aapka-msg.com Open in urlscan Pro
2606:4700:e0::ac40:6208 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://aapka-msg.com/br/?n=Tiago-&t=w
Submission: On December 23 via manual (December 23rd 2022, 9:22:57 pm UTC) from PT — Scanned from DE

Summary HTTP 68 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 12 domains to perform 68 HTTP transactions. The main IP is 2606:4700:e0::ac40:6208, located in United States and belongs to CLOUDFLARENET, US. The main domain is aapka-msg.com.

This is the only time aapka-msg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:4700:e0:... 2606:4700:e0::ac40:6208	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
68	18

22 2606:4700:e0::ac40:6208 (United States)

ASN13335 (CLOUDFLARENET, US)

aapka-msg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	aapka-msg.com aapka-msg.com	547 KB
19	googlesyndication.com 1 redirects 993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	189 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	199 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 374	109 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	68 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 ajax.googleapis.com — Cisco Umbrella Rank: 304	33 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	47 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8549	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	43 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	4 KB
68	12

	Domain	Requested by
22	aapka-msg.com	aapka-msg.com
11	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net aapka-msg.com tpc.googlesyndication.com 993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com aapka-msg.com www.googletagservices.com
6	securepubads.g.doubleclick.net	aapka-msg.com securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	aapka-msg.com securepubads.g.doubleclick.net 993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	googleads.g.doubleclick.net	aapka-msg.com
1	www.gstatic.com	993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
1	www.googletagservices.com	993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagmanager.com	aapka-msg.com
1	ajax.googleapis.com	aapka-msg.com
1	cdnjs.cloudflare.com	aapka-msg.com
68	18

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://aapka-msg.com/br/?n=Tiago-&t=w
Frame ID: 26714EB1F31EEB9ADBD29ABEDE9D530A
Requests: 38 HTTP requests in this frame

Frame: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E9AE9897F753518CFF6BC6071A7F386D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 071C18E4E0E9FDC9583F07C89DC0FEE8
Requests: 12 HTTP requests in this frame

Frame: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 37798135983F75FC180376A826227B6F
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7F5069B0FCF51DDE7A82FD06AAFAD222
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 558E4A684D23D4B4ABC40860AD97A344
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 0E61048BD3864BAA109077528E29F588
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Você deve ver pelo menos uma vez na vida. Site incrível.🙄

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

65 %
HTTPS

100 %
IPv6

12
Domains

18
Subdomains

18
IPs

3
Countries

1263 kB
Transfer

2442 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 65

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

68 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
aapka-msg.com/br/ 14 KB
4 KB 334ms
312ms Document
text/html 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bd6aa2a73fae476b0a88fc1a51036e787aa0c34328a210b1e11dafd1d752c75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 77e427b1b8f4bba9-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 23 Dec 2022 21:22:52 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhQlVdj2fe5GQEX%2Br5uv3e2U2T%2Bs4YjK0EZgO9wvlF41CBRxY90OYbrxZvQsIrvH8ME79RPw432FJaH0QISJiJhB5kM%2BNlXL3hKzuwrNX3Y6HOom2LypFFq5KYrEqIB1B%2F3a7noD9IadyOkZ"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 43ms
16ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6224690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3279
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBN7t54tF3FCKekYnX6OAPfvt8RiZs4PzBwIT68W5ejcKymJBZ2%2F7RJae2SeR88ewtOLA1MYcFgrnHkonAdJp2k6J0h6CMBr2kzX%2Fdm16cg6TNhsTjLCZKXhu94FskoAYEiuVQzyfwQOGETm01hbMgv5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77e427b3edd49a30-FRA
expires: Wed, 13 Dec 2023 21:22:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 206ms
72ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27544
x-xss-protection: 0
server: sffe
etag: "1430 / 374 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Dec 2022 21:22:52 GMT

GET
H2 200 css2
fonts.googleapis.com/ 391 B
809 B 135ms
53ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Boogaloo&display=swap

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

190218113db16896a2f26497538861ac58c25280fdca5bf68de076371e39fd38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 21:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 21:22:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 21:22:52 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 152ms
30ms Script
text/javascript 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 16:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 16:17:42 GMT

GET
H/1.1 200
OK Slide.js Show response
aapka-msg.com/br/ 9 KB
3 KB 19ms
18ms Script
application/javascript 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://aapka-msg.com/br/Slide.js
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a693f4bb5b25c924b8a68734694fca6c94344153f2e21f798bbfc174210e536

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6500
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2121
Last-Modified: Fri, 09 Dec 2022 12:40:49 GMT
Server: cloudflare
ETag: "221d-5ef6476a5f9a6-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FtZZ5D%2FCbRnR0jRpDQUiw6Rv9bbabsn86FUMJUpduJfs6g9%2FLGmFstNAFA8hW0mTdpY2C8NR1sad0rMxohlA6JeN%2B1HietnLStZbb6a1CIoSvCjqU3pJU2YkIwF7yXj658eohc3yQ7zdlIM"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b3cc9abba9-FRA

GET
H/1.1 200
OK gate1.png
aapka-msg.com/br/img/ 14 KB
15 KB 17ms
16ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/gate1.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfb12519b691771d4ca01f216cf5aa6a90483ccbc296ef944a796652bbc291d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2610
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 14346
Last-Modified: Tue, 13 Dec 2022 04:59:03 GMT
Server: cloudflare
ETag: "380a-5efae7a979c6a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whUQJL9oDljihbWVRmfleruM13La5qBEt63g2%2B5FwF1iWebS4M6wv5rR6ZOGlc7g7KCpuIsVrJxEKktq3GiPnjgORP3yssLjcRaR61qj0caYlIRHBoA5hoUpQ5gnri8PFmuy%2FmUnbVLgl1hd"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b4eedfbba9-FRA

GET
H/1.1 200
OK gate2.png
aapka-msg.com/br/img/ 14 KB
15 KB 15ms
14ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/gate2.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aac4a423f94af29edab7eb8fc77cdeaca64cc48ee9624742954d4b025101ccd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2610
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 14580
Last-Modified: Tue, 13 Dec 2022 04:59:12 GMT
Server: cloudflare
ETag: "38f4-5efae7b25fd90"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIwdRBe9cCj7%2BJzKcvg1pYeMG%2BF23MLyXc1c4r9RBLtiVF2YrpX2Va%2BUEUtycnWYdkSOsO9O1n6y2SjpKduizo0V0XB47QZw9O6uZ47U8wFHPLvJQLtMl0P5Hq7dxAaIexorZ%2F0w4M0pOg0j"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b52f44bba9-FRA

GET
H/1.1 200
OK arrow.gif
aapka-msg.com/br/img/ 29 KB
30 KB 28ms
22ms Image
image/gif 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/arrow.gif
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9261d874b37fdf3d0f34020ff0c86e0b7abd3690df2d1f61364b070029da397

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2610
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 29654
Last-Modified: Sat, 26 Nov 2022 11:28:50 GMT
Server: cloudflare
ETag: "73d6-5ee5df1398080"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2HRV75ySaPvfZCe4VyUq3RxfCh8iVIwd7acw5lhIlAC1U2zvh2H0jaesm8m161fjRXWlgdAcXWvZTsB1C7rcUtmEAoq%2B%2F71Dg9pTWoL31lgjK5laxZiI1wwad4HLpuLbwphBwQ0xTYsYbzJ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b53a9ebb8f-FRA

GET
H/1.1 200
OK jinglebell.png
aapka-msg.com/br/img/ 46 KB
46 KB 26ms
19ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/jinglebell.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1e3391112308e5efd32700291154fb595082773f256375ee5f3b09962816f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2938
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 46633
Last-Modified: Mon, 28 Nov 2022 20:03:53 GMT
Server: cloudflare
ETag: "b629-5ee8d5ee62525"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePfjYHLn5EJyqgT4ejOQEsczBpBqR%2FX4iK4NbMAsWKxpRbXhelJx2zVsa7k5Kwr1EnG9SSLEJfapEsPBCMY8c4MlZtDITpks3rPMELdNOo%2F0L3kZkYfu2MCDG1UuGqUG2l8vRmhe9JEIskyK"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b53ad79a21-FRA

GET
H/1.1 200
OK mt1.png
aapka-msg.com/br/img/ 6 KB
7 KB 40ms
32ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/mt1.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9f1b086035ff8124b2e476451c42c7a99f49826dc50303197112f81ce2c367

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5086
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6132
Last-Modified: Fri, 09 Dec 2022 13:09:21 GMT
Server: cloudflare
ETag: "17f4-5ef64dcabe19d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KD%2FAR2d1Eiqa6tRN4T7IfgqcQA%2FK6%2BJndrOAwakaII1mhAGj6PXlG6CQatp9%2FKYrnYUGfFZBZ%2FGh0JH2Y5qdrU1Np2xvBokiTK8Gu8doB78bTSh3qFsWLkQ6OCDmYCKMgb65gU7mEwHsIg9X"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b53cbbbb4a-FRA

GET
H/1.1 200
OK mt2.png
aapka-msg.com/br/img/ 5 KB
6 KB 43ms
34ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/mt2.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b43a6b0a1736d80d625e43d5edf3bb81816daa5692650f55801f1762b10bd36

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3021
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5249
Last-Modified: Fri, 09 Dec 2022 13:09:22 GMT
Server: cloudflare
ETag: "1481-5ef64dcbbfb25"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JYUxVRWRaYxPnhUjw2dhW2seafQx5yD7Bl0xPzhLYKCA4wBgWKrGTXbFphD0BhKVXcYMei65s8sGKivn3sggirv7BQ03IcBOv37kHiRg4Rf%2BQHb1JzyeowpHUNphriu3Xu1q6mhTYj0T%2BHe"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b5396a6969-FRA

GET
H/1.1 200
OK mt3.png
aapka-msg.com/br/img/ 7 KB
8 KB 24ms
15ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/mt3.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 310001a8675aebd6b36161e93995e099a69ec8271c2d0255b248e396a380f92a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3622
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7073
Last-Modified: Fri, 09 Dec 2022 13:09:23 GMT
Server: cloudflare
ETag: "1ba1-5ef64dccc1894"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4K41f7G9U9JnkN7Q7wSJ2bv4gQalzKQLMft%2BMFEDEvYQVxWCnZWhhUyQxh0FaOiHTCuCgtO8i4SrU6FNZ7L023sGCSjXOmBiYqk26SctAjSku3m%2BQ8RQCcpZ%2BsFNxMAbRCfmNCCTXhdIVn0"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b53a299b9a-FRA

GET
H/1.1 200
OK mt4.png
aapka-msg.com/br/img/ 6 KB
7 KB 32ms
32ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/mt4.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b0ae1a27a1a5218dd8b07b5467880941e69b9028e01f2236e206637f87f3129

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2610
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6420
Last-Modified: Fri, 09 Dec 2022 13:09:25 GMT
Server: cloudflare
ETag: "1914-5ef64dce0fccc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5zrsIuyvGVE2%2FXQZBgIORu4WB6RcOigAEn%2B7bkeNL1RPP0KaxpN%2Bq6sMeg7JgOKpXfNS%2F9nf7zBHcWFjAy%2FlDVSbBTGSN1Tv20rWPqSXcvw%2F0JjRclyyS%2BtLda%2BU4lolPuO0B4gSGxeHuFE"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b53f8ebba9-FRA

GET
H/1.1 200
OK mt5.png
aapka-msg.com/br/img/ 5 KB
6 KB 46ms
18ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/mt5.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644989ba5a3848da57ea199a7749d7c97577dff068ae7a5afc82d5fed3153e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4571
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5580
Last-Modified: Fri, 09 Dec 2022 13:09:26 GMT
Server: cloudflare
ETag: "15cc-5ef64dcf1126b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfzJ1UJouodz6anwmftD5Ncjfqp5fj1IUgfwXEKCmMYGzIKjKI0013OPvJD19VQCdL2Cjm1V%2FB7ZP3Q80JZYUxqwARR4u3%2BQzEUQbeU5jQZZLWvGvMq5YRxN1Z2e8iL%2BkVQcEjajalIuF7No"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b56d14bb4a-FRA

GET
H/1.1 200
OK mt6.png
aapka-msg.com/br/img/ 5 KB
6 KB 51ms
15ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/mt6.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 587c3f9e66745f4d0ea9700254310f4089e2093172879f2a15f740e9bcdf532d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4276
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5410
Last-Modified: Fri, 09 Dec 2022 13:09:27 GMT
Server: cloudflare
ETag: "1522-5ef64dd011099"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdjvtOlxuA8RqIA9gIstYwA8DPnOrxQ0YNELWk%2B%2FCIhG63NN6umLzW2SlNtTZGar0dRUlaYeC1WdLCUgZLgb4tMnT4%2FDKE2ixc9biydeHSo8JA%2FvHB9dFTJbMGLf5ra25UNWQJBC903n%2B8o0"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b57b349a21-FRA

GET
H/1.1 200
OK mt7.png
aapka-msg.com/br/img/ 6 KB
7 KB 31ms
15ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/mt7.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d481a984636a19a83ff91f330b6c3584e7055434ba07510dd6f9fc6c5806bb3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6121
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6377
Last-Modified: Fri, 09 Dec 2022 13:09:28 GMT
Server: cloudflare
ETag: "18e9-5ef64dd112638"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYUTYhsum78Hqka1szNA8iCk0JJl8gqbdQCbEwBnZDt55o2P%2BtMvSTnohm8V%2BrGN5cCUIigWKHztn9BwBdAP4ba2%2BKVGy0DeMDQOTlzv7d1EKYq30tlP%2FXVuKZDESWAldcUNzPawwCQSHNOG"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b55ae7bb8f-FRA

GET
H/1.1 200
OK mt8.png
aapka-msg.com/br/img/ 7 KB
8 KB 47ms
15ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/mt8.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926bf8f51f94269d9b25a4c71b7e44920df0804530ca6f276bfcfd65cad21cd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2610
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7052
Last-Modified: Fri, 09 Dec 2022 13:09:29 GMT
Server: cloudflare
ETag: "1b8c-5ef64dd2137ef"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9o54tj7h8DOi6iXIW02yJ%2BTpjQcHFX3kP2SMAbHCxQxpYYgYumGwzK3g3d5%2BSlyeAwNn1LqTJi7WAfdNjfoyPmfuI9V8aYcF102LehUzTmS4mhWGZDvqvQzZBIfT2aUPEyW2JKUs5ZYGHi2"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b56b36bb8f-FRA

GET
H/1.1 200
OK mt9.png
aapka-msg.com/br/img/ 3 KB
4 KB 35ms
15ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/mt9.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07031397ff2404f97eebd395be1ca2375d964c70e4cf907994983b6a31256eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3031
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3177
Last-Modified: Fri, 09 Dec 2022 13:09:30 GMT
Server: cloudflare
ETag: "c69-5ef64dd313ded"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5FTHvD5A8RxyP2LluZmKzcB1QhDSXIR%2BRR8spyDP7vzfiRn8NwknKCIvJk1eBb3YFFcPJaLF0yYKXZXT3eTzoLC%2F2J0qRCacRjxePtt6hbFvSKe3YYU6hx8g5AygTdI29NKRmK91qU7T7WI"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b55b109a21-FRA

GET
H/1.1 200
OK mt10.png
aapka-msg.com/br/img/ 5 KB
6 KB 61ms
13ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/mt10.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071580e34aac88161af882024da6f38d3e3257a1e60764a90661de10b0b6c387

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5082
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5587
Last-Modified: Fri, 09 Dec 2022 13:09:31 GMT
Server: cloudflare
ETag: "15d3-5ef64dd4147d4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ujajvCVgdhN5sb7FOxvLbUVv5%2Fp%2FxgaL7oGEg7n3%2Frb%2FWjtgJsDGm%2FQuozi4YeAivcUYMcPswBLDDz%2BArW2qgNOHExaaU0RQDluBeydLp61JwoxTFV4WFOtxpeYZfX9hjJQldHlnTGuwI0H"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b58d51bb4a-FRA

GET
H/1.1 200
OK wish2.png
aapka-msg.com/br/img/ 5 KB
6 KB 60ms
13ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/wish2.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9db31784b0f289e5cdf15da5e10c1c540a26dbdbf6f9ce9b12454933f68b70f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5739
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5281
Last-Modified: Fri, 09 Dec 2022 12:50:10 GMT
Server: cloudflare
ETag: "14a1-5ef64981214ec"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KtNAEoC6W%2BXBonvMp2wLU%2BFsiuXF%2BcYHYjYNXNRr%2BR%2FnLLf9P66zI5PdhRCuCw%2Fd3oX89ejH%2F2XwpFLY16cnmPoy1Eav7ZNF4DF0T0dpONtCOlJz7RZ83FDCwUXLgYZ9hrNDiE2n4Wl2B6d"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b589e76969-FRA

GET
H/1.1 200
OK br2023a.png
aapka-msg.com/br/img/ 23 KB
24 KB 62ms
14ms Image
image/png 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/br2023a.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a367d2dba0362b95af99b1ff506a86d566abd4fe0d74ccf49759e1e8fe5a78c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2609
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 23406
Last-Modified: Fri, 09 Dec 2022 12:48:23 GMT
Server: cloudflare
ETag: "5b6e-5ef6491b18e23"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1Yr%2Fc37YL%2FTihjCJeilY0C848AgZWwVPOtIVNUYunBvnj0yT%2FcxfsPt%2FhE7mRvJAVFsTv7tep28Nskur9TxuCzymgKRJI6Oc0ETK%2FY2ErnJ89pPAVxDDx1uqjBdgWNSaL%2FpE%2FGgx%2B9B0r9w"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b58b63bb8f-FRA

GET
H/1.1 200
OK under1.gif
aapka-msg.com/br/img/ 145 KB
145 KB 49ms
18ms Image
image/gif 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/under1.gif
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d41cbb5329a666d75badde243b56870c83b5be588bf16d7e4b0d82abfcd31f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4086
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 148056
Last-Modified: Tue, 06 Dec 2022 10:39:27 GMT
Server: cloudflare
ETag: "24258-5ef266b0be7a5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V099Zo3pKulb1gniK%2FTiKc%2FrVa2OsMtLuP9ni94hB6HRHvLlbcNFePFdmvFhR5MVnOiu01mzhAKAkHOVYZ1ESWdAeIzopbiRpsweM%2FFmJKtHrQdmfKygfTCehRcimvz4YCkbfcEKPky8VSp6"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b56ff1bba9-FRA

GET
H/1.1 200
OK under2.gif
aapka-msg.com/br/img/ 174 KB
175 KB 26ms
13ms Image
image/gif 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/under2.gif
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 701402ee377e548d013db5254cc511dfae1116982cf92c46addb5ef1a824911d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4492
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 178099
Last-Modified: Tue, 06 Dec 2022 10:39:32 GMT
Server: cloudflare
ETag: "2b7b3-5ef266b59f637"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19KudJ10YXWD40hNjyY%2F2Bn2Ux28n9rcbDhf47nRHJg1B4r75xYU2RW%2B2RApFu88ludqQqPteCRWsXVWRkElIEcEJNqU9o0il2iOhbq5nH%2BjGQlP60e50CQ7B9HIY7ZxosRAIjE4o7xqlMuZ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b55a529b9a-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 60ms
24ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-155864431-1

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac91ab794293a50190751bae1fa73fb845762cdc10e0f8f5f2f64ed8c61f8e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:22:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43577
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Dec 2022 21:22:52 GMT

GET
H/1.1 200
OK name.gif
aapka-msg.com/br/img/ 20 KB
21 KB 46ms
15ms Image
image/gif 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/br/img/name.gif
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0021cc31ef85472442faea06bf18b65ffa357924a49287f15a124d7883d0b8f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6159
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 20528
Last-Modified: Fri, 09 Dec 2022 13:04:16 GMT
Server: cloudflare
ETag: "5030-5ef64ca81eea6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2Fx%2B4JSFvo2bOFZoPcToB3B%2BMSnDPZlCLOR0pqIX3KaTV0S1EHz9PUDCcL9tHHFu7HCMGfCzT8rWpkCREOTU5EqQqf24oeMkNMvJFrJjJDPr6SrsQFyDoe9c7cUB%2BRe5dsN%2FJwE0Ox54rad8"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77e427b569bd6969-FRA

GET
H2 200 kmK-Zq45GAvOdnaW6y1C9ys.woff2
fonts.gstatic.com/s/boogaloo/v19/ 10 KB
11 KB 112ms
31ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/boogaloo/v19/kmK-Zq45GAvOdnaW6y1C9ys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Boogaloo&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ff476ab12ef621ba34a8631e0db1bb9fb5f6d953cbf7081f12df8971e25778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://aapka-msg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 21:28:34 GMT
x-content-type-options: nosniff
age: 86058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10276
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:28:34 GMT

GET
H/1.1 206
Partial Content Jingle-Bells.mp3
aapka-msg.com/br/img/ 67 KB
0 20ms
19ms Media
audio/mpeg 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://aapka-msg.com/br/img/Jingle-Bells.mp3
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://aapka-msg.com/br/?n=Tiago-&t=w
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 23 Dec 2022 21:22:52 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 7024
Content-Range: bytes 0-541454/541455
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 541455
Last-Modified: Fri, 09 Dec 2022 13:23:24 GMT
Server: cloudflare
ETag: "8430f-5ef650ef025eb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9DUBoN5RGdgFDln2IAkbrSOqWLmT%2F3UlC5TZqWnoI6tDzYemaVsZCSLIVZj%2FEAf2ftycS38M%2FNq%2BHqzRPyrmxjAy9ivQxLuT7Kt6uhkBJLaX50c6agrKUCffu88Oavqv2k%2FG%2FiPRpMyjPsk"}],"group":"cf-nel","max_age":604800}
Content-Type: audio/mpeg
Cache-Control: max-age=14400
CF-RAY: 77e427b58ac89b9a-FRA

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 31ms
30ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 12:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Dec 2023 12:06:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 73 B
87 B 128ms
62ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=aapka-msg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e34d1a45e337bc82cf0db381d4abdaa0df412cc3598036b54945b179842e619a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 23 Dec 2022 21:22:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 108ms
28ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155864431-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 20:27:21 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3331
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 23 Dec 2022 22:27:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 158ms
52ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=aapka-msg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 76ms
24ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aapka-msg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 159 KB
43 KB 464ms
464ms XHR
text/plain 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1828269680366641&correlator=2718658332937088&eid=31071221%2C31070232&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22849185369%2Cca-pub-7684412022089551-tag%2Caapka-msg%2C50&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x100%7C300x50%7C300x75%2C300x50&ifi=1&adks=1993804009%2C1038384195&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1671830572527&lmt=1671830572&dlt=1671830572110&idt=370&adxs=650%2C650&adys=1102%2C15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Faapka-msg.com%2Fbr%2F%3Fn%3DTiago-%26t%3Dw&frm=20&vis=1&psz=450x50%7C450x68&msz=450x50%7C450x50&fws=0%2C0&ohw=0%2C0&ga_vid=1708549498.1671830573&ga_sid=1671830573&ga_hid=1678536023&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b8142ab2ce6086513a0bff0247a004151cfabf11821f82a75554b077d96abeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43746
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://aapka-msg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E9AE 6 KB
3 KB 216ms
62ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aapka-msg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 21:22:52 GMT
expires: Sat, 23 Dec 2023 21:22:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 112ms
51ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1678536023&t=pageview&_s=1&dl=http%3A%2F%2Faapka-msg.com%2Fbr%2F%3Fn%3DTiago-%26t%3Dw&ul=en-us&de=UTF-8&dt=Voc%C3%AA%20deve%20ver%20pelo%20menos%20uma%20vez%20na%20vida.%20Site%20incr%C3%ADvel.%F0%9F%99%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1492157862&gjid=201122591&cid=1708549498.1671830573&tid=UA-155864431-1&_gid=1491473948.1671830573&_r=1&gtm=2oubu0&z=1499852268

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://aapka-msg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 21:22:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://aapka-msg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 118ms
62ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a84ec7d43191fb52e58d94ecab91982fa8dad35c28fcf2bb5b3f63a9d45ce15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11296
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 121ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 21:22:53 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 071C 221 KB
60 KB 164ms
35ms Script
text/javascript 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Dec 2022 01:38:32 GMT
age: 243861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 01:38:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 071C 14 KB
6 KB 159ms
30ms Script
text/javascript 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Dec 2022 01:38:32 GMT
age: 243861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 01:38:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 071C 94 KB
28 KB 218ms
89ms Script
text/javascript 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Dec 2022 01:38:32 GMT
age: 243861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 01:38:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 071C 5 KB
2 KB 217ms
89ms Script
text/javascript 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Dec 2022 01:38:32 GMT
age: 243861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 01:38:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 071C 40 KB
13 KB 212ms
84ms Script
text/javascript 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Dec 2022 01:38:32 GMT
age: 243861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 01:38:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 071C 8 KB
895 B 112ms
52ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 21:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 20:11:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 21:22:53 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 071C 3 KB
3 KB 48ms
17ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 18:58:26 GMT
x-content-type-options: nosniff
server: cafe
age: 8667
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 24 Dec 2022 18:58:26 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 071C 344 B
368 B 48ms
18ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 11:46:04 GMT
x-content-type-options: nosniff
server: cafe
age: 34609
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 24 Dec 2022 11:46:04 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 071C 0
0 74ms
73ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl7V6LBymY4S4JNii-gagy73YDsr6h_Fsmafgt7YQleCAs_oCEAEgs8PglwFglcKmgrAHoAHUjcC4KMgBAakCfVfsGzTOsT7gAgCoAwHIAwqqBJECT9AP1shizuZT4zxYzA8VZZV_9InB6S-ERHcuVsPvpfyYcutALRBN-ITE0hjA7YOqggGIXZ3Ci9aI1nY4HSWxZr6zXnv_S6yWspovGbBsH3RXjRfyfFDuM33OI5MgqAIJkiDmUs0ijDhpg8QwnokjSz_18lg375LQznUlvf4ZjAZa0-gmeYn_rUvxdnG7x3TOjCFwCuEyHxptExowbQevm23aioZ-U3IJO0L9oyeRtj1uCjfV5GaK6H9wCgFmLVL6ha1lNFjb9ikk2n95QiqqJduYHDmK7V4vtd9wD93SLMMZh4A3n_29oeEC2E93gC8u8z6GHbV8THkeWwvyaUosEJGiDVonnoVDgFHBkwwrY8EOwASbzZCI_gPgBAGSBQQIBBgBkgUECAUYBKAGZoAH1MWQmAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC19i3SCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTCtAVAYAXAbIXHwodCAASFHB1Yi03Njg0NDEyMDIyMDg5NTUxGLqHjQE&sigh=yylEBu_bdDA&uach_m=[UACH]&cid=CAQSTADq26N9YvQzcjz7kmW2dZJOe31jcnuW6wUCHku17qzeWpOSOzByAxqz-I5xM78GIcJYO1KguUqbfd5jLaLMdF9bbwDIN1rPHm8wU94YASAT
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 071C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 916f3e6b565e7e72ad38ddb15e1593a84ef6ed46ed99557d94bf53389c8c683b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3779 6 KB
3 KB 89ms
29ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aapka-msg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 21:22:52 GMT
expires: Sat, 23 Dec 2023 21:22:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7F50 13 KB
5 KB 18ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aapka-msg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 18:41:34 GMT
expires: Sat, 23 Dec 2023 18:41:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 558E 783 B
1 KB 61ms
25ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b122103cdf92abaa2f8fcf48b55d88a10f3746e722d1007377df11ddd0064703

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DG0wu-tn2r3oOBNIhd-9qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://aapka-msg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-DG0wu-tn2r3oOBNIhd-9qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 21:22:53 GMT
expires: Fri, 23 Dec 2022 21:22:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F50 36 KB
16 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 17:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 17:55:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 558E 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=1828269680366641&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 071C 28 KB
28 KB 91ms
30ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://aapka-msg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 175491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 20:38:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3779 4 KB
621 B 52ms
52ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
URL: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 21:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 20:52:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 21:22:53 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3779 2 KB
765 B 16ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
URL: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 12:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 12:33:14 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3779 0
0 73ms
71ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COMx7LBymY4u4JNii-gagy73YDvnk6sVtutKDmNMMpuDPzbQQEAEgs8PglwFglcKmgrAHoAGwuqHXA8gBCakCfVfsGzTOsT7gAgCoAwHIA8sEqgT_AU_QsHABRwu9FCweuu8WihV55mISFJEtNcHpqFb6qiQLmnYzr3Y66P--n5i5iKycqcwMI8_zxH-PgiEaBsUAswXGCFOw8aSJJD3ZhBa0EuXMhHDWUaZesczc5eyze-FZUh-1XFhlHuN86R1vDh8rwlVqXFHHuB7Lig5NRJrK2YSiBoGugd5dHiiipstUVeS3qUN2ru2vWQejA8bds2aGm_vTn3IYB03RUK73uXKOYPx_nD8Fi_ZwbKjE69SiV6qGXcerOwPDEzwbxQtbxWI-41H0_Rodvi3GOT5GDy_Jgm_Be3ptneRY1IMondkuYFBakXd7EfGlfyRFCHc4GhLGm8AE8an95KID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ4OkP0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwyIFALQFQGAFwGyFx8KHQgAEhRwdWItNzY4NDQxMjAyMjA4OTU1MRi6h40B&sigh=weDBfTA0eS4&uach_m=[UACH]&cid=CAQSTADq26N9YvQzcjz7kmW2dZJOe31jcnuW6wUCHku17qzeWpOSOzByAxqz-I5xM78GIcJYO1KguUqbfd5jLaLMdF9bbwDIN1rPHm8wU94YASAT&template_id=494
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 3779 23 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: 993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
URL: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 12:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 12:33:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3779 3 KB
1 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
URL: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 17:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 17:13:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3779 18 KB
7 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
URL: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 12:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 12:33:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3779 153 KB
47 KB 195ms
86ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
URL: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 21:22:53 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 3779 34 KB
14 KB 88ms
24ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
URL: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 09:05:50 GMT

GET
DATA 200
OK truncated
/ Frame 3779 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 3779
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

15ms
15ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: 993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
URL: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 18:52:46 GMT
x-content-type-options: nosniff
age: 181807
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Dec 2023 18:52:46 GMT

Redirect headers

date: Fri, 23 Dec 2022 08:06:46 GMT
x-content-type-options: nosniff
server: cafe
age: 47767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 22 Jan 2023 08:06:46 GMT

GET
DATA 200
OK truncated
/ Frame 3779 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78e212f46c77a41f4040b274fbab69e17028df24d3455722fd7f223e565f6386

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7F50 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XjYJIQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:22:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 071C
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

75ms
38ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w
Protocol: H2
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

Date: Fri, 23 Dec 2022 21:22:53 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control: private
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3779 16 KB
16 KB 30ms
30ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 19:34:12 GMT
x-content-type-options: nosniff
age: 179321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:34:12 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 0E61 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/br/?n=Tiago-&t=w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 17:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 17:55:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=1828269680366641&bg=!7O-l76vNAAYgquz3AKo7ACkAdvg8Wr101S_yozJEGc-WpSrQo-iF9_VCvJET-dxZsYdsTtQQwzkn-QIAAAEBUgAAAAZoAQcKADEYp9G2gqQ5DMXjLaciGJT8k8pIjwIi8NJl5T9_j5mx5hx-hDlh2CRHlAlEg5dAWcyWmQLfo7OpWlJjdUEmIdhlfAn-_puY7-pnSOJDRyVA9rLJKjxyPW7fQkTwXGJyhbs1ge97U6hMrmZeNer4yFJLGz70Q69hgWr-HSasE4Sj8bBDujXqYVwWAT7L6hWmwTSqBWbit3fVTvcjuxTohImlmdAhvayXwo6DWdpPfjZqeel8c9sG4wOZrj0Jzhl-ODNTsnPjlcR_rwyXzmIhlvv7oANgTqO3CKD_8J0m8-auSSr0t5qOv72_C3R1gKIeD-_pFHKXUFm0GeEMkNAQkzyvcqfgw_shHSHhJYLR-hmHEU7UnlYO-mWZPG1sacgPR3l-uSj6WoVblv2fKe0Kg5WepHwimKDrnUg4z4-MgGMeETTPzeR3u6ecz-sep6X_5kVpzqgX4NCT-DbNJGULvqqorwYSnOPaKcm8DGHKdgUjbEBZ_bAcAkPSo02Rwp5OKeUq2TqyzDU8eII86mh_1_UyVT7vZz3gus1pLKeA5v3_wBY_84nkS0VbpSaaF7XONZto6GWfV-lB6AqDRbq6sJe6izdb-e1pipZZTtKdfRgu-cmSrc3HXqDHg_IyYbfEIvePxcwicAZx_4JKHnmwXOrye1SfQa3ruT6ROn-HRBNf4WVaHD50PSWmx9No1SNcEnu5ZCAUlolnTTVvlIdWB8NsK9_HnhrixcfDdrPWRRGEmgh2BmlBnXYnk4Ivwv7fURAK9YKoQgcNLlKROyqWIPiERUNkdkoK0kyxBAOgQgZFPOhjqWwSif_00a9Bcl4OLgaGcFrGS09oHOrj1L97wLqAOwt8hEdgsK5G4LWBocjiFTYOU8ID3pGO39PCsHM2iwNk3aDVoSGoMcZTlCGcrKEM8ZdpEF0rz4v1QHN_VMWp0teGj7-aCQ-y62dBwUnjQzwEc1bN6ESwu65o7JbBdP9h5gZpXeVpSdf9x7b2TroaOEhGwGT-jyPwtR88PywuQcI3hKpytCw7tVdSzBCn4piUAkme
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3779 42 B
64 B 83ms
52ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8x7pFQTcWZZ2LCCjxSQ_A-zw2Pr_nxmk0Ki5RqNEbAISMqPEgWhIidZe8aVmQDQVL3s-GEM7wGzQzDx8LFr_mzVm_JU6-a5QNqb0r8xXMrsL2irzsL1PbNyZAXFT9OwZcYZVeLkfLRYiSHA2-w7d01P1WW12kML8c&sai=AMfl-YQSun-BdWp5oNhfITOPglq7k_brcdONx6vi-RjjeLSXlalbNhSj1CAkjIJv7_NdHLE1vkgUvFhdrV2UUCl53mouWHtB3a9JWaI1oFnqQpnqPCiertiQ4pvzQU6YLR_tS7kz2UqINz7Ia1dEATv-&sig=Cg0ArKJSzCJelmS9Hl_3EAE&cid=CAQSTADq26N9YvQzcjz7kmW2dZJOe31jcnuW6wUCHku17qzeWpOSOzByAxqz-I5xM78GIcJYO1KguUqbfd5jLaLMdF9bbwDIN1rPHm8wU94YASAT&id=lidar2&mcvt=1000&p=15,650,65,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1038384195&rs=4&la=0&cr=0&vs=4&r=v&rst=1671830573061&rpt=420&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 21:22:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.aapka-msg.com/	1970-01-20 17:59:50	Name: _ga Value: GA1.2.1708549498.1671830573
.aapka-msg.com/	1970-01-20 08:25:16	Name: _gid Value: GA1.2.1491473948.1671830573
.aapka-msg.com/	1970-01-20 08:23:50	Name: _gat_gtag_UA_155864431_1 Value: 1
.aapka-msg.com/	1970-01-20 17:45:26	Name: __gads Value: ID=9637e4967e882d9b:T=1671830572:S=ALNI_MYGr0MY7o_9deWLrMT4c7-I9tzTdg
.aapka-msg.com/	1970-01-20 17:45:26	Name: __gpi Value: UID=00000b97517432e6:T=1671830572:RT=1671830572:S=ALNI_MbLqbKv_Tb5TMOlStVX7wxIZsnDVg
.doubleclick.net/	1970-01-20 17:45:26	Name: IDE Value: AHWqTUkrihJfGiZ3SqmRfzPnuq60F44jsk0QjHIZgknct_H2Jv-aGLa00t5psG-1Iho
.doubleclick.net/	1970-01-20 08:23:54	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

993a3690987543f10755a42977ebea16.safeframe.googlesyndication.com
aapka-msg.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.ampproject.org
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
2606:4700::6811:180e
2606:4700:e0::ac40:6208
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400d:802::2002
2a00:1450:400d:804::2002
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::200a
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2001
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2003
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0021cc31ef85472442faea06bf18b65ffa357924a49287f15a124d7883d0b8f9
07031397ff2404f97eebd395be1ca2375d964c70e4cf907994983b6a31256eb8
071580e34aac88161af882024da6f38d3e3257a1e60764a90661de10b0b6c387
0bd6aa2a73fae476b0a88fc1a51036e787aa0c34328a210b1e11dafd1d752c75
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
190218113db16896a2f26497538861ac58c25280fdca5bf68de076371e39fd38
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
2b8142ab2ce6086513a0bff0247a004151cfabf11821f82a75554b077d96abeb
310001a8675aebd6b36161e93995e099a69ec8271c2d0255b248e396a380f92a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3b43a6b0a1736d80d625e43d5edf3bb81816daa5692650f55801f1762b10bd36
3d9f1b086035ff8124b2e476451c42c7a99f49826dc50303197112f81ce2c367
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a84ec7d43191fb52e58d94ecab91982fa8dad35c28fcf2bb5b3f63a9d45ce15
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587c3f9e66745f4d0ea9700254310f4089e2093172879f2a15f740e9bcdf532d
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ff476ab12ef621ba34a8631e0db1bb9fb5f6d953cbf7081f12df8971e25778
644989ba5a3848da57ea199a7749d7c97577dff068ae7a5afc82d5fed3153e39
6b0ae1a27a1a5218dd8b07b5467880941e69b9028e01f2236e206637f87f3129
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
701402ee377e548d013db5254cc511dfae1116982cf92c46addb5ef1a824911d
71d41cbb5329a666d75badde243b56870c83b5be588bf16d7e4b0d82abfcd31f
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
78e212f46c77a41f4040b274fbab69e17028df24d3455722fd7f223e565f6386
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8a693f4bb5b25c924b8a68734694fca6c94344153f2e21f798bbfc174210e536
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
916f3e6b565e7e72ad38ddb15e1593a84ef6ed46ed99557d94bf53389c8c683b
926bf8f51f94269d9b25a4c71b7e44920df0804530ca6f276bfcfd65cad21cd6
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a367d2dba0362b95af99b1ff506a86d566abd4fe0d74ccf49759e1e8fe5a78c0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aac4a423f94af29edab7eb8fc77cdeaca64cc48ee9624742954d4b025101ccd8
ac91ab794293a50190751bae1fa73fb845762cdc10e0f8f5f2f64ed8c61f8e9a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b122103cdf92abaa2f8fcf48b55d88a10f3746e722d1007377df11ddd0064703
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bfb12519b691771d4ca01f216cf5aa6a90483ccbc296ef944a796652bbc291d0
c1e3391112308e5efd32700291154fb595082773f256375ee5f3b09962816f5e
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c9261d874b37fdf3d0f34020ff0c86e0b7abd3690df2d1f61364b070029da397
d481a984636a19a83ff91f330b6c3584e7055434ba07510dd6f9fc6c5806bb3f
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d9db31784b0f289e5cdf15da5e10c1c540a26dbdbf6f9ce9b12454933f68b70f
e34d1a45e337bc82cf0db381d4abdaa0df412cc3598036b54945b179842e619a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

aapka-msg.com Open in urlscan Pro 2606:4700:e0::ac40:6208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

68 Requests

65 %HTTPS

100 %IPv6

12 Domains

18 Subdomains

18 IPs

3 Countries

1263 kBTransfer

2442 kBSize

7 Cookies

0 Outgoing links

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aapka-msg.com Open in urlscan Pro
2606:4700:e0::ac40:6208 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

65 %
HTTPS

100 %
IPv6

12
Domains

18
Subdomains

18
IPs

3
Countries

1263 kB
Transfer

2442 kB
Size

7
Cookies

68 HTTP transactions
3 data transactions