoAs9DmLvKJfb-8Oxea7k-Jhn3yPZODxINFvBZ8WYSABv2y9DWYBe95KeLpZC7_qWDe0WcVdflhCUrNxsWFB8fSNIqfQJKVpcX-wyQG5xjYXUeyDenVUHMvmWxu0H5ggqmbJnttcj3ag6nWqW5GK4u6E2Fq0N2gY-HU0vfohhJyX_MgZHbqTNLn7ra7_vRIEcPNCiJxW3xRK5SgLihi4w4jmeurqeVLMGj3Z22wx9D2TZqTT5XIr6CaTo-LX_IaRK4pZ_GwbrmuEZXPPZy6T7EoKJPxAclnkTfQ7vR6KYAiD8lWch-mtmJ96KKJHXqATb6csKGML1h81A0KS17Fi8C42g9X0VFXg9zj6bFlgshvlbzDNnYsDUfW61lqqeWGtPRRtrZj3eMSOyPq1oT1aTObjbgqN4DH0mFn3Il78_i_ODxArNOt4151T8JM_f-PkQD78LYvpl0R7v_k4XnNu4DkRReOlLZVb_bT-Dv5XS0ZyoRkyV5_E7Z_V54zOOMJ6Exsr9fAwTmCz8x7hnTH1q1MhibYPfTSF-ixMgCoEdBkA1uVU-h80YDHNtBVLRSGMmE0gdd1uHVjaAT_cGwoA87SE_a0clOX5h1D4__T732u4gvDa1Z1Xzuxow75E8HEdsA_kMIbk4WkSGaSiHz6gp77gVkpdHJ&sai=AMfl-YSkFG-yDpa7KTAVvVHbxSHqTWWcinrbfOC1Rne1MiGlGK9VDCI4BaxflZmv7hH3q_2I97BgzohkKRUI-FNUfhMC3vmXZMCVb9wSQ5SDE9ZD3vUogcGkgIQ8KoTwmYOrSYzN_GI0zwim1STyAmzc1I72AJw5Hais6ILsj_FlAyaCwyk0b0Qbk-Lbj-eugmI6YUU30BD20pQHlZ8VMDPlhcEQgsXgTe1U8Apm6gR-_qbMoAdt8BwDr5T3-OckxHb3eSnhP1tI_Q6W03O4LNCkWvP4J_dz&sig=Cg0ArKJSzAN3NBwUOROlEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231206.47374&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5461 41 KB
14 KB 25ms
22ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H2 200 8405673692677534987
s0.2mdn.net/simgad/ Frame 5461 61 KB
61 KB 26ms
23ms Image
image/jpeg 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8405673692677534987?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qlVpwkA8dq-UglDSiEFPKtBqqrKLA

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

sffe /

Resource Hash

8541d0182a8972635847bd3bc5f18c105f95d6d57c09eac02873ce6d32d10db2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:11:58 GMT
x-content-type-options: nosniff
age: 3097
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62059
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:34:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 09:11:58 GMT

GET
DATA 200
OK truncated
/ Frame 999B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f6d9558ccb85191d85fac087502114534207cfa93b5e05836de2b48f6ef5171

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AD36 1 KB
643 B 23ms
23ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BEF 51 KB
19 KB 23ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:30:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 11:30:42 GMT

GET
DATA 200
OK truncated
/ Frame 5461 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47f5661bba51759dbd3c33eec9ebb77f709b539316077f4cfe349c01751d2750

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 999B 0
0 63ms
62ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUWzKzU2SdabG-zsKpM3ZGxtZdC-Nqx6IEDDnyQFIY-UYVb-VwMSFoGKVsEp-dZOQ3RpQqsK7lHvaV-wNk414RnRmVWaVlr91STqzGffFZlEsnPBl7fhT5CU1aCut6uDQRxWXK3DQPJ7tQ0F0RTCAbI8vqT1HgaMMFUFjqlRfN6dh1McRNc030o0xE5y82RzNh0ZMbRnGR0SIc4z0ANANu2iEWKK5Ir80Tur1MiSQNHEHrCJQO5Flpy4A2fOI4-s-mS3dgWjX1phwEodAelFU7k56MNIrBASBAKCr1gGDPlXW_9WwhG1sryybNh3BM7xN5hUq8ip0RY5nIaWT8hnlqec4DbWJa_I3HONFdM9HUZhmFnoG3m5S_GVekdBOx19h6Ed0lIu-v0I2VthJMTzg_7C5VvlMagTRgfK3_9T_9UZBx47F79Pibcq2GomGK4SKMrFCcrbQc1iNUIf35k6XPMAxxYU6pagceHWZFf4YLopqjP7sNQ8h4LD7lFcVj2d2iK43xdcjITNE8L4qf_EGb_rM86N0BGnFpP_XDtEDAWj3AForeP2dqA-YQYtHM_R21QcoDWapxg-dB_u7Wh8C-CBxStinxiVSiiYg1zaqc3Zq9YGunskm8GnnnS7LsyLBbkub_e8SqQJrly3a3PQkhpUQEvu2730GMRjGurQ9q3qtcX0-Ye4kTaeu6gHRi8Ur65SN-nL_7PILkZMEvkSjw0fyO8efZySarIs7IHhq8pEYze2g-4Zqnz3fyJC86svBktOctYxEqtNpjkl_5nnGkIJItwqJTr9V5lUeKXrTe5pbNosR1ThLlwX_kV1iYBLNuqz-9yucFGLHaa0znRGTXxkDGJN5l15zZby-s6XtHShsqiHxowl1bI6EFM3KQl_DpoB-Dpx5-XaMxdbLn7Z-WWVOl7k1vqidp6i9ISSYW0dYa56BpMAbT3NSNAyzLHTGzO6p_dleUYk_3LSTC6UDFsMJPU7mz5hq40FzRR-UT6yOgzS2YdCX9kEReip99brqpH1zRuLJttmoYWE4SBYhfl_sVBWy9pz2ceBvTgGOMHciRrUOX8HWCAcidI10lPrOw7wOKAplXvXhmS6bjR2oFnlBYVda_0tbbauimVh9Pbrw-cYH5XE_G73AmHIYbo7l6sSfRTtX4ARmK7cRYgNaYyXHdTIyzB4M-IXytgcCAbRSo4JpsUM_EfD2r4o8i6_EmvNjO3YBe0t_58LxFNeB38TeFxWM0d7xolujKQpHzIHXDQq5goh98scrI5CRNYpP-iS-MzcNOFJUeIgG8QgjxmFt166-wO-_3Au8Crcr390EF-vSPS7I8dgJJzlKb1Lus-OrPsbre8a1mc9PWdpRUsSnZkcK6kmYjkmflKzVYu4WeE0eQhbnFdWWJ7D76UL8mUdwNP7ZYsZs5NSixotQc2X26Pswx2sW4cZHTnENyoRXnbHdgrDXzCbTD6DA3MkGKySponD--BfML2Y-Xw6bnmkNacSKv5vmzkg&sai=AMfl-YS60qE1nVmvz4j3FpmDESLt_b4i5EdeAGMs_392HyYbSR_zELnwk4akcuNMorhnaOZfm6qvs1coXabj-WTj0Qw25j9sNqgJ7hxmp_N7gCkMahVBaiIPXPk61m5jfboNJbfJoZnkbSif8QDG4K0fxfxCBmnP6RnMrAI_IFNL8f_nAoKozye6985OqwzjjO23UWeBM4d-uc_KEI442Yk3kT5THg_54eJihpLcI6xXFP90GAVLwC_dq9OYWbCQPwuZsPTyUViDCadOKW61GFDyvTm899kF&sig=Cg0ArKJSzAUDQ_xpRsSuEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=61&vt=11&dtpt=60&dett=2&cstd=0&cisv=r20231206.39373&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6655 38 KB
13 KB 23ms
22ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame 260F 37 KB
17 KB 183ms
37ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=68151431;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=19904691783&extPm=19904691783&extCr=520835544&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CbEy6djt0ZZ6jAf_j1PIPxea64AS7w_bob9ru2aSVEvKe3KDUARABIOC8rSNglaqzgsAHoAH2vq2YKMgBCakCYi2If_cOsj6oAwHIA5sEqgSpAk_QuYZjJ36SPupJRXxebskeNNhFPJM5225OEwosJp9AmG9U8ckSQbWCIXYAML04moen5c7ObpMMEYwNFeoX6E_SJ9WK2vfdFLEhu-VZEgY5Gtkygy4qrVfE5yKuLMB9QHme8HosMHNNQSJ1rjjeHLSHJT1E9vvC7GDWjpppri-gYP2bc8xr3ctHuTnyYpGHHQz_gqqVFeDJVrUqcuK-omVl_2aiIFYlEg8Jemhm7pxkbT5yGcYU97SNzLLRKwij0T8CYaxdwJHjTFIV0FDhOE-cHZ_7MhaRyGJoCFPy70cGFhG4MMrSAZrXwtD1SiADDauN0u_oz9YfxLId6HpMw48uS8pWSDXyRAuNrXG5T7Y1ilfQbly-Lzjop40qT7ovDEqJP1f05s-kcMAEtffWsqUE4AQDiAXH_KWTSpAGAaAGTYAH9vb99wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljni7OCjYKDA4AKA5gLAcgLAYAMAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7ECqg0CREXiDRMI1uyzgo2CgwMV_zFVCB1Fsw5MsBO8luIV0BMA2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&sig=AOD64_06ifrhJuzKcqGywXbEUOq6ifvxPA&client=ca-pub-5289793328419085&dbm_c=AKAmf-DqXbdk-0sPyw7VJeXHSkj7GwMp8nXnjn2jZezmFow8gd2uj7ii-_v2mKIriy1bsBJ6ZrY_EQnxZJk3dVJeSb6oMAd7Z5ZvnEcJTxNVV-rmTbFSzTYDjRXcTuqTtC5uIhVBawrH25jjuni_VgAmCEhzJeL4YWNQMoAULBrjev508YoJI58&cry=1&dbm_d=AKAmf-BDRWRCJuJC0_aTrXyZh-sqAmsD3X6AQMAu__GC684NNh7RMRT-Rr1rhHL0co1KJj1CEXv00ywxrhyP3gh3SuZHr0q2bclERv3SnadgrXizw9XxUX2P12hgMN9OKpc0X4sohRlCFjxd8xg1HyFczy6s6MdvDcGvcSEh98dJfXWbKZ7TE1OLQ6DIw1cl9QjFct6p5Q9LtJZS9ocDhkiFKBzKoOeSwGeeecP_P1jQK9U9RUzmzE27jVsQJpXYDeroVXx6vA_vi4GgL_X9YbpwkSh2ZzDlICtOgNhPoVFhwEVY4M_xAK3zNDvmFSzwL6ppfhSc69uRsHczdtSfDWqotcMDUBT-uIn1yz2DUx4-KFU4OQZCD4XFOhbKbubQidxmzMNO3r-8tvYKZmQDz-hZO6JIetT4MkeP9gY9hQPyiPat2D1nxjFwWglO94JlOUb0RZJpYqIDIu-iqoTI30q2VjEv6aIDBBbqXMC7bH1xnZyYyYcdsTchVWugMMiuEDtRLkBURlgmvBeD7maTW6iPQM9GR1X72ypaCqYTqzy1Qz8QMHW0elwwOEpsjpL2LE_qYaN_MF8y&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 70fa7d6af1775ea7cbb76511f73b02a74a55c965b1956e7cc5ef3798871badca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 10:45:40 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 05 Dec 2023 15:49:30 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 969B 38 KB
13 KB 23ms
23ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame ABEA
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmSNwGlfF7SZnGHDmCXkixISXNk5zE9vT-D85Fn3-I_K_oSCnk4lwyWKm05QsLDnUlmEoVYbNqUzSGJ1I2ORtxj1_B560PAI&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmSNwGlfF7SZnGHDmCXkixISXNk5zE9vT-D85Fn3-I_K_oSCnk4lwyWKm05QsLDnUlmEoVYbNqUzSGJ1I2ORtxj1_B560PA...

43 B
424 B

191ms
191ms

Image
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmSNwGlfF7SZnGHDmCXkixISXNk5zE9vT-D85Fn3-I_K_oSCnk4lwyWKm05QsLDnUlmEoVYbNqUzSGJ1I2ORtxj1_B560PAI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSNwGlfF7SZnGHDmCXkixISXNk5zE9vT-D85Fn3-I_K_oSCnk4lwyWKm05QsLDnUlmEoVYbNqUzSGJ1I2ORtxj1_B560PAI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 832c6b4c88e571be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3836
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmSNwGlfF7SZnGHDmCXkixISXNk5zE9vT-D85Fn3-I_K_oSCnk4lwyWKm05QsLDnUlmEoVYbNqUzSGJ1I2ORtxj1_B560PAI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSNwGlfF7SZnGHDmCXkixISXNk5zE9vT-D85Fn3-I_K_oSCnk4lwyWKm05QsLDnUlmEoVYbNqUzSGJ1I2ORtxj1_B560PAI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 832c6b4b5fa171be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABEA
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGF1O9Wl_KycTyDASLV7cE0&google_cver=1&google_push=AXcoOmRa5eko16Wh8-l79Zfkkhd0JqbCF8XA0orWf2ke4yW2e0H_F2ROj1KCXqKV_sD9fvta-M-3DYenoDhzZgoko2a5C-02YJU
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AADDDB9C1CE24DA499C4C9FCC7C164B0&google_push=AXcoOmRa5eko16Wh8-l79Zfkkhd0JqbCF8XA0orWf2ke4yW2e0H_F2ROj1KCXqKV_sD9fvta-M-3DYenoDhzZgo...

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AADDDB9C1CE24DA499C4C9FCC7C164B0&google_push=AXcoOmRa5eko16Wh8-l79Zfkkhd0JqbCF8XA0orWf2ke4yW2e0H_F2ROj1KCXqKV_sD9fvta-M-3DYenoDhzZgoko2a5C-02YJU

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 10:03:35 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AADDDB9C1CE24DA499C4C9FCC7C164B0&google_push=AXcoOmRa5eko16Wh8-l79Zfkkhd0JqbCF8XA0orWf2ke4yW2e0H_F2ROj1KCXqKV_sD9fvta-M-3DYenoDhzZgoko2a5C-02YJU
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 08 Dec 2023 10:03:35 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABEA
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOqThzHR8_BOCoAUEzCz44E&google_cver=1&google_push=AXcoOmRM_izILPDxoX0nwCGyfMqDRPyGZzEmmNUeyyfjY_pguGE0vc7c9FDkP1gHHrcX2odRA23EM2FMH_7AR5...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDUzMzQ3NzQyNjU5MTg4NQ%3D%3D&google_push=AXcoOmRM_izILPDxoX0nwCGyfMqDRPyGZzEmmNUeyyfjY_pguGE0vc7c9FDkP1gHHrcX2odRA23EM2FMH_7AR5XxCA...

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDUzMzQ3NzQyNjU5MTg4NQ%3D%3D&google_push=AXcoOmRM_izILPDxoX0nwCGyfMqDRPyGZzEmmNUeyyfjY_pguGE0vc7c9FDkP1gHHrcX2odRA23EM2FMH_7AR5XxCAOIFGpelteS

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDUzMzQ3NzQyNjU5MTg4NQ%3D%3D&google_push=AXcoOmRM_izILPDxoX0nwCGyfMqDRPyGZzEmmNUeyyfjY_pguGE0vc7c9FDkP1gHHrcX2odRA23EM2FMH_7AR5XxCAOIFGpelteS
Date: Sat, 09 Dec 2023 10:03:35 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame ABEA 43 B
363 B 88ms
29ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTT4HUtixMhuiKmvD8u3hh9Muglf6NeXa0D-GJz3n5qTLSeIZW5GuvfgULBRacCRgDZE5sEsE4PaEqRAHNPOU1eOiXpTdc&google_gid=CAESEIMPyFmoj63B_Ss1iHCihjM&google_cver=1

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 261261
expires: Sat, 09 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABEA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN26uRCwm9vsMkynWlsH8zo&google_cver=1&google_push=AXcoOmSts_xMlu-NUM5UlCn9LCx98_C4VBqLjD6Kk4Tc_ummz_dwcMniHaG204ovsQ1vGCz1mrR...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYVzFORlktMVUtMUE3Ug==&google_push=AXcoOmSts_xMlu-NUM5UlCn9LCx98_C4VBqLjD6Kk4Tc_ummz_dwcMniHaG204ovsQ1vGCz1mrRcnsZJkmG-2h5Za7GF0PGiNE-o

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYVzFORlktMVUtMUE3Ug==&google_push=AXcoOmSts_xMlu-NUM5UlCn9LCx98_C4VBqLjD6Kk4Tc_ummz_dwcMniHaG204ovsQ1vGCz1mrRcnsZJkmG-2h5Za7GF0PGiNE-o

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYVzFORlktMVUtMUE3Ug==&google_push=AXcoOmSts_xMlu-NUM5UlCn9LCx98_C4VBqLjD6Kk4Tc_ummz_dwcMniHaG204ovsQ1vGCz1mrRcnsZJkmG-2h5Za7GF0PGiNE-o
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABEA
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHCQuqqa8S6UjTkcKnadPFg&google_cver=1&google_push=AXcoOmSRfxa2Vvj_r7ob7cWs9QmnbyoyklFPFdmwiERfE69px3ifB04PQxjYhPqUVlbMPylZgkUcasz9L8LZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSRfxa2Vvj_r7ob7cWs9QmnbyoyklFPFdmwiERfE69px3ifB04PQxjYhPqUVlbMPylZgkUcasz9L8LZWqbG-7BwTE8Z_MM

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSRfxa2Vvj_r7ob7cWs9QmnbyoyklFPFdmwiERfE69px3ifB04PQxjYhPqUVlbMPylZgkUcasz9L8LZWqbG-7BwTE8Z_MM

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSRfxa2Vvj_r7ob7cWs9QmnbyoyklFPFdmwiERfE69px3ifB04PQxjYhPqUVlbMPylZgkUcasz9L8LZWqbG-7BwTE8Z_MM
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame ABEA 43 B
145 B 23ms
22ms Image
image/gif 52.57.96.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFPe5tvrg0rbQBrbU8JKREk&google_cver=1&google_push=AXcoOmSuSj3u3xGddT5Z6490kBtCbEIYJcSty3cmGEdXm3rN0TKmdfl8NHB_-EF35p0n6Df0VMJwHTxz7LSEwhT6RpOmrGON7AvUWQ
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame ABEA 0
12 B 29ms
29ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJ6y1voCHW2Am8MVtjM16mB0tmhhrMCmpWkCG-JDFXyE_WGAU0GXRkQbB3eUCW23bUn-_clQ

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5461 0
0 62ms
62ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmQx2tQyK6ftHpkxUasxxIkWAersTnK7y7qyeDswmlT4I_br_rfFRaFwFoymlS1DKZPxpdMz6jYMORfgSQ3wVE0FojGUMCG_WlONgHeTDjxdfvqKoz7OIXvazEtUNBV_19HcStnm2yfJzSS9K4oZ8WY7kgT8acdnz9OfahtRTrRKbkPZH5JV7XPliqsSIRPoOSN-zSyordNyeii1DK5SnsPvCCUWwzvkXYO21tDgYs1SdKQhL3EhyieadAWwLmEpAjzdPoQVGDantwJI1ZOSxeQig_bz7UhPsW0iRbFFAFBsteWcSlyy7BZgZU9AYlOMkpFuYUieMBo3soVYRLbczcEYMBcd6t1CletF3DuNBvyJPEfvxWNbZlw0KjniJU2W68ym4K8f7kSK0F1g8RR3DC4NU9MrGaxOHGboQ4gLidEsBVgmDUh-CleS4xaYPq6NuiKBMVWbZNyAjjaK_aHQgk_yjkmPpmM75onBB8bWUCFiKqe7QN5euKSkSFl644UreVORehYZwWm6sGgxTrFMamXrdiZRnSxsWKR-i4xwO-toFgi6tH3T2Res2nXL12l7FRH0jxjcByTMKa2ko6huGJI6wgjp9XwnWb2yPvhiCAk8jM--SWhYsVG7OjzNJeTRm4sG4TGYgtUKnvi0bb4o_zRVLe2RCWP-D9hBEXRnwwXfudOgEcIS1L2sxsYmytrhQrve3JqDyqaZ3jUMaKHjwKOfoFegqugPkJA387MMvJxC1-gIZhvoX3apPcPa1zbFF_gTd8zTh1E4W8y2iw_5hSe-fVK9quSVHHX77ED0L_pHy9mc1guzA5RiSoQy2XfPvH5IPoAs9DmLvKJfb-8Oxea7k-Jhn3yPZODxINFvBZ8WYSABv2y9DWYBe95KeLpZC7_qWDe0WcVdflhCUrNxsWFB8fSNIqfQJKVpcX-wyQG5xjYXUeyDenVUHMvmWxu0H5ggqmbJnttcj3ag6nWqW5GK4u6E2Fq0N2gY-HU0vfohhJyX_MgZHbqTNLn7ra7_vRIEcPNCiJxW3xRK5SgLihi4w4jmeurqeVLMGj3Z22wx9D2TZqTT5XIr6CaTo-LX_IaRK4pZ_GwbrmuEZXPPZy6T7EoKJPxAclnkTfQ7vR6KYAiD8lWch-mtmJ96KKJHXqATb6csKGML1h81A0KS17Fi8C42g9X0VFXg9zj6bFlgshvlbzDNnYsDUfW61lqqeWGtPRRtrZj3eMSOyPq1oT1aTObjbgqN4DH0mFn3Il78_i_ODxArNOt4151T8JM_f-PkQD78LYvpl0R7v_k4XnNu4DkRReOlLZVb_bT-Dv5XS0ZyoRkyV5_E7Z_V54zOOMJ6Exsr9fAwTmCz8x7hnTH1q1MhibYPfTSF-ixMgCoEdBkA1uVU-h80YDHNtBVLRSGMmE0gdd1uHVjaAT_cGwoA87SE_a0clOX5h1D4__T732u4gvDa1Z1Xzuxow75E8HEdsA_kMIbk4WkSGaSiHz6gp77gVkpdHJ&sai=AMfl-YSkFG-yDpa7KTAVvVHbxSHqTWWcinrbfOC1Rne1MiGlGK9VDCI4BaxflZmv7hH3q_2I97BgzohkKRUI-FNUfhMC3vmXZMCVb9wSQ5SDE9ZD3vUogcGkgIQ8KoTwmYOrSYzN_GI0zwim1STyAmzc1I72AJw5Hais6ILsj_FlAyaCwyk0b0Qbk-Lbj-eugmI6YUU30BD20pQHlZ8VMDPlhcEQgsXgTe1U8Apm6gR-_qbMoAdt8BwDr5T3-OckxHb3eSnhP1tI_Q6W03O4LNCkWvP4J_dz&sig=Cg0ArKJSzAN3NBwUOROlEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=58&vt=11&dtpt=57&dett=2&cstd=0&cisv=r20231206.47374&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0BBD 38 KB
13 KB 47ms
47ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame AD36
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmQBE5Md01NEE0ANDYKBhObfs3H8AP18hdhyLEIFXsvt75xrehtgOquLhTKWOUqP7z4OI7tBaU6Ruk7Fz59BwrGdS-hXLcX8&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmQBE5Md01NEE0ANDYKBhObfs3H8AP18hdhyLEIFXsvt75xrehtgOquLhTKWOUqP7z4OI7tBaU6Ruk7Fz59BwrGdS-hXLcX...

43 B
427 B

194ms
194ms

Image
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmQBE5Md01NEE0ANDYKBhObfs3H8AP18hdhyLEIFXsvt75xrehtgOquLhTKWOUqP7z4OI7tBaU6Ruk7Fz59BwrGdS-hXLcX8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQBE5Md01NEE0ANDYKBhObfs3H8AP18hdhyLEIFXsvt75xrehtgOquLhTKWOUqP7z4OI7tBaU6Ruk7Fz59BwrGdS-hXLcX8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 832c6b4ca91671be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3877
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMO_rcrDcGB3n4d9X-bwJWA&google_cver=1&google_push=AXcoOmQBE5Md01NEE0ANDYKBhObfs3H8AP18hdhyLEIFXsvt75xrehtgOquLhTKWOUqP7z4OI7tBaU6Ruk7Fz59BwrGdS-hXLcX8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQBE5Md01NEE0ANDYKBhObfs3H8AP18hdhyLEIFXsvt75xrehtgOquLhTKWOUqP7z4OI7tBaU6Ruk7Fz59BwrGdS-hXLcX8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 832c6b4b6fba71be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame AD36 70 B
149 B 151ms
50ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE-MeK0vDXF3hrkXsobIXN8&google_cver=1&google_push=AXcoOmSt3I9VLDyixV7aB2-atYOgvRVnZshgVxj7tT2nJhlL0Ei838wpfDdsJKFe_AP_jyfaUEw7I6RhzAlj4ljkMOj_YoGq-O6XNg
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD36
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPPbwqbrq4NUNZf_-_WO-OE&google_cver=1&google_push=AXcoOmRPG0AvYq3t-0aa236pogMTkT1mtaC_TOwQsu3PcrrExLUqPdh1O28Fz8Qs8-koDyFjivcpssXKLJP...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRPG0AvYq3t-0aa236pogMTkT1mtaC_TOwQsu3PcrrExLUqPdh1O28Fz8Qs8-koDyFjivcpssXKLJPV_XFGqC8OxA1eEdBuYw&google_hm=jNbNrmcxSNW4jfZwyl...

170 B
188 B

31ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRPG0AvYq3t-0aa236pogMTkT1mtaC_TOwQsu3PcrrExLUqPdh1O28Fz8Qs8-koDyFjivcpssXKLJPV_XFGqC8OxA1eEdBuYw&google_hm=jNbNrmcxSNW4jfZwylujGbg

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRPG0AvYq3t-0aa236pogMTkT1mtaC_TOwQsu3PcrrExLUqPdh1O28Fz8Qs8-koDyFjivcpssXKLJPV_XFGqC8OxA1eEdBuYw&google_hm=jNbNrmcxSNW4jfZwylujGbg
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD36
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESED-IXlrGrDnDUNEeO3qjdS4&google_cver=1&google_push=AXcoOmQpYpVciKpVF5dn6uuYpFEJMVhWyYGeV3_0GD9h_FPfaw3N9DwjTKJ-d75ow2OC_61_MqzmRljQNm6k4D...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQpYpVciKpVF5dn6uuYpFEJMVhWyYGeV3_0GD9h_FPfaw3N9DwjTKJ-d75ow2OC_61_MqzmRljQNm6k4DpAwYJrq7J1iGLU&google_hm=hmV0O3ek2c9EW4UhT...

170 B
188 B

34ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQpYpVciKpVF5dn6uuYpFEJMVhWyYGeV3_0GD9h_FPfaw3N9DwjTKJ-d75ow2OC_61_MqzmRljQNm6k4DpAwYJrq7J1iGLU&google_hm=hmV0O3ek2c9EW4UhTg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65743B77A4D9CF445B85214EBLIS

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQpYpVciKpVF5dn6uuYpFEJMVhWyYGeV3_0GD9h_FPfaw3N9DwjTKJ-d75ow2OC_61_MqzmRljQNm6k4DpAwYJrq7J1iGLU&google_hm=hmV0O3ek2c9EW4UhTg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65743B77A4D9CF445B85214EBLIS
date: Sat, 09 Dec 2023 10:03:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD36
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGaaeM2BI8FO5w0y9v9cgY4&google_cver=1&google_push=AXcoOmQJOJZVG3W0T0SU7ZevzOkRsuUtB4lMh6twQf6bUd1bDfeP3XnFMhG2gTQfjwQlCOsGx6-xKi9-nWem15UJFPWJ8V7...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQJOJZVG3W0T0SU7ZevzOkRsuUtB4lMh6twQf6bUd1bDfeP3XnFMhG2gTQfjwQlCOsGx6-xKi9-nWem15UJFPWJ8V7pv6Ez&google_hm=eS1wTm5vSS41RTJwSHdLRz...

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQJOJZVG3W0T0SU7ZevzOkRsuUtB4lMh6twQf6bUd1bDfeP3XnFMhG2gTQfjwQlCOsGx6-xKi9-nWem15UJFPWJ8V7pv6Ez&google_hm=eS1wTm5vSS41RTJwSHdLRzZ4a19vcUpvOVJGSmJtN0xpZH5B

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 10:03:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQJOJZVG3W0T0SU7ZevzOkRsuUtB4lMh6twQf6bUd1bDfeP3XnFMhG2gTQfjwQlCOsGx6-xKi9-nWem15UJFPWJ8V7pv6Ez&google_hm=eS1wTm5vSS41RTJwSHdLRzZ4a19vcUpvOVJGSmJtN0xpZH5B
content-length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame AD36 0
166 B 113ms
37ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMDmNeQqUHUcfFseBGPESmI&google_cver=1&google_push=AXcoOmSPU5_4dpM_H4yq44-q8ZzcRgMlTWz5ah_3d6eR7tgj0GTZgkCSTEhkVnbTlYETVTfFKQwsfPrWf8fJtTG8dhixqp8mULiujA
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 09 Dec 2023 10:03:35 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET /
csync.loopme.me/ Frame AD36 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AD36 0
12 B 29ms
29ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYI2XMHcwbURc2-vt3Ij7upqpqZI1bNaE_8Y3PoAMTebfU4ag3pXm4-xGlbV8ZxFHckpNR0Q

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6655 39 KB
15 KB 23ms
22ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 18:50:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECCE 0
20 B 61ms
61ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvKR2djt0ZbKOAf_j1PIPxea64AQAAAAAOAHgBAI&bg=!8vGl8b7NAAY3kmNgF5I7ADQBe5WfOLhlVs3wyU_vh0IBWGUmjNKNkzgoKJgdoOfU_ylIzlx3pMlIcn4gmBU3WBtVsLv3AgAAAKhSAAAAAWgBB5kDVcVayTucxEipEa_V_Wui_k9q-gwG_Dc2I32_1EO4yhso8GldRjOS8_t0sQPf7uff2SIDLOz3WsrawPKus5tF1WZYTxvXD3zB7lvWXsXRpa33CWptFN19-oahQBgbkmpJNXOUKGHSnEuqn65Hw855bB8vJ9Ozvxt5B7EoquQEFJW-p076W0UbcCZe3keh303ZKec9xlQdfgLsEa2PQJ8F8UtZMClXeyTZ16epqEMwD0Hvc-cipCOAES9f9hqc05S5QQzDI9g7-OjemZZmMdIBBPeo_VLW_B8CF2cwOOJRlWYnC7lR-OHtdGyQdRp0bVthriWF_Sff_3xiuaqKzHTKnQRV-MUOrPMU09jDyXj3bfDiI_TvtVgtB1rVb6ripV6pE_hhKtkOCJn_HFt6V3RnY5Tobgecmwc0Qa2S3sNXNKiIgu1whI2v5qcC8lOYjKCerQXLO3S2p8myZhm3honLKw14ocwexTbG-Wcy4LN8XTMV-8xqQrYMNn6cDp4HDN7BrXzwRsUgX46VvIvdZdsDqfWsE4lP_zhsBUfhbLrWalNSNp2HvGOlzEPdUmTqWR14HuHMM25RkSVXYN48sVt7ucasnpmQbpLEKzbjdwUl7g1o44owFAD3bGxvdF8OaaYCZbZ2nzPx16uQJxzx2ISkk_W7HtCxVF3BDZsMNytrKinwOoLHSPx3A76p9RO01LVRvq7iAfq1ttjNo2V5WRctStGHP5OssN_sdSEKlFuCrZH60FTfUxrdFO2QEb3K0HFpLA69ozb71ZzCKT4C7UZCGT1lK-sWsQYzJqvHuh9GLiy-nn18gUskbIkTjnshLaMdF7_VTSpgwr0ZzSzzFSmPglMOf7SBcIJlx9uk7ZPYuFs_QhZAVIoA4Wy9-V47GgvtaYeav6ZjWrYbNFuRh2nu-H_RobtIzxnra7DnNHkoC0VJu--7PWHB6udUvrrB7tpFgEiBZmvo_p3VRHIQPy6S42QgOHkZT41oEXrcoHpi35S-uuQilTR2RcjGLccMtRhGBJc4FLb-4Cv5JL40SLH5BJ2SImGqYHONX323Kw8gC_bOeHCTcCl0Aa8qLmvXpZLmerfaGpZNSmzCxIFur5WJZmf_lxYLKKSC_tHOnduGC-4BbwW8DJs

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 969B 39 KB
15 KB 22ms
22ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 18:50:25 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BBD 39 KB
15 KB 25ms
24ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 18:50:25 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 260F 2 KB
1 KB 172ms
46ms Script
application/javascript 95.100.146.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1699623&plc=68151431&sid=1366186&dvregion=0&unit=320x50&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1699623&auorder=1495266&aucrtv=60702353&auadid=1366186&c6=1447160&c8=&auplc=5180489&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_C_G_M_cic-215-cre----per-apl-dive-Tracking-PER&c3=RT_PD_C-215-mul-stc-per&c4=iphone15promax_sale_230921_640x100&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=Adform_AO_AL_None_BNR_CM_mul-stc-Ret-Tracking
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-74.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:03:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:51 GMT
Server: UploadServer
ETag: "4bec59ab2a9fb77e9ba1af294cf3504b"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Sun, 10 Dec 2023 10:03:35 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6655 0
20 B 61ms
60ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BrjLldzt0ZfieF6-ljuwPhYey0AMAAAAAOAHgBAI&bg=!OTqlOnXNAAY3kmNgF5I7ADQBe5WfOJl-WYxs0IBEm5YNhxwbV3QTD-ypRTeF_6iTpw0JLjjbF0DMWExNtx3blCCNhBj5AgAAAF5SAAAAAmgBB5kDIFazzc-ypre2vnm_6njQ2Y7x_hHBzlrCPdEog3QZQtXAfJXKMkqqgJ2SQjFprvxBTNxZOF4GZlEY-BD3POAwd3r_3pAcJsj3L71eWxXdBoisbdw_wnvSguaLgd1WivpA5slbfhVVgulMseNfaptApHKXZ2eK9E8pamVF2p9lS-8wb_Ym4EAg0pHh17OhwQf05ADXRLFSfILMWsV233k2mHxbYB8bjpX-sB4joX0fRBkY-cWOAddujjG9tqkZwyUNBvEjk27i_ORGGfiJkpuH2b_K7DmYrawV5xIzNuyVio8Ncq2E25ZdOxV0NduwqEx50X5BcvrP696XMUJ2gOcpAGhz86j6IZQyYwujjuXSqev6YvR24P44te_zbgHNAeFl8tMBRn3N7kCs2zuTKKcjetYF8s_UmA-hIEi7HOAtXt-nJKRGKZVhd3a7kCF9tXI-GncyxbexPvZwU73drmC4FCNnnQ2cBh0AtgidzsFKy5tOgbmk0anj9TgdQBHV-sqJabrSFKpsevdMS3PrgnltwGWsFNpZ_YH36rqb2yG0kfakMYyYOIVUrkQ7NDzggc8am6Ka7n9JEmAA7prPjAjoqVR8KVnMwaqYE9eAQnLToOFw954OTBZAO66uQRhXaHYDsNwYfqqKwfLdLcklJUnecSVpxV24e0pBlEZGOefZNbuc8EDkzPhHDWeLstSWzOT-TOoXYtKQ-hia0G9YlVkkhVQSQCrysiJtT5o0L43rnV4gfdzitNG8TNk10OawN4a9DzXyPKKtR-OqkxHnJAcL9UGAFfmvoV18cqvPChdhcMoYFKkhbpywzFHNxplEgIOrUsJJIBTwq2pSyrPsZAZcr4Ml9UoaYKpXEUBKBId_TAyPAoSZgBQZpwMKq-CFrhe6Yk1br8ZtbxEUwAsnpIQh8vr_QYYtQETyNo-ByJyr-al57CG0WESTJA-9qtb2kv9C8GtLDdad5EsWh9mM-bDmN_TIOTZFNPVMj7UBGjyuBHNZ4x8A0y6D1eHVq6mc7vlj_SLK8_nCUdfg3ban6L4gJsiydrBN3mmJHbBj0P65_2d9

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BBD 0
20 B 60ms
59ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bz_p3dzt0ZZeIF42k9u8P57ug4A4AAAAAOAHgBAI&bg=!kpGlkd7NAAY3kmNgF5I7ADQBe5WfOP891nRKl_lR6NFOg6yQPw3wXxTUUrjvy4SLHgM0Fpd8WiNRaWbsvgBLz8NtiAM8AgAAAEpSAAAAAWgBBwoAIVXANlE5dJC5Us-YEov7bIE-HvZ2bvAbiqyvFAzyw4e4UpkDMfQx0PqSnXsFAHY55pFKavv4kq0Rw7xQD3aW93pEu72Ed1gnUbjZsQOvSMMxvH1N6uBulspqsvIFCj-2zSWDqbYakzitrN3-5h8A1SG2HkKENAtLKdRsOsUMJ7dwZZyFUkuP1FSgyS41-RDRjn_SMZ2dK_m5HuKQ44Snx8l61Q6Zgernwsyu1wkWyoGl2zRmv_fMg-HvuywDrJ5Qy4HJsRc8jv6jt3RLWX7dDBowCHz5XUx674lVBC_bhDzxq7Atuo58jgK3cJohHWOUl1DFiDBAB_i2zB_BP9y_uvRneHUmuZmuJZY6RmtQZEz9EDd1njLZJvVPBiWg9XrmH-rv3WW08S-5PC_CmFt-IbQvTpB-pAkDc5e3GCA4wrDV69VrBNslddxSy0bUpz2yO_wnA6p0j7AnRXknf8Ags9YKwydgdXwtSBnaKCkl0S94Iq8GOyz01t8cXjLQM4Y0cuvLVgmdtzc7B2RjX7ItB_TD1GrbaO-mtCRigXQy0CUx2YH6xsjqLlvxaJ8PzIArkwsiYJNv7ukczNpj-eEB4ZqT9BbRXf3rfs2KHnbry3k8_v3RlAJenjic_PiaBpRRLeDTj6FR_HllvNXufVGTcPKIeZVnigh8Taodengiw0oZ4ARk0Sv42c1nrZ_QCbB02PONDXbBZrb4H0THpaXbVovGQ6jJx0F0gJy9Z_w_GMqxbPyWh4jrsZKzXzosqe_tyUXHb1TN-t00yU6S9tWMJKoHQ8MGE5vYAXcZQlNqEupdvJs28fNsA2pNOTOt1InpZ_m4We-wAQ9C2RWdRUHjPIAx1z5rI1E9u7vS4pGfD6U3nNiNlVkqaf-dDek_uUgAosdm7ZDeTdPggvG5Ii0kNIq033uBi6IY6C7rQyfyCoxOLJy54mJtViI4RvdB6Kz9uwwuciXvgK2d1Mhx8P3qVUzfncLokjLq158q9oge3CCG6ggxy5qELDRIC6AytH1dwpFJXol9Brli59hs5fJU5TSZXJ4embQ2MbHnSajgA8a9zSDKuLpAuhtQUzJo_kNWt2EXxhx6wruhR8TO2NTzQbktr55ZBEnPBi1Czy_xrJ6OKnz6-UY

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 969B 0
20 B 60ms
60ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BuI13dzt0ZaqpFbK-9u8PgsWMkAsAAAAAOAHgBAI&bg=!39yl3JPNAAY3kmNgF5I7ADQBe5WfOO4jTKnNIcDN7IfDl_9nyHq4_RhkpfBZBXSCSBeZGy_eWU0Oxvj8ubxaKaSx4bHkAgAAAGZSAAAAAWgBB5kDSj6cuLONo9Ev-AhFY9R6dP0hmQuY9k54XnSX8dBHM_ZFImt9RDY742xNKEh0hfwqp1klyIbzVxdmjY1WHvE0d29UCoN_1OKI6Q6wWNnG1Mi5scPAyhKRmnfMVHoLUXMUWSIUMVPEJzbx3XetHyv2lXb5f7X4_jSTyZuUBIPq7cVmzsGTj_jAvIXe61W70cwzHWFScOIZyj44dAh4YWL7vbnnBej6pIzaRT8Vohzj8bWHwHJ9IHQ45pPGcr3b9jtEDxWwRiTIe8m710tRQnexkiYWjqLJ13z1P4ufOJQ8cysJTpmArjd4P3dz6qdoGKPizNYGiyUADugRbW1RuOGUbj_5FJ_700iIogC4e3LGD6sGCLX_auyTqWe4aztpZKcgxdweaB25Co-1cr1gdlIfvaCX8vJ3i-6vrgQJwLxfkQyqz7wts5pTg9lLJDUZqmEkXIFikulPPZubeizVMj1J52XfnHCHN0vPh3Oh-GCbhIm8JPm9ZG-ut3tUOX8GzsAmNhqKmXEb_HHiYxWr4oMZiKNv0MwmYm0OloFOuMInpOi7AuMNNd_VC8ajYGBtp1yG-BqsH6xYJ0JQziL7BPJuqOBuLVYPFN5JRXt1dH3g_iM4ESWC1Lvkk9E9Y2koHiTLEbh7UnIhO6lRLr0KoeFeeizsI5bM471zVFDmFlO72xyq3EKiSn6xFTyAQxvWTwLvGOtyzVyOO4Us9TaTUkJ6D8HILbSOE7mzDk7L1aNXPIG-bIMRyO6xNuzBiZ3AUKFwyvoqZRmr3siG9TM75tCJQqx3KSid3EdISRR23OjYDs3RvUej14ukyUxXgouPAMtyJXzWpoZx_8Qvz5njjMIBpR8IxCPA0bCAwxrOVT36MGHwXdpnM7w00rHZbwFA_5ve5kC9k68ze9SiAg_JQBAsWXJDp0TuIKFmCsXKAYrKgJBMGySd9FGMUPXVXakBsQdWScLW8aKl3FAKA8XnYUHFz6IjcoNZ9JCriuk9nsvA2q1_z68SxUNVXx9osVe5TZlRXJCxhOyLID-T5YIguA6hnFEGcNVFAL1bdWX6Izwskr8Zf9MZMk1FjZYK7EybIMglpA1Wj2iGOPuwJEEeAYBcWjihAywVsQt-TJdI

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal124.js Show response
cdn.doubleverify.com/ Frame 260F 60 KB
20 KB 52ms
52ms Script
application/javascript 95.100.146.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1699623&plc=68151431&sid=1366186&dvregion=0&unit=320x50&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1699623&auorder=1495266&aucrtv=60702353&auadid=1366186&c6=1447160&c8=&auplc=5180489&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_C_G_M_cic-215-cre----per-apl-dive-Tracking-PER&c3=RT_PD_C-215-mul-stc-per&c4=iphone15promax_sale_230921_640x100&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=Adform_AO_AL_None_BNR_CM_mul-stc-Ret-Tracking
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-74.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:03:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:53 GMT
Server: UploadServer
ETag: "36b6087525da09e8974d3f2aa1f7282d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19649
Expires: Sun, 08 Dec 2024 10:03:35 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 260F 1 KB
924 B 201ms
37ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_175830040042&jsTagObjCallback=__tagObject_callback_175830040042&num=6&ctx=11655933&cmp=1699623&plc=68151431&sid=1366186&advid=&adsrv=&unit=320x50&isdvvid=&uid=175830040042&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=120&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=1699623&aucrtv=60702353&auorder=1495266&auplc=5180489&auadid=1366186&aufilter1=165376&autt=1&c1=VF-DE+Deutschland&c2=DE_23_AO_P_C_G_M_cic-215-cre----per-apl-dive-Tracking-PER&c3=RT_PD_C-215-mul-stc-per&c4=iphone15promax_sale_230921_640x100&c5=Doubleclick+DBM&c6=1447160&c7=Doubleclick+DBM+(Media)&c10=Adform_AO_AL_None_BNR_CM_mul-stc-Ret-Tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=11&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=171&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4%3A7C24%3DF3%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4%3A7C24%3DF3%5D4%40%3E%5D3CTar9EEADTbpTauTau%60a5agahbh7e_5255426a%6074_c52g6f4g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.30&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_175830040042
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 483d291c61b3481f389826af4c38c8eddb505b1b407307d5a051e24696652aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:03:36 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/08/2023 10:03:36

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 260F 0
345 B 79ms
31ms Ping
text/plain 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=960930f1f4f0418a80eb9412493dcb5b&vfdur=202&cbust=1702116216229289
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
Pragma: no-cache
Date: Sat, 09 Dec 2023 10:03:36 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-12-08T10:03:36

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 260F 18 KB
8 KB 24ms
23ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 09 Dec 2023 10:40:09 GMT

GET
H2 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 260F 59 KB
23 KB 23ms
23ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 02:34:05 GMT

GET
H3 200 B9689862.280621528;dc_ver=99.292;sz=320x50;u_sd=1;dc_adk=764689870;ord=bh6je4;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.cifraclub.com.br%2F$0;xdt=1;crlt=z... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 260F 67 KB
30 KB 67ms
66ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280621528;dc_ver=99.292;sz=320x50;u_sd=1;dc_adk=764689870;ord=bh6je4;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.cifraclub.com.br%2F$0;xdt=1;crlt=zw_8yIpN6A;stc=1;chaa=1;sttr=43;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

d589d50aa47be2a67f6b72461fc7f02509127ac7a57959eca1eaa5f583e00683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30715
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F043 42 B
174 B 66ms
65ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuF_ykW8-hn6SCb5G4HSohvnQkm26O9aX99r2Wtvpd-jMtzUCg8mIHR3NBAbX1mm3rEGmuX7974AJodsou1ITIghNFQWyPrsiBUxhQ2wxHQnv_58R-argxzenALje9_cZZqYtpg_kDoyx7w&sai=AMfl-YQeYaXzBqSHoHHDKNLxzc8lwzaIKaz_7L44Ehf99Sa33_JvOxRBrnA_vjTHRvKw5CXFFlAVYcjZoQ5MKLy8kWWhk907TUphyjDBxa4Q28xGhD6bBGsWQkW6QPQP1iMXu7aVxtaI-A&sig=Cg0ArKJSzFX4Ei4ZH4lIEAE&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&id=lidar2&mcvt=1007&p=102,436,192,1164&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=70520306&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116214916&rpt=393&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 260F 11 KB
4 KB 28ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280621528;dc_ver=99.292;sz=320x50;u_sd=1;dc_adk=764689870;ord=bh6je4;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.cifraclub.com.br%2F$0;xdt=1;crlt=zw_8yIpN6A;stc=1;chaa=1;sttr=43;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:06:33 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 260F 0
0 64ms
61ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFP3pCxWuOZHoVIpUswNbCigwIDK32ESWvRP4m0aj6EQ8iQMpjCbAKeB9Kyqankx9_XrbgrM2HiqSI2QRu42o8g06SfOKY46GiFiH75YpeSLXG-PC3korwebapC_NPni56lmhUTgsdXNRvilCjtP33BBoU3aoqI3Ah2ystDMAy2mQA&sai=AMfl-YTdIBibvIEx5GyvIwUQpXFlOrGmDus-5YsaQe_A-7lU84bGRBCyEk5NJJXgerhD4HCDxlniPfwgwhsdArDiTEruY1By1IDAqB7z1w&sig=Cg0ArKJSzD4qE74EE1wwEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231206.16163&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 260F 41 KB
14 KB 27ms
24ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H3 200 2397669616063645596
s0.2mdn.net/simgad/ Frame 260F 36 KB
36 KB 34ms
31ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2397669616063645596

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

sffe /

Resource Hash

d57500b8339fe6d8d1937b29afe982a4a45853f18f7d023dc316aee32a1bc6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:18:59 GMT
x-content-type-options: nosniff
age: 38677
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36916
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:18:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 23:18:59 GMT

GET
H2 204 / Show response
track.adform.net/adfserve/ Frame 260F 0
456 B 43ms
37ms Script
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=68151431;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=19904691783&extPm=19904691783&extCr=520835544&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CbEy6djt0ZZ6jAf_j1PIPxea64AS7w_bob9ru2aSVEvKe3KDUARABIOC8rSNglaqzgsAHoAH2vq2YKMgBCakCYi2If_cOsj6oAwHIA5sEqgSpAk_QuYZjJ36SPupJRXxebskeNNhFPJM5225OEwosJp9AmG9U8ckSQbWCIXYAML04moen5c7ObpMMEYwNFeoX6E_SJ9WK2vfdFLEhu-VZEgY5Gtkygy4qrVfE5yKuLMB9QHme8HosMHNNQSJ1rjjeHLSHJT1E9vvC7GDWjpppri-gYP2bc8xr3ctHuTnyYpGHHQz_gqqVFeDJVrUqcuK-omVl_2aiIFYlEg8Jemhm7pxkbT5yGcYU97SNzLLRKwij0T8CYaxdwJHjTFIV0FDhOE-cHZ_7MhaRyGJoCFPy70cGFhG4MMrSAZrXwtD1SiADDauN0u_oz9YfxLId6HpMw48uS8pWSDXyRAuNrXG5T7Y1ilfQbly-Lzjop40qT7ovDEqJP1f05s-kcMAEtffWsqUE4AQDiAXH_KWTSpAGAaAGTYAH9vb99wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljni7OCjYKDA4AKA5gLAcgLAYAMAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7ECqg0CREXiDRMI1uyzgo2CgwMV_zFVCB1Fsw5MsBO8luIV0BMA2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&sig=AOD64_06ifrhJuzKcqGywXbEUOq6ifvxPA&client=ca-pub-5289793328419085&dbm_c=AKAmf-DqXbdk-0sPyw7VJeXHSkj7GwMp8nXnjn2jZezmFow8gd2uj7ii-_v2mKIriy1bsBJ6ZrY_EQnxZJk3dVJeSb6oMAd7Z5ZvnEcJTxNVV-rmTbFSzTYDjRXcTuqTtC5uIhVBawrH25jjuni_VgAmCEhzJeL4YWNQMoAULBrjev508YoJI58&cry=1&dbm_d=AKAmf-BDRWRCJuJC0_aTrXyZh-sqAmsD3X6AQMAu__GC684NNh7RMRT-Rr1rhHL0co1KJj1CEXv00ywxrhyP3gh3SuZHr0q2bclERv3SnadgrXizw9XxUX2P12hgMN9OKpc0X4sohRlCFjxd8xg1HyFczy6s6MdvDcGvcSEh98dJfXWbKZ7TE1OLQ6DIw1cl9QjFct6p5Q9LtJZS9ocDhkiFKBzKoOeSwGeeecP_P1jQK9U9RUzmzE27jVsQJpXYDeroVXx6vA_vi4GgL_X9YbpwkSh2ZzDlICtOgNhPoVFhwEVY4M_xAK3zNDvmFSzwL6ppfhSc69uRsHczdtSfDWqotcMDUBT-uIn1yz2DUx4-KFU4OQZCD4XFOhbKbubQidxmzMNO3r-8tvYKZmQDz-hZO6JIetT4MkeP9gY9hQPyiPat2D1nxjFwWglO94JlOUb0RZJpYqIDIu-iqoTI30q2VjEv6aIDBBbqXMC7bH1xnZyYyYcdsTchVWugMMiuEDtRLkBURlgmvBeD7maTW6iPQM9GR1X72ypaCqYTqzy1Qz8QMHW0elwwOEpsjpL2LE_qYaN_MF8y&adurl=;js=1;adfxid=1x;885;set=en-US|en-US|1600X1200|0|300|50|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fwww.cifraclub.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5E3C 38 KB
13 KB 24ms
23ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 260F 0
0 63ms
62ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFP3pCxWuOZHoVIpUswNbCigwIDK32ESWvRP4m0aj6EQ8iQMpjCbAKeB9Kyqankx9_XrbgrM2HiqSI2QRu42o8g06SfOKY46GiFiH75YpeSLXG-PC3korwebapC_NPni56lmhUTgsdXNRvilCjtP33BBoU3aoqI3Ah2ystDMAy2mQA&sai=AMfl-YTdIBibvIEx5GyvIwUQpXFlOrGmDus-5YsaQe_A-7lU84bGRBCyEk5NJJXgerhD4HCDxlniPfwgwhsdArDiTEruY1By1IDAqB7z1w&sig=Cg0ArKJSzD4qE74EE1wwEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=47&vt=11&dtpt=46&dett=2&cstd=0&cisv=r20231206.16163&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E3C 39 KB
15 KB 22ms
22ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 18:50:25 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 33E7 1 KB
643 B 23ms
22ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 260F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10351fc1588bfb7268dc65e99e849c024163a665097fd945dc7d9ef85fd51039

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 33E7
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPPbwqbrq4NUNZf_-_WO-OE&google_cver=1&google_push=AXcoOmQm4Ad1LG0PEahGV7A7_bx0SnsDfH0USXqGf5vweuqNM_ltcyrglNRZGgjvzmRx7MODV6n6B2t-Ir8...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQm4Ad1LG0PEahGV7A7_bx0SnsDfH0USXqGf5vweuqNM_ltcyrglNRZGgjvzmRx7MODV6n6B2t-Ir8GRU5AHXuiTadkiFEV_Q&google_hm=jNbNrmcxSNW4jfZwyl...

170 B
191 B

31ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQm4Ad1LG0PEahGV7A7_bx0SnsDfH0USXqGf5vweuqNM_ltcyrglNRZGgjvzmRx7MODV6n6B2t-Ir8GRU5AHXuiTadkiFEV_Q&google_hm=jNbNrmcxSNW4jfZwylujGbg

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQm4Ad1LG0PEahGV7A7_bx0SnsDfH0USXqGf5vweuqNM_ltcyrglNRZGgjvzmRx7MODV6n6B2t-Ir8GRU5AHXuiTadkiFEV_Q&google_hm=jNbNrmcxSNW4jfZwylujGbg
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 33E7
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESED-IXlrGrDnDUNEeO3qjdS4&google_cver=1&google_push=AXcoOmQVU99iG8kjqI_OGrZn0_jfvawgHwKWekT1gTjc3Fh9MKM8FO8L1DDpLkCzqGOC8r-Vj0TOddS1eYnvym...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQVU99iG8kjqI_OGrZn0_jfvawgHwKWekT1gTjc3Fh9MKM8FO8L1DDpLkCzqGOC8r-Vj0TOddS1eYnvymjbjhjg74ZD81kvcg&google_hm=hmV0O3ek2c9EW4U...

170 B
191 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQVU99iG8kjqI_OGrZn0_jfvawgHwKWekT1gTjc3Fh9MKM8FO8L1DDpLkCzqGOC8r-Vj0TOddS1eYnvymjbjhjg74ZD81kvcg&google_hm=hmV0O3ek2c9EW4UhTg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65743B77A4D9CF445B85214EBLIS

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQVU99iG8kjqI_OGrZn0_jfvawgHwKWekT1gTjc3Fh9MKM8FO8L1DDpLkCzqGOC8r-Vj0TOddS1eYnvymjbjhjg74ZD81kvcg&google_hm=hmV0O3ek2c9EW4UhTg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65743B77A4D9CF445B85214EBLIS
date: Sat, 09 Dec 2023 10:03:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 33E7
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFlydb5IlRrgxLqFUht3ZYw&google_cver=1&google_push=AXcoOmQbCTZXcOieGqqTTXjfafjlpo0KLvwFHQnz6VJ8yDyrQxSYtjVpOVSgfizkPl6PKgkJVAff-SWVaeMg0bP4...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JX7PNVnrTvw3RkPfiytBEw&google_push=AXcoOmQbCTZXcOieGqqTTXjfafjlpo0KLvwFHQnz6VJ8yDyrQxSYtjVpOVSgfizkPl6PKgkJVAff-SWVaeMg0bP4MLtjCUjc68noSA

170 B
191 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JX7PNVnrTvw3RkPfiytBEw&google_push=AXcoOmQbCTZXcOieGqqTTXjfafjlpo0KLvwFHQnz6VJ8yDyrQxSYtjVpOVSgfizkPl6PKgkJVAff-SWVaeMg0bP4MLtjCUjc68noSA

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 10:03:36 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JX7PNVnrTvw3RkPfiytBEw&google_push=AXcoOmQbCTZXcOieGqqTTXjfafjlpo0KLvwFHQnz6VJ8yDyrQxSYtjVpOVSgfizkPl6PKgkJVAff-SWVaeMg0bP4MLtjCUjc68noSA
x-host: tde-deliveryengine-production-5989b845bf-n4pwq
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 33E7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN26uRCwm9vsMkynWlsH8zo&google_cver=1&google_push=AXcoOmTzrT7P6ZDbGy-hF11MwcI4LSnYCetxYhVERW2XShP12tfKdomtKsQo4pH1cpbBYW8zaD7...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYVzFORlktMVUtMUE3Ug==&google_push=AXcoOmTzrT7P6ZDbGy-hF11MwcI4LSnYCetxYhVERW2XShP12tfKdomtKsQo4pH1cpbBYW8zaD7Xs_gBPGbrPHO6FhD4MfiUFeAEzA

170 B
191 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYVzFORlktMVUtMUE3Ug==&google_push=AXcoOmTzrT7P6ZDbGy-hF11MwcI4LSnYCetxYhVERW2XShP12tfKdomtKsQo4pH1cpbBYW8zaD7Xs_gBPGbrPHO6FhD4MfiUFeAEzA

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYVzFORlktMVUtMUE3Ug==&google_push=AXcoOmTzrT7P6ZDbGy-hF11MwcI4LSnYCetxYhVERW2XShP12tfKdomtKsQo4pH1cpbBYW8zaD7Xs_gBPGbrPHO6FhD4MfiUFeAEzA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 33E7
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHCQuqqa8S6UjTkcKnadPFg&google_cver=1&google_push=AXcoOmRGuvmm-dI9NPJbkbyP2K5Gj1vD79jEUkkdZsQ__T87e-K0ULTZBgfolxfNWuBVdIfQ3RMQuHzvMaOj...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRGuvmm-dI9NPJbkbyP2K5Gj1vD79jEUkkdZsQ__T87e-K0ULTZBgfolxfNWuBVdIfQ3RMQuHzvMaOjSAnm09XZVqNsU6hJ_g

170 B
191 B

34ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRGuvmm-dI9NPJbkbyP2K5Gj1vD79jEUkkdZsQ__T87e-K0ULTZBgfolxfNWuBVdIfQ3RMQuHzvMaOjSAnm09XZVqNsU6hJ_g

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRGuvmm-dI9NPJbkbyP2K5Gj1vD79jEUkkdZsQ__T87e-K0ULTZBgfolxfNWuBVdIfQ3RMQuHzvMaOjSAnm09XZVqNsU6hJ_g
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 33E7 0
45 B 229ms
45ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBcPM_mZv4bLOxj2gfMfjFU&google_cver=1&google_push=AXcoOmS13Uk9s47i9rvidwhz8j4j4N-XbeuX7urlII9Si3q6FGAItD8-9iAstG_FszchzHri5QvzCkEA0by3GBFEOHyBe81XkpsC
Requested by: Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:35 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 33E7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHCQuqqa8S6UjTkcKnadPFg&google_cver=1&google_push=AXcoOmQtWLDswNqbZ-ihPRI15-PFGLML4vR1kob_lw8sRpEuR6Z3Myv-k9rw7UxIVijojdA6JBGN0_8nklS...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQtWLDswNqbZ-ihPRI15-PFGLML4vR1kob_lw8sRpEuR6Z3Myv-k9rw7UxIVijojdA6JBGN0_8nklSOTiyC4cfJompB7Sb4vao
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

21ms
21ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 33E7 0
12 B 31ms
30ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuIkC1e3tojoQDBMUvxmooq7v4MWUrkw6AH-AqprMIUl2nYrLrmLjchwAySpWlxtw73cp3sg

Requested by

Host: 12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E3C 0
20 B 60ms
60ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJh8CeDt0ZbLhE8Su9u8PyeGwqAkAAAAAOAHgBAI&bg=!dXaldjnNAAY3kmNgF5I7ADQBe5WfOJaJT2Rfa5L2lB5iyM177uA6cPoDKHKkH5VOmKqkWLvMfPkbNZC7tnryHq2w5KUuAgAAADdSAAAAAmgBB5kDMntKDirSkFZaaFVc54JMKD0lAsRkj-dkw0ZYPhSR9kOYGj-rQVawgMwIjy9tB9cNPbjQKVRadeuSqpQqLwqQZpn2cIQZD-KfxdveChaybZkRL5ArXxFHQR5uZ2zr0OAp5swebsvR9a10cOqHhOzIHo_KVZTe9s2fEkCq3IOhwyO8htos_-Q2bLT0H6MgHHyy_FPPVdf_KIrsWw6OE-a8WzL4QuMfB54FWBMfr_Yj_hwAZm8DitUTxyCTVrfVQWDhUfsmdAuGDm9XleIvhgVAxUg8qqx8YqcbB6-7OhZHjBSVSbG8nNbASiepHtDOefwXPWtjybhMRlGf-bg10SfsrzRP0f5d88SP0_ixvzY8y6OHv844UPsolOHFhmFT4qUOC-0dlwP9EECGvucbeHHGKTWHrMPQQIy_N3J96rwbQsc1uipNtYzKcIjzv2N0Mxy7CQfbEYVeIZJgeHCLvEnLcpkRK-QZHx2-JEy-sHug4Y041BKKrMP2udae911FMJgmr5r2vp5hIhA9a4AfX0lxp-IKJKkboZilcRahuSdt67A3bSd9BEM18Gub7bDDXS6n8Ehp359JpsTnmr0rd1ljaT02LKFsKQmy5S6gLux3XHOFjjlA3BlNxk9XKGt2hrXb4IdS682TQIsLI4L5PqTmhzIGnvjZE9mRcWK-twbtFCNY6Loqi4LguSJWBlnUbaVgax34FHJje4M2TVE4BvvJsa9daB8z6l0Kx_FPJnQ46QR0zieytm6jzYZ-1kVvli20oINQdhUmDJ8FRpZDh6fOgD8qe0CGs6wJ3w3t-6Kwr437Apj6mymUfwgO6xY2YdH0drWl7ILRoNYzPaFJhdZbVka6_MjJkUR9MNfWRehShHr1c0ruhBoO9k-89ycWASJvwlb23VUY_m6XjYKsF5HOmZVH2nOgRprNa5HgX8dmRSmaaUjNdZGMWdACKw_jURUnicbLg0rgz_Xdgc_DOBAIn9no1sH_ecaC7qqvhYfmqf5JhQBypYHo96NRq1Kta4RVNbwubVdb6rClY58rx4y6M7tG6QggpWN69sliZ_b-1GvSTEXivuWHIIpGzSgRFsrkYXLs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 999B 42 B
64 B 64ms
64ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujU-dmAmL3arfWIQNx3mCY1RaqMVV-5AbXLYL__qx0jtbdoebAiRaKbj6faYTpJCvsB_c51ZNoYIkuEyPSPTBRMRpttB4jb4xut3CkFjI5xHBEqAJe10dcIkkOizzVDpOot807soNPOawq&sai=AMfl-YTDfS9sdNfMhex_6p43GKhnQDuN5dq6VJ28Eez4PgtHYN2N5ept9uWwZQPmpt1xP476aN4EsM4RNMqd19CtP4HQ4zAVQwAbKgoVKM9P0RjUT7Ap6rdsEJdqN8mmLtMqFUpgXDqlcA&sig=Cg0ArKJSzMGkRXSPDpujEAE&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&id=lidar2&mcvt=1000&p=416,1090,666,1390&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1414448433&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116214920&rpt=620&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5461 42 B
64 B 64ms
64ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGtFhrQQmxTm0JtXOFG_UXcMZRhs3C7GXnd1zeDIQNL6QG_UklKWbR1iSVTUmLQGqX2tum6800UJUmAxgrZ8tPnqVDibYe-Uw1zDTL6xJZ_ik7Hl8g-vvAT9QEJ6-VfAQEYHgs4SosYYxc&sai=AMfl-YQOsfE_SS2gFVxp6Y4YiLkKk_ix2TBUqbhfQ2XSewRvQD-g6vIxSfBn8ZyyESEo4K88LiV5bS15awW_j7tlE5qjuze3COxdrIonCAH1jueoF5EV6OmZzhHGfC6mNrTeqsAT-Bb4HQ&sig=Cg0ArKJSzP2L50-9yyRKEAE&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3249029758&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116215154&rpt=408&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 999B 0
20 B 59ms
58ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6829461344316&version=m202309260101&ct=76&x=1&cor=11412550731278938000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5461 0
20 B 57ms
56ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6250127684886&version=m202309260101&ct=76&x=1&cor=12486868328248822000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 putRecords Show response
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ 146 B
374 B 208ms
208ms Fetch
application/json 54.149.231.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.231.151 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-231-151.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 795cc480b58c6ee72c662d718c204ea6bc458629eab3220477fbc29cea3d2bb8

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
x-api-key: 79db72eb0b5c7255afa54a253df24fb4a5ac916bf40b51c730df8850aa5665ca
Content-Type: application/json

Response headers

date: Sat, 09 Dec 2023 10:03:37 GMT
x-amzn-trace-id: Root=1-65743b79-7421788e4f0a794c29d781f5
x-amzn-requestid: 729ae8da-f118-4752-acf3-62ff961795df
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: Pq47GHBdPHcEjfA=
content-length: 146

OPTIONS
H2 204 putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 0
0 595ms
199ms Preflight 54.149.231.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.231.151 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-231-151.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
date: Sat, 09 Dec 2023 10:03:37 GMT
x-amz-apigw-id: Pq47EG-9vHcEkSA=
x-amzn-requestid: 24c80d07-ec10-4db5-bfb7-7a45e4069fc1

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 260F 42 B
64 B 60ms
60ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDfvbkNWVd10t01Ao4n8mF4Ytg4lBQv3EMOzl06eZ1asdtCpNdLtK3kWZsEMGyLrbdTrXftGN88k4NxmVjUza0Aq0gRFdDnaWo9GVz98B3dnA05ZBJyZzLeA&sig=Cg0ArKJSzCVcKJbpwE9xEAE&id=lidar2&mcvt=1000&p=0,0,50,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=764689870&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116215161&rpt=1279&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 260F 42 B
64 B 65ms
65ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNMpjqAdT6X8NZBm3NYEQJw8_0gfUu9vybbPjQcKG-khoel5G4EHIPoGjQSw9w3Bv9XI173GRkt7BtL7EQehF6Xhon2koe8MvtoXq5YyC3i6dB7xi3-ZZu79YIjewuJWXkMM9aO6pTx5nR&sai=AMfl-YQvFurLZgGM4-Zi-0d76YUEGUkI8d7mO8IvuDfqzxDg9pBxAv6YY-BAniz76f0-XhJ07rxyuescVXoMqKhhuoKOZp649A5DvwfYazy7IAC2TYQ6_2ygI-XkXHSCvqHG4L0Cgsyc5Q&sig=Cg0ArKJSzMvlZuYGiOkjEAE&cid=CAQSOwDICaaN9UQ1OJh79iFAsNBCZbW9TBllYSFQU7Wzi_5v0z3WgtS_oQXXiHkST4R7aTQdnfxF18umnItoGAE&id=lidar2&mcvt=1002&p=322,1080,376,1400&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=20&adk=4164029453&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116215161&rpt=1276&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 260F 0
20 B 57ms
56ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9376529366986&version=m202309260101&ct=77&x=1&cor=14075709654430970000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 89ms
31ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cifraclub.com.br%2F&domain=www.cifraclub.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 09 Dec 2023 10:03:38 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 226936
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
379 B 87ms
29ms XHR
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cifraclub.com.br%2F&domain=www.cifraclub.com.br&cw=1&lsw=1

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 263301
expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4FCA 281 B
555 B 137ms
49ms Document
text/html 2.19.217.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-60.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 09 Dec 2023 10:03:39 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 10C0 52 KB
17 KB 182ms
47ms Document
text/html 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 09 Dec 2023 10:03:39 GMT
ETag: "623de86a-cf34"
Expires: Sun, 10 Dec 2023 10:03:41 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Akamai-EW-Subworker: 8096267

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 1577 23 KB
8 KB 153ms
59ms Document
text/html 88.221.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMSRPRR&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.124.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fbd4460093e8a61a76de80531eb3854a281985c4119f412b6df54b957f91c9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8419
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 10:03:39 GMT
expires: Mon, 11 Dec 2023 10:03:39 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 344E 16 KB
6 KB 81ms
25ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=163636
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=137030
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 09 Dec 2023 10:03:38 GMT
expires: Mon, 11 Dec 2023 00:07:28 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 344E 0
39 B 37ms
37ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10191554&p=163636&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=163636
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:03:37 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4FCA 46 KB
13 KB 42ms
41ms Script
text/html 2.19.217.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-60.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:03:39 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Dec 2023 02:27:23 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59031
Connection: keep-alive
Content-Length: 13233
Expires: Sun, 10 Dec 2023 02:27:30 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 4FCA 7 B
380 B 186ms
26ms XHR
application/json 69.173.144.138

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 5e091a4bda7cb1b96cf60040ae4e8596
Expires: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 10C0 0
594 B 31ms
31ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:39 GMT
an-x-request-uuid: 4eba0fb8-e380-4420-a81b-a7e25e62c4dc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.184; 84.19.175.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 log Show response
firebaselogging.googleapis.com/v0cc/ 506 B
625 B 69ms
63ms Fetch
text/plain 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaselogging.googleapis.com/v0cc/log?format=json_proto

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

Playlog /

Resource Hash

3862cec4274e09e5cfd7ca42bb7376f0872f1aa4dbb36d5330f3929b8278608a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 10:03:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 10:03:39 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 31ms
31ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3BB4FZD3LP&gtm=45je3bt0v868809808&_p=1702116212114&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=20116918.1702116212&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1702116212&sct=1&seg=0&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&dt=Oasis%20%7C%20Cifra%20Club&_s=3&tfd=20828
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3BB4FZD3LP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 10C0 0
595 B 30ms
30ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:03:40 GMT
an-x-request-uuid: f1edc803-9a10-4786-a054-3bdd12028b79
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.184; 84.19.175.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEAN5HgUm0Tg-d55Lnn9yTkY&google_cver=1&google_push=AXcoOmS6oQBVrszHASO6Ymq0IvuWWa-5PqrhtiMvajDJz-rP83LAInp55js5ZFp8gwW9JBKISBF1DccH6znDk1CbBT8KoxlKUSP823g

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEAN5HgUm0Tg-d55Lnn9yTkY&google_cver=1&google_push=AXcoOmTeV9qWMUPOxTN6jKXDM3TaKEOLriHJaflie9FoGpkV_nICdlJCIF2j-kGa17EdUlCecKNhNx8Ipzqa2BF67vboMSp-zid4R2A

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cifraclub.com.br/	1970-01-20 18:58:12	Name: _gcl_au Value: 1.1.2058028395.1702116212
.cifraclub.com.br/	1970-01-20 16:50:02	Name: _gid Value: GA1.3.556162925.1702116212
.cifraclub.com.br/	1970-01-20 16:48:36	Name: lotame_domain_check Value: cifraclub.com.br
.cifraclub.com.br/	1970-01-20 16:48:36	Name: _gat_gtag_UA_446764_81 Value: 1
www.cifraclub.com.br/	1970-01-20 17:31:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.cifraclub.com.br/	1970-01-21 01:34:12	Name: _sharedID Value: d050ade3-b5e5-41bf-a1d3-de447c9db46b
.cifraclub.com.br/	1970-01-21 02:24:36	Name: _ga_XBHRSMDBK4 Value: GS1.1.1702116213.1.0.1702116213.0.0.0
.cifraclub.com.br/	1970-01-21 02:24:36	Name: _ga Value: GA1.1.20116918.1702116212
.adnxs.com/	1970-01-20 18:58:12	Name: icu Value: ChgIy6c-EAoYASABKAEw9fbQqwY4AUABSAEQ9fbQqwYYAA..
.adnxs.com/	1970-01-20 18:58:12	Name: uuid2 Value: 4039622620436784269
.doubleclick.net/	1970-01-21 02:10:12	Name: IDE Value: AHWqTUn67snoUSpZWhoWzeo-WPorqJ7FAThweNknZ4OsOP21jUQRauxc93j4PKZ5
.cifraclub.com.br/	1970-01-20 18:58:12	Name: _fbp Value: fb.2.1702116213166.1130085405
.rubiconproject.com/	1970-01-21 01:34:12	Name: khaos Value: LPXW1NFY-1U-1A7R
.rubiconproject.com/	1970-01-21 01:34:12	Name: audit Value: 1\|hLZGFuTafB3gNecKLxSWxH4nM7EmNLIsUnR0OAt+rjGLEXPkTT4BcDlVHU0wa9iwgtGT4V76z4ibQtyFmQva21fHJGWVxiUjRw6xunrQy4Eijy0RC4Zd8dAPlTu0R9RN
www.cifraclub.com.br/	1969-12-31 23:59:59	Name: geoip_country_code Value: DE
.cifraclub.com.br/	1970-01-21 01:34:12	Name: __trf.src Value: encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoiKG5vbmUpIiwiZXh0cmFfcGFyYW1zIjp7fX0sImN1cnJlbnRfc2Vzc2lvbiI6eyJ2YWx1ZSI6Iihub25lKSIsImV4dHJhX3BhcmFtcyI6e319LCJjcmVhdGVkX2F0IjoxNzAyMTE2MjE0MjE0fQ==
www.cifraclub.com.br/	1970-01-20 16:48:38	Name: tt_c_vmt Value: 1702116214
www.cifraclub.com.br/	1970-01-20 16:48:38	Name: tt_c_c Value: direct
www.cifraclub.com.br/	1970-01-20 16:48:38	Name: tt_c_s Value: direct
www.cifraclub.com.br/	1970-01-20 16:48:38	Name: tt_c_m Value: direct
www.cifraclub.com.br/	1970-01-21 02:24:36	Name: _ttuu.s Value: 1702116214282
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 17:31:48	Name: trk Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyNd4fbZgqDE1YW6ExkKjQGkpUiG0IX9zO66ucs4jPwx6
.t.tailtarget.com/	1970-01-20 16:51:29	Name: _ssc Value: y
.t.tailtarget.com/	1970-01-21 01:34:12	Name: u Value: fwAAAWV0O3ZqzQboCGnmAgB=
www.cifraclub.com.br/	1970-01-21 01:34:12	Name: tt.u Value: 0100007F763B7465E806CD6A02E66908
.t.tailtarget.com/	1970-01-20 17:31:48	Name: ttbprf Value: ___de_1702116214585_1410576312
.t.tailtarget.com/	1970-01-20 16:48:38	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 17:31:48	Name: ttnprf Value:
www.cifraclub.com.br/	1970-01-20 16:50:02	Name: tt.nprf Value:
.cifraclub.com.br/	1970-01-21 01:35:38	Name: rdtrk Value: %7B%22id%22%3A%2296491a39-d76b-4838-bcae-783f6ca86c8b%22%7D
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 16:48:39	Name: ttca Value: CA15437,CA15795,CA15771_1702116214
.cifraclub.com.br/	1970-01-21 02:10:12	Name: __gads Value: ID=3dc753111f955883:T=1702116213:RT=1702116213:S=ALNI_MaqPCihII7L8_KT8vWX1eMNau1o6A
.cifraclub.com.br/	1970-01-21 02:10:12	Name: __gpi Value: UID=00000d0fdb1f9d87:T=1702116213:RT=1702116213:S=ALNI_MZXHodQUokoYjIX0uqO_j11zzxjrg
.t.tailtarget.com/	1970-01-20 17:31:48	Name: tp1 Value: CAESEHnXwBrLoLxJjBIygrSIo4s
.t.tailtarget.com/	1970-01-20 17:31:48	Name: dc Value: 1
.cifraclub.com.br/	1970-01-21 02:24:36	Name: _ga_3BB4FZD3LP Value: GS1.1.1702116212.1.0.1702116215.0.0.0
.t.tailtarget.com/	1970-01-20 17:31:48	Name: n Value: 1702116215
.adnxs.com/	1970-01-20 18:58:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In@rHE3S!]tbPl1M>e)ZlrFUfJ+tGXxoX>4VQ'S)jpTNS0mXFQf+%I+c?[Zsn'J*OVp93If)y3KL9D3I?-#!BnOR
.doubleclick.net/	1970-01-20 21:07:48	Name: APC Value: AfxxVi6rV_wA7WMB_KxsxZXmXBtub9TxM9ZK6XoGzTWAw6ASo1O6Bg
.doubleclick.net/	1970-01-20 16:48:39	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 18:58:12	Name: d Value: EH0BCQHPKoEA
.quantserve.com/	1970-01-21 02:18:50	Name: mc Value: 65743b77-761f7-2ef79-ce7e6
.adfarm1.adition.com/	1970-01-20 18:58:12	Name: UserID1 Value: 7310533477426591885
.simpli.fi/	1970-01-21 01:35:38	Name: suid Value: AADDDB9C1CE24DA499C4C9FCC7C164B0
.blismedia.com/	1970-01-21 01:34:16	Name: b Value: 65743B77A4D9CF445B85214EBLIS
.adform.net/	1970-01-20 17:33:14	Name: C Value: 1
.adform.net/	1970-01-20 18:15:00	Name: receive-cookie-deprecation Value: 1
.turn.com/	1970-01-20 21:07:48	Name: uid Value: 7326541133599181276
m.exactag.com/	1970-01-20 18:58:12	Name: exactag_new_gk Value: 7b4c1be59aed4d29bcd5c237ca791ad6%7C07.02.2024%2010%3A03%3A35
m.exactag.com/	1970-01-20 21:07:48	Name: exactag_new_uk Value: fc73d5c904924913b4f61bb072bdd901%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: eb87d76cd75140e4bbb20567
.de17a.com/	1970-01-21 01:27:00	Name: guid Value: 1.2783001151503502949
.doubleclick.net/	1970-01-20 17:31:48	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-20 18:58:12	Name: CMPS Value: 3361
.everesttech.net/	1970-01-21 01:34:12	Name: everest_g_v2 Value: g_surferid~ZXQ7dwAFj8my9AAM
.casalemedia.com/	1970-01-21 01:34:12	Name: CMID Value: ZXQ7d7OBR9w9vE40jx-NYwAA
.casalemedia.com/	1970-01-20 18:58:12	Name: CMPRO Value: 3361
.ctnsnet.com/	1970-01-21 01:34:12	Name: gid_CAESEPPbwqbrq4NUNZf_-_WO-OE Value: 1
pixel.rubiconproject.com/	1970-01-20 18:58:12	Name: receive-cookie-deprecation Value: 1
.yahoo.com/	1970-01-21 01:34:33	Name: A3 Value: d=AQABBHc7dGUCEAZdqlpp1rqiRZgKNfmuIUcFEgEBAQGMdWV-ZQAAAAAA_eMAAA&S=AQAAAqjiyf3QHJKxmlQSzB0Tdvs
.tribalfusion.com/	1970-01-20 18:58:12	Name: ANON_ID Value: a8ntuJw5EGiAaINQfTsPUkETa7p6UkBuve7MZbTWDYG1WF28cATMtF1SohP9tkIvAmHGZbEQZbPNQQtR3eqwvVnZd1Zb0
.adform.net/	1970-01-20 18:15:00	Name: uid Value: 851605062762848287
.ctnsnet.com/	1970-01-21 01:34:12	Name: cid Value: 8cd6cdae673148d5b88df670ca5ba319
.travelaudience.com/	1970-01-21 02:20:17	Name: _tracker Value: %7B%22UUID%22%3A%22257ECF35-59EB-4EFC-3746-43DF8B2B4113%22%7D
.ads.pubmatic.com/	1970-01-20 16:50:02	Name: KCCH Value: YES

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://master.cifraclub.com.br/api/v3/sponsor Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://master.cifraclub.com.br/api/v3/sponsor Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://master.cifraclub.com.br/api/v3/sponsor Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=19904691783&extPm=19904691783&extCr=520835544&rnd=1702116214020894' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12d282939f60daddcae21fc04da8e7c8.safeframe.googlesyndication.com
a.tribalfusion.com
aax.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.travelaudience.com
akamai.sscdn.co
api.cifraclub.com.br
b.t.tailtarget.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.doubleverify.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cm.t.tailtarget.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
csync.loopme.me
d.tailtarget.com
d335luupugsy2.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
firebaseinstallations.googleapis.com
firebaselogging.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
gcm.ctnsnet.com
geo.privacymanager.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.cifraclub.com.br
image6.pubmatic.com
img.youtube.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
m.exactag.com
master.cifraclub.com.br
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pageview-notify.rdstation.com.br
pixel-sync.sitescout.com
pixel.rubiconproject.com
popups.rdstation.com.br
pr-bh.ybp.yahoo.com
prebid.media.net
prg.smartadserver.com
prod.tahoe-analytics.publishers.advertising.a2z.com
r.turn.com
region1.google-analytics.com
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
t.tailtarget.com
tags.crwdcntrl.net
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
tt-9964-3.seg.t.tailtarget.com
um.simpli.fi
us-u.openx.net
www.cifraclub.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
csync.loopme.me
104.16.88.20
104.18.24.173
104.18.36.155
13.32.119.77
13.32.27.122
13.32.99.59
130.211.44.5
142.250.181.225
142.250.181.226
142.250.181.230
142.250.184.195
142.250.185.104
142.250.185.132
142.250.185.162
142.250.185.238
142.250.186.162
142.250.186.33
142.250.186.67
151.101.194.49
157.240.252.13
157.240.252.35
172.217.16.130
172.217.16.134
172.217.16.138
172.217.16.202
172.217.23.110
177.54.145.109
177.54.145.110
178.250.1.11
178.250.1.9
18.239.83.131
18.239.83.58
18.66.97.24
185.64.189.112
185.86.139.102
185.89.211.12
198.47.127.19
2.16.202.98
2.19.104.211
2.19.217.101
2.19.217.60
2.21.74.80
213.155.156.169
213.202.235.10
216.239.34.36
23.32.184.192
34.102.185.99
34.120.63.153
34.149.50.64
34.248.85.3
34.68.90.188
34.96.105.8
35.186.193.173
35.190.0.66
35.201.123.184
35.204.74.118
35.223.116.65
35.244.159.8
35.71.131.137
37.157.3.20
37.157.6.234
46.228.164.11
5.135.209.96
51.89.9.254
52.210.175.116
52.222.250.175
52.57.96.192
54.149.231.151
63.215.202.140
64.233.167.84
65.9.66.68
69.173.144.138
69.173.144.140
69.173.144.165
74.125.133.156
85.114.159.93
88.221.124.22
91.228.74.206
95.100.146.74
95.101.54.243
98.98.134.243
99.86.4.39
03e7b6670a29e62d8e8a44ecf20be362d9f50313ff71e8758d90df814b325db6
044276ed35bfe7ddbae68a48ebb014c332c3164f0d6056253d7b7c48acaca8b1
050ab394bdfdc7a2557e1d9e1d08dff61f08059a9f58408ea5963f0a5b09c991
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07192a2c56c266c2d475b86131dbe71f5f5ca51b42608c20666c85876481c6af
07c71ed14b6a524f7c6943b6f53abd96915ffd60f34cad20dd13bee8ab486c66
0874c93bc9a23ca21b5de6fe83b88fde608a3e72ff2f871228a520e5770f68e5
09e6e7ab41aec891950182f58c7f1a39145de07abed87b3ac708d707d88ff2c8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f1cc3140564fa9e19a7744a1c8390ab2f302432e204ab1985aea9dcd4167b22
0fb7646d06b7161154c3a9a1d0daaf25f7a0ad5d6186fb8f1c5c3b74c58dfe48
10351fc1588bfb7268dc65e99e849c024163a665097fd945dc7d9ef85fd51039
110d539beb902a2116bc781c2299b38533f285e03dcc19e064c3315602910357
11fce349dc88604a7014274185fb60fdb3169648750fdc0a86ee0c32397bc681
1285d498cd3279edb34f0402c08b5967f5539dd60116b9df07ded8c14a87abb6
1293e34cf7955d387571847bc1eb3e1bbbf3e76216130dcca927b94407d04351
1548aabd8c69698cd8f0247200a23f032283ebe6598bbc1cf166738ca8fcf332
1598ef891d4bdf2edbdf92f70aa210a98d93bbb0863c106683ddde93a639f632
159f115c7db1557a4646c346f654d62d9147e3b661ec7c8bdbcff1d078d62b6a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ccd15f4451136a3a3a7a30c5991b0521908b7739179713db42ef18f61a2388
1a1496e6481c42c667efab542075d1247514547ca36d577ca38f9525dab07663
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cb039486b4c314d859125a12dccbe850384377459d2c8d4d7b7660d55bf51d2
1e758e62d670591b92085ec18737455d389542f99b5f11fe5faba22dfd5733c0
1f407355fa69f17827cc696408baea8cb67f184a71a47c205ef4022c1d7f44a7
20230eebccf18cdac7ca5b8412b6e0672d1b37844927bcf43d0448352b19c104
2029cc6fd9fb237036a9de988ad94167767e7f85967fdfc09f057a76c3d98709
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
255eea6fe208bbc9fcc28a6946219f678587506d56fa69754fb0b8a49b72aee2
25ac51bd560661614f1f90a6cea5a82f526a8550afc34f725bb2471607ffa173
282b5e1516d6c9ca234f2ce85e13cc85e76293cfd520fc8334815c757fc50e1b
289b000444f6b24ce80580d8edc63d446375da2b2fb25c6e1795b9f54fa47fa8
2a5197525b2d844bd1ce5852e89988181164abcd15bcba5767e37a0800445ec9
2c4a96b08ecfdd8f4394ffa5e8386e3ab3d1ed768030c64d22832455f0b8e8ae
2c73ad08334e801d45ff3b490982500f67061656e3c2bdb686f5db03e1540071
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2fd4b885cbab9959c8951a1928462e1386db4ffbe82629313b7eee87bf22a87a
30f4c911942466581dab2a4eb1f974829aa217a1d0f559df48bb15a6696a3965
311724ef5b6741df264b9b084a77bc35deafe874b33248d0c8f8b8550b4d81e0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
362ebd155f136aaef66cbea0731b4172fa0840542b52fbc9dab3f5991204cb30
3737fc8d3882327f17b1e64831a922185678e38181e8eb0c5b75cfc3bc1146a9
3862cec4274e09e5cfd7ca42bb7376f0872f1aa4dbb36d5330f3929b8278608a
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39c6dde7b3a7b75604778a4e722f23c4210f03424fa7582adf1337d5449e4129
3a4387844ea355406e936ffea2c2e0b1eb84ace4fe9c2322830ee1bae264b73c
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b534c83e1cd3b6fc573b9b2b2f42500282c91d0f75d8b4839db5632b6d82232
3c16fb350617fbae01d980ff008cb6b803f9e5e1db80470081940270498d3718
3d23d098e5ded670710398ec3eceda9d070dfe2753d9e8735af92c6cfd68910f
3d58d6b81013cd185fcaf14300457b228dff4e72deee5e7b6f40b88eb913942c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e8088157c8f2558e34ec624c6d585190aabf2e40d14379cc3e2177cbdb5f322
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40adf7eaae90847af4f5dcca72421a43f399d93a5216bb79512837fe62e2905d
41b6a8dc410661d05df3bac202e4e88d4be990193ecd012a498146271ab8e6b8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43151e7ead8d2cf1f507b44dadecade33fab074f1847e6447a533b25765e9ae3
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444e6135dcdb2ee26d10b212528c0f57e14f5b9a6c032de70c6b08a7f6bc8458
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45810e801cb08b31e14f7a5dec400d9d28a7468032dff660aa4d9d882e78821b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479982149be5e64014364f19ee0ab6211f0ee3e717f0d435dd79c0ee171ec4fe
47f5661bba51759dbd3c33eec9ebb77f709b539316077f4cfe349c01751d2750
483d291c61b3481f389826af4c38c8eddb505b1b407307d5a051e24696652aaf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9f523c5b41cc16454ef5f93f478a2cf6d79e26fa2410dec93264d69e1c66df
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741
4d9c012114fb7853ce7fce434ca2a6f05262f3c019be5686650a707a044e0b00
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f25af342124d142dd99b5b3a4b90e660cd4b96dc7c2bf4e54c1a802cc93d521
4fd08991cc0d265646431832f91dd7d41714becd4b410fc366701d1d72e1c5ea
51146e11e134d84c3a0efda4487de0bbceae1111c8a2cb90e0a6942b65cc6603
513237d505dc16f8ade46faf1f0eece35e05d994a34c15d9a14aa7da9d857a16
53af0e9ff44aeaecd83a42311e55ab7c21d3421388f74c6a71bf3eb19741d0a6
53ee10278a7f8a3ca21a883e03f4b0ff61e253ff8a41c07c22db6e3450618fb3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59c741e1e59a3b6d63c2342a5006051940b7d9eb6ce1d0bbe246d2af70d2ea75
59e8f33be46fb7a03d8db862b344a3e581550c8d38e0a28345be72de04a6c0e1
5ad947ccaa4ca7a75ebafb987ef274569c5de7298299dc743b22b6439de73412
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ddf14e7f01112832f2bf7fc86c4b5be0c9578dabd6d7fae81618b5387422065
5ecbc7b923367cbe0a0e615c5aa1bc0f9e28bf84819ef8fb5cad5d9fc17ac609
61783a8faf823c61843dd3951d4d7b1b85cf1cc0f6803c0859348f79b96fbd86
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
62f5f584c41abf3fa8e885b6e8cae690e68c30c2e1d088945fb9a6f74367ea95
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
65174a4c2da442ba5bb561973711add9fb989827a1f131988c51e0eb2316d4ee
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6900876eece5bf3972934097ac40a69bfcc2d15f24cde1cce4bf27ce3928df5a
6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3
6f6d9558ccb85191d85fac087502114534207cfa93b5e05836de2b48f6ef5171
7053d70aef711c66662b8f49117974938629d4b3b2eadeb0f94ddb927ba5e881
70fa7d6af1775ea7cbb76511f73b02a74a55c965b1956e7cc5ef3798871badca
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
73ca54e7fd737f75e3c1e6aeab2359da4938a878600f9f5f3b2b28a210187be1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75785f289ef074e8f175731f45213f81b3ed60a25d6fe928eb672bc4cb0ff86b
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
762067c0f275ae22abacab20f64e6af6d69859ad31bd1af4c8aa70a5f37ca89f
7620fb859f2d4043d22636886cf9cab799f2a7c7e764febf3c9231eb3d469f3a
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77425a0c624cac6f784c90b7eddfaccc078aca01744acbc25ea142a43ab2c08d
775f5223d53b606d96bdf0f8b71b09ca0d6bff28508880d6708e3c33ca98a883
778f6c203a6a2ea31e4cb3aa28a07e5e4d259a553807f9b2d8149f46e9483079
795cc480b58c6ee72c662d718c204ea6bc458629eab3220477fbc29cea3d2bb8
7b925405d4f26f334cfa297d693df8fa29c67273b7574122c4566cbf8b115aab
7c7731b06258428e27f94f19b7a9999e7aa67ce4c110504d0c7abc77f03e03d9
81155f395a4803d786b6dd72933dd5e44ac01c5bf7a9c57e6b04a5ec49ccd5b0
81a8c2faaf160d3b5a4d7ef2763f73c361ed8c6c3fcc9e258d3f387aff562215
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
83354326bf78aff6835472064ce3de6c701d8a7067f8d26cd385b9bb8fc3a7d8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83952115381c2cdde2f36cd1d256ec2e19f3c45c45cb52747b11abc7fcc2eaca
843b2adb2755e2ce1e31ba43d0288c3353118c28e1300f648eab94c779d970b1
8448eec1b11709f6f960592ca4223988ee6f4d1a5cc28bc41b37fafa2f8b5771
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8522541018da32806c183c3c61005178d84d33ad681cfd1d4ea98cad997746eb
8541d0182a8972635847bd3bc5f18c105f95d6d57c09eac02873ce6d32d10db2
8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec200d236508e55b071298e107025d9b969700c45debdae4989801954f45623
901ed3484b7c73bf45f62170748ae78c51c1c83f0b835623a2b530fc7e69beb7
91e132de4aff8aaddb6b3ad39d1d4ee874b9af6037a5e88e8a425f2d8f6048e1
91ee756d52e2b61079db9e75c226c6163facdc58233ada92fc131831a47b464f
92632556d181946b918e0a32fd1cb80099d7620c950c4dc38e1026852de2129f
93c847517b3cf216c23cb5d78a221fb61658c9a0eee203ea5e7ccc504e5456e3
95d10ec7bac33c2bef6627247bf3afcf67508b129a231cafad92ad8752d1c46b
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
98b36d0f871ff10d79dc18923e6029ceeafff1805c244f50a548b40bf22d68e6
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2ddb4fdcd73f55a03dcf4e1b5aba016bb2713c61f115673381945de7e07ce8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2403d259fed20292572c581434a550eb18dd295d06d1132920ec20834933c27
a61001fdab2b5fb9c913546598136b598b3a1dd67139e4bf5d861cd5c99b3107
a744f9774a333ee0807e066e8e15fbea8f54c63794549c5defe2281b98637d8f
a916aa8e13a2a5c93b12839ea542732ff2c90e83bd05b016ee807910d377f7ee
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abe1befc84344451d90492779fc73a2e13b5ba88c9b413431cb702345dbfd621
aef79460d9d38f7a5349a194da19ef705d97dba070b4741344188a1f43edf015
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2
b1812bed29b6d4fe1ee6acbfc18306625e0432b97c065bf8ca4c876ae6b644eb
b281b694ec639957a0f1451cf73308b092ebedd95752289842ebd8496bb11aef
b2df80d186eff42cfb081ee0bc6ec2905077808d678e695d6ba9829f9aa70791
b3a0c298c99a1608c2e10279d0be9701f184b1e45ee82ebf6121b381a8d8d95b
b6dffed263cc0c871c01e8fe5ffb09b87b8950333137af73b9f21afee19620f2
b88111ebcd854dbf472fdf7fb5134cc6edaee4691045fbd6a170e44147dbe452
b9c0cc1ec728610d8b8056922640385d1f89d00e42417b537f6f7aec0ccdc6e4
b9c77e2af07a3ed44291f27fc4ed0aeb924ce68062ebd4334b4f1a25093c1236
bb33d80819e6c246cb6eec4ee446044fa4fbb5e2ee6e437e808d0048c1ac3cb4
bbdcddbb306bdedcdd069f454c0c766bb68d6e1cfb6df66deb23c478234bb6fb
bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459
beac3b574eef4f6cb4b210b9229be5f061c325bbe7e3ea9d2bbae6195a9e9885
bed642a636ea65103f61afc290e560d0c7141fddca44fa3087d97c8b6281517d
bfbd4734ccb0db8f1110b7a37a4cb2c648cde1a71454dd4121cd882a82024589
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4b9a84583357b76159da1d03f909c5ca0423f0c815fdf193d9607c8061bc950
c4ce0ebaf10a8b63b71e222dc207851b5c5e69198a84ee393c4583b1d63cb640
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5
cd42b268d14bc0a73d319b03beab500911bbf0b88956bd6809cc8c9518473bee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d355dc0bccc68e3eca035be49bc47f8813af00025856ea78b24e05f5405f5db7
d57500b8339fe6d8d1937b29afe982a4a45853f18f7d023dc316aee32a1bc6ed
d578b685b429ff4e0b09abc05805b8178d6de9d1a7b5bc8100c5d656d17d10f2
d57cd6887e68ff25cb1fb7190a72821f42074d11467b3c51f8000d9968c8f35a
d589d50aa47be2a67f6b72461fc7f02509127ac7a57959eca1eaa5f583e00683
d59bda1d7b4fc1afa89a80bbdbdbde352ee0715498e81864f74066639d7b17a0
d5e2a3df9b4bd40c0ae5756d44b935365f06984de884b83dc812a162b9b092b1
da0bb398000aa28a61206661b421c0eeb33d190dc30b5572fde742061804feb5
ddd297dc7f4f638ea0116934818a16c8d379a2c4d7bf096e28a41b089ce466ee
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def188706410d20cdd773895932b9d54a3a8d55b93411f39165629400d5ef13c
df71b390ca8b86d284e2e5f24b13f41f7591fa827c10ebaf4e8cc75dc818d3b6
e0051b91b479808abfc8563e754e4f107b8cbb60a37091807268987fabbfa600
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e973189341cfd0eb1b41bf2f1ea492f8c092904a5311efe7a7c3fa27a54ee2
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
e7284125e6c80cdc9129ab8916fdf6a5d3ae5cd6b6e23774062b8ce3fa716043
e7cdf4e1314b3721d856cf8d24bd8456840e564d2bd254ceb8686b95bd536264
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec62cfc76221123e1ab6ba0fdd1dd6a7b6e1919c152f67ca6e10d039b4b0f492
ecaf9786b37e35c90c172ecc4d5dcd3e895e81d1766b09c67f984ac43af6969f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5
f74c249acb234b2ca8d04f7cd54696ef451479e8d6749f402daf6920200f72c0
f82dfdfaea0bb707b71f4ac5500b61a91ae9f3850b09f642b3254a9cf44b9389
f82fb7a91781ccc799972e3e565b454c194c1c305e78f2e0ba2e4be7b84ce7bf
f921e30c60eabbebc1d71747909d95b638bdf71c745d81dc286d47402743d984
f9ad9d1088e52ce8fc1f7ad9281481b75027db24df768da4e132dd82a34e8d66
fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63
fbd4460093e8a61a76de80531eb3854a281985c4119f412b6df54b957f91c9de
fcdd8078f60f8833861ca0b9f13aba67773278d96cbd4f459b21cdbac2d6a62f
fd1c2934b9189f3c145673b1eb8769031e59803a8fdbd9c47242773c7dda1d18
ffc12c783dd36405496154947df43d6d6204a694e06b56bf516c52ce82d348ce

www.cifraclub.com.br Open in urlscan Pro 95.101.54.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

392 Requests

91 %HTTPS

0 %IPv6

54 Domains

94 Subdomains

73 IPs

11 Countries

4486 kBTransfer

12525 kBSize

65 Cookies

37 Outgoing links

Page URL History

Redirected requests

392 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cifraclub.com.br Open in urlscan Pro
95.101.54.243 Public Scan

Screenshot
Live screenshot

Full Image

392
Requests

91 %
HTTPS

0 %
IPv6

54
Domains

94
Subdomains

73
IPs

11
Countries

4486 kB
Transfer

12525 kB
Size

65
Cookies

392 HTTP transactions
4 data transactions