urlscan.io logo urlscan.io
SecurityTrails logo

www.netflu.com.br Open in urlscan Pro
151.101.66.207  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://netflu.com.br/
Effective URL: https://www.netflu.com.br/
Submission: On March 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 10 countries across 72 domains to perform 412 HTTP transactions. The main IP is 151.101.66.207, located in United States and belongs to FASTLY, US. The main domain is www.netflu.com.br. The Cisco Umbrella rank of the primary domain is 873524.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q1 on February 3rd 2023. Valid for: a year.
This is the only time www.netflu.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 62 151.101.66.207 54113 (FASTLY)
2 151.101.2.207 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:20e... 16509 (AMAZON-02)
12 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.222.250.175 16509 (AMAZON-02)
4 104.18.133.145 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 13.225.78.39 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 11 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
2 195.201.159.24 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
4 16 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 34.251.156.6 16509 (AMAZON-02)
4 35.201.123.184 396982 (GOOGLE-CL...)
1 2600:9000:223... 16509 (AMAZON-02)
1 54.75.223.203 16509 (AMAZON-02)
1 23.203.124.192 16625 (AKAMAI-AS)
3 4 185.89.210.122 29990 (ASN-APPNEX)
5 52.17.250.193 16509 (AMAZON-02)
1 44.207.189.182 14618 (AMAZON-AES)
2 2 104.18.24.185 13335 (CLOUDFLAR...)
1 3 3.75.62.37 16509 (AMAZON-02)
1 35.227.252.103 15169 (GOOGLE)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 213.19.147.44 3356 (LEVEL3)
1 69.166.1.12 27630 (AS-XFERNET)
2 2 185.94.180.125 35220 (SPOTX-AMS)
1 2 2600:1f18:612... 14618 (AMAZON-AES)
1 76.223.111.18 16509 (AMAZON-02)
1 54.76.136.30 16509 (AMAZON-02)
1 185.86.139.93 201081 (SMARTADSE...)
1 2 35.186.194.101 15169 (GOOGLE)
1 3.123.222.140 16509 (AMAZON-02)
1 54.93.33.250 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 3.10.72.72 16509 (AMAZON-02)
3 34.149.50.64 15169 (GOOGLE)
1 52.203.161.183 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
79 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
23 2a00:1450:400... 15169 (GOOGLE)
1 1 185.29.134.248 30419 (MEDIAMATH...)
6 19 142.251.39.34 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.190.0.66 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 4 51.38.120.206 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 54.171.14.116 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3 185.80.39.216 27381 (CASALE-MEDIA)
1 2 104.96.132.42 16625 (AKAMAI-AS)
2 2 142.251.208.102 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:1af8:470... 60781 (LEASEWEB-...)
1 2 198.47.127.18 3257 (GTT-BACKB...)
2 3 2600:9000:21f... 16509 (AMAZON-02)
1 142.250.27.157 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
5 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
2 2 18.157.107.92 16509 (AMAZON-02)
1 35.71.131.137 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
2 172.217.16.194 15169 (GOOGLE)
11 34.102.185.99 396982 (GOOGLE-CL...)
11 2a04:4e42::626 54113 (FASTLY)
2 13.32.99.26 16509 (AMAZON-02)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
412 83
62    151.101.66.207 (United States)

ASN54113 (FASTLY, US)
netflu.com.br
www.netflu.com.br
2    151.101.2.207 (United States)

ASN54113 (FASTLY, US)
live.mrf.io
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
9    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
17    2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2600:9000:20eb:1e00:8:ced9:d0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
embed.dugout.com
12    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
netflu.onesignal.com
img.onesignal.com
1    52.222.250.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-175.fra60.r.cloudfront.net
d335luupugsy2.cloudfront.net
4    104.18.133.145 (None, )

ASN13335 (CLOUDFLARENET, US)
t.seedtag.com
2    2606:4700:3032::6815:38c8 (United States)

ASN13335 (CLOUDFLARENET, US)
autozep.adzep.com.br
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
3    13.225.78.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net
sb.scorecardresearch.com
6    2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
2    195.201.159.24 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy02.cl03.het.mrf.io
events.newsroom.bi
1    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
16    2a00:1450:400d:803::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    34.251.156.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-156-6.eu-west-1.compute.amazonaws.com
tv.springserve.com
4    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
1    2600:9000:223d:6c00:17:1c9a:3a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
intersc.igaming-service.io
1    54.75.223.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-223-203.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    23.203.124.192 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    52.17.250.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-250-193.eu-west-1.compute.amazonaws.com
sync.springserve.com
1    44.207.189.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-189-182.compute-1.amazonaws.com
sync.bfmio.com
2    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
3    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
pixel.advertising.com
ups.analytics.yahoo.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    213.19.147.44 (Castricum, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    2600:1f18:612b:4280:1fbc:eb5:e253:bacb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pbs.publishers.tremorhub.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    54.76.136.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-136-30.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
sync.sxp.smartclip.net
1    3.123.222.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-222-140.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    54.93.33.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-33-250.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2600:9000:223f:200:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
1    3.10.72.72 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-72-72.eu-west-2.compute.amazonaws.com
ip-api.igaming-service.io
3    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    52.203.161.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-161-183.compute-1.amazonaws.com
tag.hariken.co
1    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)
c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2606:4700::6810:8f17 (United States)

ASN13335 (CLOUDFLARENET, US)
netflu.os.tc
79    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:20eb:1c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
12    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
23    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
19    142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net
cm.g.doubleclick.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    2a05:d018:d29:3605:cbf7:2d7b:a2a1:22ee (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    54.171.14.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-14-116.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    104.96.132.42 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-132-42.deploy.static.akamaitechnologies.com
www.awin1.com
2    142.251.208.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
1    2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
1    2001:1af8:4700:b214::101 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
a-fds.youborafds01.com
2    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
3    2600:9000:21f3:d400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
1    142.250.27.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ra-in-f157.1e100.net
bid.g.doubleclick.net
1    2600:9000:223f:aa00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
5    2600:1f18:1aca:4281:9ba6:2dfb:92f2:ce4e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
9    2a00:1450:400d:803::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    18.157.107.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-107-92.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
googleads4.g.doubleclick.net
11    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
tt-9964-3.seg.t.tailtarget.com
tt-12765-5.seg.t.tailtarget.com
b.t.tailtarget.com
cm.t.tailtarget.com
t.tailtarget.com
11    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
prd.jwpltx.com
2    13.32.99.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-26.fra60.r.cloudfront.net
dugout.com
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
103 googlesyndication.com
c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
957 KB
62 netflu.com.br
netflu.com.br — Cisco Umbrella Rank: 860389
www.netflu.com.br — Cisco Umbrella Rank: 873524
2 MB
53 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
ad.doubleclick.net — Cisco Umbrella Rank: 171
bid.g.doubleclick.net — Cisco Umbrella Rank: 703
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319
312 KB
17 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 73
2 KB
17 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
363 KB
15 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 71637
d.tailtarget.com — Cisco Umbrella Rank: 79602
tt-9964-3.seg.t.tailtarget.com — Cisco Umbrella Rank: 386913
tt-12765-5.seg.t.tailtarget.com — Cisco Umbrella Rank: 184442
b.t.tailtarget.com — Cisco Umbrella Rank: 63886
cm.t.tailtarget.com — Cisco Umbrella Rank: 7155
t.tailtarget.com — Cisco Umbrella Rank: 6842
48 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 27714
ad4m.at — Cisco Umbrella Rank: 9563
assets.ad4m.at — Cisco Umbrella Rank: 36511
845 KB
13 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3505
onesignal.com — Cisco Umbrella Rank: 1365
netflu.onesignal.com
img.onesignal.com — Cisco Umbrella Rank: 7802
268 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
257 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
185 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
593 KB
8 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2671
276 KB
8 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 748
static.adsafeprotected.com — Cisco Umbrella Rank: 573
dt.adsafeprotected.com — Cisco Umbrella Rank: 539
103 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 6149
adservice.google.de — Cisco Umbrella Rank: 8947
1 KB
7 seedtag.com
t.seedtag.com — Cisco Umbrella Rank: 13543
s.seedtag.com — Cisco Umbrella Rank: 4734
132 KB
6 springserve.com
tv.springserve.com — Cisco Umbrella Rank: 13314
sync.springserve.com — Cisco Umbrella Rank: 5757
6 KB
5 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1316
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
3 KB
4 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2593
entitlements.jwplayer.com — Cisco Umbrella Rank: 3483
16 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
978 B
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
4 KB
4 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 457
image6.pubmatic.com — Cisco Umbrella Rank: 725
image8.pubmatic.com — Cisco Umbrella Rank: 623
6 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2425
20 KB
4 dugout.com
embed.dugout.com — Cisco Umbrella Rank: 61657
dugout.com — Cisco Umbrella Rank: 58198
168 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
imasdk.googleapis.com — Cisco Umbrella Rank: 442
346 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
146 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
812 B
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 152
3 KB
3 mrf.io
live.mrf.io — Cisco Umbrella Rank: 84846
sdk.mrf.io — Cisco Umbrella Rank: 12405
33 KB
2 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3476
9 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 726
2 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16123
1 KB
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6276
907 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1398
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 730
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 741
s.tribalfusion.com — Cisco Umbrella Rank: 1813
1 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98313
static-de.ad4mat.net — Cisco Umbrella Rank: 125900
4 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 980
pixel.quantserve.com — Cisco Umbrella Rank: 779
9 KB
2 smartclip.net
sync.sxp.smartclip.net — Cisco Umbrella Rank: 8805
709 B
2 tremorhub.com
pbs.publishers.tremorhub.com — Cisco Umbrella Rank: 6072
543 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 709
1 KB
2 igaming-service.io
intersc.igaming-service.io — Cisco Umbrella Rank: 96734
ip-api.igaming-service.io — Cisco Umbrella Rank: 150767
9 KB
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 9908
853 B
2 adzep.com.br
autozep.adzep.com.br
8 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
185 B
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2968
45 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 34240
609 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
265 B
1 youborafds01.com
a-fds.youborafds01.com — Cisco Umbrella Rank: 12963
469 B
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 64834
475 B
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 79815
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 68257
436 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 71628
261 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 459
861 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 924
1 KB
1 os.tc
netflu.os.tc
708 B
1 hariken.co
tag.hariken.co
128 B
1 adscale.de
js.adscale.de — Cisco Umbrella Rank: 5901
7 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
146 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 518
35 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 782
45 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 645
35 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 338
140 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 819
535 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 510
218 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 555
627 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1367
351 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1457
320 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1622
78 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1560
211 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 163
2 KB
1 cloudfront.net
d335luupugsy2.cloudfront.net
421 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 195
2 KB
412 72
Domain Requested by
79 tpc.googlesyndication.com www.netflu.com.br
securepubads.g.doubleclick.net
c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
60 www.netflu.com.br www.netflu.com.br
20 pagead2.googlesyndication.com c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.netflu.com.br
tpc.googlesyndication.com
fw.adsafeprotected.com
securepubads.g.doubleclick.net
www.googletagservices.com
19 cm.g.doubleclick.net 6 redirects www.netflu.com.br
c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
googleads.g.doubleclick.net
17 cdn.ampproject.org www.netflu.com.br
securepubads.g.doubleclick.net
17 securepubads.g.doubleclick.net www.netflu.com.br
securepubads.g.doubleclick.net
16 www.google.com 4 redirects www.netflu.com.br
c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
tpc.googlesyndication.com
11 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.netflu.com.br
c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
pagead2.googlesyndication.com
9 s0.2mdn.net www.netflu.com.br
s0.2mdn.net
imasdk.googleapis.com
9 www.googletagmanager.com www.netflu.com.br
www.googletagmanager.com
tags.t.tailtarget.com
8 ssl.p.jwpcdn.com embed.dugout.com
6 assets.ad4m.at as.ad4m.at
6 www.google.de www.netflu.com.br
6 fonts.gstatic.com fonts.googleapis.com
6 cdn.onesignal.com www.netflu.com.br
cdn.onesignal.com
netflu.os.tc
netflu.onesignal.com
5 dt.adsafeprotected.com c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
5 onesignal.com cdn.onesignal.com
5 sync.springserve.com www.netflu.com.br
4 b.t.tailtarget.com d.tailtarget.com
4 ad4m.at as.ad4m.at
ad4m.at
4 onetag-sys.com 2 redirects c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
4 as.ad4m.at c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 t.seedtag.com www.netflu.com.br
t.seedtag.com
3 www.gstatic.com embed.dugout.com
www.gstatic.com
3 cdn.jwplayer.com 2 redirects embed.dugout.com
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 www.googletagservices.com c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
3 s.seedtag.com t.seedtag.com
3 sb.scorecardresearch.com www.netflu.com.br
3 www.google-analytics.com www.netflu.com.br
www.google-analytics.com
embed.dugout.com
2 t.tailtarget.com
2 assets-jpcust.jwpsrv.com
2 imasdk.googleapis.com embed.dugout.com
imasdk.googleapis.com
2 dugout.com embed.dugout.com
2 tt-12765-5.seg.t.tailtarget.com d.tailtarget.com
2 tt-9964-3.seg.t.tailtarget.com d.tailtarget.com
2 d.tailtarget.com www.netflu.com.br
d.tailtarget.com
2 googleads4.g.doubleclick.net www.netflu.com.br
2 pm.w55c.net 2 redirects
2 image8.pubmatic.com 1 redirects www.netflu.com.br
2 ad.doubleclick.net 2 redirects
2 www.awin1.com 1 redirects as.ad4m.at
2 fw.adsafeprotected.com 1 redirects c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
2 ads.travelaudience.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 um.simpli.fi 2 redirects
2 sync.sxp.smartclip.net 1 redirects www.netflu.com.br
2 pbs.publishers.tremorhub.com 1 redirects www.netflu.com.br
2 sync.search.spotxchange.com 2 redirects
2 ups.analytics.yahoo.com www.netflu.com.br
2 ssum.casalemedia.com 2 redirects
2 tags.t.tailtarget.com www.netflu.com.br
t.seedtag.com
2 events.newsroom.bi sdk.mrf.io
2 autozep.adzep.com.br www.netflu.com.br
autozep.adzep.com.br
2 embed.dugout.com www.netflu.com.br
2 fonts.googleapis.com www.netflu.com.br
2 live.mrf.io www.netflu.com.br
live.mrf.io
2 netflu.com.br 2 redirects
1 cm.t.tailtarget.com
1 www.facebook.com
1 prd.jwpltx.com
1 entitlements.jwplayer.com embed.dugout.com
1 gcm.ctnsnet.com 1 redirects
1 match.adsrvr.org c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
1 img.onesignal.com www.netflu.com.br
1 static.adsafeprotected.com c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
1 bid.g.doubleclick.net c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
1 a-fds.youborafds01.com embed.dugout.com
1 www.conrad.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 netflu.onesignal.com cdn.onesignal.com
1 static-de.ad4mat.net as.ad4m.at
1 pr-bh.ybp.yahoo.com 1 redirects
1 s.tribalfusion.com www.netflu.com.br
1 a.tribalfusion.com 1 redirects
1 sync.mathtag.com 1 redirects
1 prod-rtb.ad4mat.net www.netflu.com.br
1 pixel.quantserve.com www.netflu.com.br
1 rules.quantcount.com secure.quantserve.com
1 netflu.os.tc cdn.onesignal.com
1 image6.pubmatic.com ads.pubmatic.com
1 secure.quantserve.com t.seedtag.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 tag.hariken.co autozep.adzep.com.br
1 ip-api.igaming-service.io intersc.igaming-service.io
1 js.adscale.de www.netflu.com.br
1 x.bidswitch.net www.netflu.com.br
1 match.sharethrough.com www.netflu.com.br
1 ssbsync.smartadserver.com www.netflu.com.br
1 ads.yieldmo.com www.netflu.com.br
1 eb2.3lift.com www.netflu.com.br
1 sync.go.sonobi.com www.netflu.com.br
1 sync.1rx.io 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb.openx.net www.netflu.com.br
1 pixel.advertising.com 1 redirects
1 sync.bfmio.com www.netflu.com.br
1 ads.pubmatic.com tv.springserve.com
1 rtb.gumgum.com tv.springserve.com
1 intersc.igaming-service.io www.netflu.com.br
1 tv.springserve.com embed.dugout.com
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 sdk.mrf.io www.netflu.com.br
1 d335luupugsy2.cloudfront.net www.netflu.com.br
1 cdnjs.cloudflare.com www.netflu.com.br
412 112
Subject Issuer Validity Valid
www.netflu.com.br
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-02-03 -
2024-03-06		 a year crt.sh
live.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
dugout.com
Amazon		 2022-07-18 -
2023-08-15		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.adzep.com.br
GTS CA 1P5		 2023-01-30 -
2023-04-30		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-12-30 -
2024-01-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.springserve.com
Amazon RSA 2048 M02		 2023-02-13 -
2023-10-19		 8 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-10 -
2023-07-10		 a year crt.sh
*.igaming-service.io
Sectigo RSA Domain Validation Secure Server CA		 2022-07-25 -
2023-08-05		 a year crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-02-21 -
2023-05-15		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M01		 2023-02-10 -
2023-06-11		 4 months crt.sh
*.yieldmo.com
Amazon RSA 2048 M02		 2023-02-09 -
2023-05-24		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.adscale.de
Amazon RSA 2048 M01		 2023-02-27 -
2023-08-07		 5 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
*.hariken.co
Amazon RSA 2048 M02		 2023-02-24 -
2024-01-04		 10 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
quantserve.com
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-02-11 -
2023-05-12		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-05-27		 4 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.youborafds01.com
Go Daddy Secure Certificate Authority - G2		 2022-10-11 -
2023-11-12		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-25		 10 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-05-08		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-06-07 -
2023-05-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-09		 2 months crt.sh

This page contains 27 frames:

Primary Page: https://www.netflu.com.br/
Frame ID: 26DDCADB947B0C4DB3E88D0C1FF39E24
Requests: 203 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: B513B964323A2F54E56FF431C1CD69A9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: F6E21BB7658A7CDB6AFDF1200EFCD0DA
Requests: 2 HTTP requests in this frame

Frame: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F4A20A1AC2D4AB2CDD9DBC8165B88B19
Requests: 1 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: C8C9A4AB6D3A86A879128FFE03E0C9C1
Requests: 3 HTTP requests in this frame

Frame: https://netflu.os.tc/webPushIframe
Frame ID: CCACEB88ED2608DF1B8E54284648F77E
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs
Frame ID: D46FDFF43A0EB19F41E922987A05459B
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs
Frame ID: 1887EB370BFA71C7868B4ACF667F65B2
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs
Frame ID: EDF7E80229087EDCF3330A3B34C60708
Requests: 18 HTTP requests in this frame

Frame: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3B67E7E3990EADB055CE603E41AEC16C
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gnpwep9tb2w4tahjep4b6t92njwa7sx9qzadyc62ydwfjbthxqn0hcynvr8zmmr4hkf5dx44vbp1y2zz601s00w5rqy36wc86fn3eyvg4bw3nkbybxafad8fcnw806e67yfg1x2ghxsrw123jkc6x5k9nz7ebycesk52xybg6h0hp176rwg2s2q1m4w4kc5vk86ak8t0dcqwafb4vmh8zyd16vm3h21yyhs9nr4ketk7qdzvm8rbqmymfvb1mfbf3h450mack8kw64m3hy83y6zgk62rzx2ff6tbx7q4za5mpgnxzh5p76kyrdwj11g2bdwce79d2eam3m5r8avyg49mjmxs1nvz5ec7qeb8fzcw1hztnfh6bt3r86kcn7nhgc5s8xjq5xcgqw34dcefqc5m7p75cnwatf1d7t09w7hg44ybn027x8hbjt5tbj9axyaw3tm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%26client%3Dca-pub-5022500717598236%26adurl%3D
Frame ID: 238E6AB8120C2B812D6663EE83BD363A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 832B742A2A5B9A9FE30554283A543BDF
Requests: 9 HTTP requests in this frame

Frame: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3F4CD1B5F91114D3B5DC735132857D66
Requests: 26 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 64C8834E383F42F15558168E90680A2C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjDsaDRATAB&v=APEucNWt5EhvmZ6GPA0UUcl9ajLwpKfXiwFt8-m9b6reRibhLCxLfMaxkLFot2TSvOoSTqCiUvK5VpjFFoD6XQYHDShuvDZv83Wwu5mBZeH-wD-4OI_g-K80htwiGFQD5rtBigmqWygRtexmYRSuLZQHZ6xxk5CQ5UWLNQcfZfwNcO26ZKr6RS8
Frame ID: 00B3E385E5D197DEADDCAB64AA8A694E
Requests: 5 HTTP requests in this frame

Frame: https://netflu.onesignal.com/webPushIframe
Frame ID: FB66290A4C102946897682A1A9E0859E
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
Frame ID: C865B859BC152DFC694D282873493202
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 76EE25CE741C2AC2192489EA8A36C483
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A7232FD452AEF4FA3125D8C56AEC91D7
Requests: 1 HTTP requests in this frame

Frame: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DCB033A642C6D48298971A6A63ED44C3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/index.html
Frame ID: CFD36EF7D65B8E982D8094EAA4F6C16F
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5245DE19B14EC49BB24E998C06909EE6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1917E22011028F83DBA96F5A0EEEDAA7
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/index.html
Frame ID: 2364CC5B90C80C2CE64D7E59B6290B1B
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A32A920C513E35C6A818E61E0AA99E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05083788095090A69D450B4A481E2B1B
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.558.0_pt.html
Frame ID: D3D50BC32199AEFDD54800FC3C3E707A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NETFLU - Fluminense: Últimas notícias, vídeos, onde assistir e próximos jogos

Page URL History Show full URLs

  1. http://netflu.com.br/ HTTP 301
    https://netflu.com.br/ HTTP 301
    https://www.netflu.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

412
Requests

92 %
HTTPS

45 %
IPv6

72
Domains

112
Subdomains

83
IPs

10
Countries

7717 kB
Transfer

15178 kB
Size

73
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://netflu.com.br/ HTTP 301
    https://netflu.com.br/ HTTP 301
    https://www.netflu.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863330933/?random=1229790690&cv=11&fst=1677766210974&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=EAkoCPSi2NEBEPXE1ZsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&gtm_ee=1&auid=1584816808.1677766211&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Q64AZOzUEtPVxwLGnoq4Bg&sscte=1&crd=&pscrd=Ek5DaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVlBcVZVdjhRZHpBVzVyanpxUnJkVUpVTXJUN0Q1dHVlOUxzMkwycXpWMzNkbWg3MERXUFEaWkNoRUlnSy1Cb0FZUW4tVHd4Sl8tNTlfN0FSSXVBQTFJTlZBbnhOcHZ6YmdPTUFZdmM4dWU5Z2p1U21XUmhkbUhCQWY2ZTVSVTVzdjVBUmJ2NWlJSml0UjlaZw HTTP 302
  • https://www.google.com/pagead/1p-conversion/863330933/?random=1229790690&cv=11&fst=1677766210974&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=EAkoCPSi2NEBEPXE1ZsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&gtm_ee=1&auid=1584816808.1677766211&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVlBcVZVdjhRZHpBVzVyanpxUnJkVUpVTXJUN0Q1dHVlOUxzMkwycXpWMzNkbWg3MERXUFEaWkNoRUlnSy1Cb0FZUW4tVHd4Sl8tNTlfN0FSSXVBQTFJTlZBbnhOcHZ6YmdPTUFZdmM4dWU5Z2p1U21XUmhkbUhCQWY2ZTVSVTVzdjVBUmJ2NWlJSml0UjlaZw&is_vtc=1&ocp_id=Q64AZOzUEtPVxwLGnoq4Bg&cid=CAQSKQDUE5ymkYVWj_XC6RYhKJB1FM9FOvb99H6Q1wf1E0S7GSbPocqvfpdr&random=1375270364 HTTP 302
  • https://www.google.de/pagead/1p-conversion/863330933/?random=1229790690&cv=11&fst=1677766210974&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=EAkoCPSi2NEBEPXE1ZsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&gtm_ee=1&auid=1584816808.1677766211&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVlBcVZVdjhRZHpBVzVyanpxUnJkVUpVTXJUN0Q1dHVlOUxzMkwycXpWMzNkbWg3MERXUFEaWkNoRUlnSy1Cb0FZUW4tVHd4Sl8tNTlfN0FSSXVBQTFJTlZBbnhOcHZ6YmdPTUFZdmM4dWU5Z2p1U21XUmhkbUhCQWY2ZTVSVTVzdjVBUmJ2NWlJSml0UjlaZw&is_vtc=1&ocp_id=Q64AZOzUEtPVxwLGnoq4Bg&cid=CAQSKQDUE5ymkYVWj_XC6RYhKJB1FM9FOvb99H6Q1wf1E0S7GSbPocqvfpdr&random=1375270364&ipr=y&prhg=0
Request Chain 107
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.springserve.com%252Fusersync%253Faid%253D1000001%2526gdpr%253D1%2526gdpr_consent%253D%2526us_privacy%253D%2526uuid%253D%2524UID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=1656581579555146187
Request Chain 109
  • https://ssum.casalemedia.com/usermatchredir?s=184932&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=184932&us_privacy=&C=1 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=ZACuQ0pg9LL.x0NqimZP2gAA%261171
Request Chain 110
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
Request Chain 112
  • https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=OJtvEE3QcLZx&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
Request Chain 113
  • https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
Request Chain 115
  • https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=f2333559-b903-11ed-a446-14604df00306 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=f23334e9-b903-11ed-a446-14604df00306
Request Chain 116
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D HTTP 302
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D
Request Chain 121
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent= HTTP 302
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
Request Chain 158
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 171
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 203
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEE14gogdcq96aZ3RiZPe-eg&google_cver=1&google_push=Aa02lx-PGnwceaHekyKymHUbzTFfD-KbWVcJwrIVLdPf-8pcch1uBUSnX_vgknCdc6bzBtdPq-uJ1-8TS8XQ-InsAC7YmXXuf5Oj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-PGnwceaHekyKymHUbzTFfD-KbWVcJwrIVLdPf-8pcch1uBUSnX_vgknCdc6bzBtdPq-uJ1-8TS8XQ-InsAC7YmXXuf5Oj
Request Chain 204
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEITXvTbbzGHis5JliIOJHLQ&google_cver=1&google_push=Aa02lx92mee8Xiu1pLMBCrsCswq7ejhc2YfQ-ReZ_rUUNy1jCvjri41eSUFSArtAfXmTdwijAJBAKOKHF8hN1AvbjjLOhjlRvWys&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx92mee8Xiu1pLMBCrsCswq7ejhc2YfQ-ReZ_rUUNy1jCvjri41eSUFSArtAfXmTdwijAJBAKOKHF8hN1AvbjjLOhjlRvWys%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEITXvTbbzGHis5JliIOJHLQ&google_cver=1&google_push=Aa02lx92mee8Xiu1pLMBCrsCswq7ejhc2YfQ-ReZ_rUUNy1jCvjri41eSUFSArtAfXmTdwijAJBAKOKHF8hN1AvbjjLOhjlRvWys&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx92mee8Xiu1pLMBCrsCswq7ejhc2YfQ-ReZ_rUUNy1jCvjri41eSUFSArtAfXmTdwijAJBAKOKHF8hN1AvbjjLOhjlRvWys%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 205
  • https://um.simpli.fi/gp_match?google_gid=CAESELKhdjPTlMrdyTDWoAToRVY&google_cver=1&google_push=Aa02lx_YK_v6DyUqkfmsRTjVHMyASqHpe6WcAPf9JFJdVSCaU4H_BPbMQ89u9JqGYz7OrTwsmppK7ZGcYzh_uEdn6GA8FmbT08fN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=385FD20595C241C19601DC5FF944F092&google_push=Aa02lx_YK_v6DyUqkfmsRTjVHMyASqHpe6WcAPf9JFJdVSCaU4H_BPbMQ89u9JqGYz7OrTwsmppK7ZGcYzh_uEdn6GA8FmbT08fN
Request Chain 206
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOMpWeBhxlCcsMEPZtWuYis&google_cver=1&google_push=Aa02lx9-1hgJnT8r_6KduwJeRIHrQniBfY20lPomvcwZtxokIbhiEl9ktL73KExwYVJb2vGnKN4Nw4QsZah1BXleD4jCgwsJZQ6R HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTk1MTAxNTE3OTQ1MDUxNg%3D%3D&google_push=Aa02lx9-1hgJnT8r_6KduwJeRIHrQniBfY20lPomvcwZtxokIbhiEl9ktL73KExwYVJb2vGnKN4Nw4QsZah1BXleD4jCgwsJZQ6R
Request Chain 207
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDLMwmghXNzPNIK2-nE8T6U&google_cver=1&google_push=Aa02lx-VRslEpEghY6x4zyUDTe6VbpD5NVLkQXxOxfauFVNn-WCYn9-bmUUbmFpftCnYWN-WaRX4dH1R--vuwlw9QK9GGU4eS4vf HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XiCoEyjHTBiYOwa_1cooaw2&google_push=Aa02lx-VRslEpEghY6x4zyUDTe6VbpD5NVLkQXxOxfauFVNn-WCYn9-bmUUbmFpftCnYWN-WaRX4dH1R--vuwlw9QK9GGU4eS4vf
Request Chain 208
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL2TcungizLUkSfLi-_EDsU&google_cver=1&google_push=Aa02lx80igMy4k0LNAj_IfBhrXmteU3gKHX_Db0fxHv5lUBFjaz94SmC5aR--kMvC_PXvtguYU-vKdFouS3Hw2pyi5jmD1TmsJIq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx80igMy4k0LNAj_IfBhrXmteU3gKHX_Db0fxHv5lUBFjaz94SmC5aR--kMvC_PXvtguYU-vKdFouS3Hw2pyi5jmD1TmsJIq&google_hm=eS03M3pYVWs1RTJwR0Rmajkyc0c0MGVtOGxZVHprbGkwaH5B
Request Chain 209
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFFnX9DQ77BwVZHtuYlss7E&google_cver=1&google_push=Aa02lx-5ENAGfU-WeTJwqqfSuFR5CATVwhuuvL-xT2ySgPBOECiD4asSyikK3GyJZ09haDSmmprNU0UqtoYPViqpkSjgcUxaLGDCow HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-5ENAGfU-WeTJwqqfSuFR5CATVwhuuvL-xT2ySgPBOECiD4asSyikK3GyJZ09haDSmmprNU0UqtoYPViqpkSjgcUxaLGDCow HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2bpVfUDcYZnWrK-Y-DCBE&google_cver=1
Request Chain 230
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZACuQ0pg9LL.x0NqimZP2gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2bpVfUDcYZnWrK-Y-DCBE&google_cver=1&google_hm=2
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELc9rQOFZIxthKSjrEfNOe8&google_cver=1
Request Chain 232
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY1NjU4MTU3OTU1NTE0NjE4Nw%3D%3D
Request Chain 245
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COW2vJm2vf0CFaHzEQgdiIMBxg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023030215101482289520639X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023030215101482289520639X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Request Chain 248
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1677766213_f36ada20-b903-11ed-b520-223763a3e4ca&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 250
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161235&gdpr=1&gdpr_consent=CO4SQrwO4SQs9AHABBENAyCsAP_AAH_AAAAAGStX_T9fb2vj-_5999t0eY1f9_63t-wjhgeMs-8NyZ-X_J4Wr2MyvB34JqQKGRgEunLBAQdlHGHcTQgAwIkViTLMYk2MizNKJrJEilMbc2dYGG1vn8XTuZCY70-sP__zv3-_-33_4GSEEmCpfAQJCWMBJNmlUKIEIVxIVAOASghGEg0sNCRwU7I4CPUACABAYAIQIAQAgohJBAAIAAElEQAgAwIBEARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQTwAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161235%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fmedia.grid.bidswitch.net%252Fsync%253Ftp_id%253D27%2526tp_uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161235&gdpr=1&gdpr_consent=CO4SQrwO4SQs9AHABBENAyCsAP_AAH_AAAAAGStX_T9fb2vj-_5999t0eY1f9_63t-wjhgeMs-8NyZ-X_J4Wr2MyvB34JqQKGRgEunLBAQdlHGHcTQgAwIkViTLMYk2MizNKJrJEilMbc2dYGG1vn8XTuZCY70-sP__zv3-_-33_4GSEEmCpfAQJCWMBJNmlUKIEIVxIVAOASghGEg0sNCRwU7I4CPUACABAYAIQIAQAgohJBAAIAAElEQAgAwIBEARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQTwAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161235%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fmedia.grid.bidswitch.net%252Fsync%253Ftp_id%253D27%2526tp_uid%253D%2523PMUID&rdf=1
Request Chain 258
  • https://fw.adsafeprotected.com/rfw/bgd/1135760/65089096/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-BkSysaKR5EoCUJt-LSDpcrgrgw0wZ-nir6OQGLltcg8W8CqBuGE69nllqYuHyLTUKjKtmh1pBkCY63_Smrzs3IsPlcGyj-lLvztfDxXShFig5nkkIPm418wlI6WNBxGiTlmztgY27FW1Y9-Bu2j5Y-BowAhYCXl5VRAZw8V3G9uaRCe6oSqRQAoCZ_4L3GlPlZ1QpSNbhcRJUlYEZb37voeODV6nup95QhgNTH9DsYnxQdTW984Q_Z0Jm2p_fxyi0Ugw07es-telmdekVAQRerpMhGz2NeEImk968lqpgbISa17FhSb6GYU3kijFZ154t-fptvT5ygr6gZWtNnUL6AK8gR8MifoTUfT9g7kHk7SkzkWIUddENbCaAvRq5XKc8Kaervro0mZH27MbttDRf6l3C9TK9EqWs9R3nku2BnMjdjmbGM423W2z6lIg5k71tOixpzaByE8VvY9BTwrKCw3P2PtAPDoLYatnd_fmTBHVBdvMNeLj7gtI86qKUx6xUihSBsFb9daoSoErmqdEJPg_FFKv3kGO8-Phlif_kX2RkrrtQMGqCTmUerhUslVs1gQ0QY_7J7sudXH2gCg8j7BsftvLx0FqlGUaREnqHqRqiQd3qNilx1fOr6F4oUq9fwXkeYi300wnWnbxc-O_kmrRmSXsZiBeXnOARSSS_xu4AAXpbjCLbI6rrFrnjANXNTn_XuYkIi_qd76zSiSsYuJOz38AWwRACFnbSu79cHojJwNN-I41Ju80W25KuSZfoajrT0l5S3VcCtMBxOnFVZBVuhut6fcn_GbElBPzewRp232bOBn8IcrB7CxIqopz5Oqab2ioN3I811vQs8YZskt5GgP_TRej1100m-wjuZb8grYsoIqewtWRhtjvYajFz2CC8otRCYoQcn51diEcHwS_dtCZZ6ex-atd3hCBr-sik-RbSAO59gSVQtFOWCGMwjxe2TOkLsEjjlAnhBFNSYTBUvCnJ3GKrDIrDuME8Q4RfZZmqOMfRFGNIonaPzENbGGzs5lll79_qGi8Mf31_CwTSeCh_7LcxafCzVH6uYLKASTaNLmrIcltzkXl1JGnZSl7RLtt6aMWOTeea2gagyx1cNoU8W6a1tY-yQ37HIV-MuLCIDza4V5n-oV8fhhiYGetqftjZM-l5vW1SvE0K9BP9hFNnMmcUPQeaxGLckKSRQMOQQJTT7FDR6Hh2KBXYCNRIaA3wLLIUH3j5_hMl09u68suXBLh-6xSHQumcoaYRw4mUU6GUssLhn2x7rdczMnmDEVyeAbPFxghB-thisqdkSIskUz63pwVbvVxweoxwbNlqQLP3T5u-E2ZX6gzZrK4AstaM-0BWFWXS1g_ILM8ePAd67o_i4LOUMJFIv7DwDoZxj55I_tGnVrr4HcEWTzbB0r34Wf9vdSq1lWSgzvaMUsurjpgTbUIHfWCGpIhYntsnRNUKceaJDmxIDCCNHKcgIrrc16_qLTmPUvcpov_mQR4S295aPY9BkO3UmS8kJuIyryMpGWADyMjah8_W1lSXREiJQu1_Xk809QWUqnHBb3i-0P_eSF7D42rcRENzVn1zv3N0YLvgpi8gpqXDU2_7FsZ0qp2nI7RJUZO0fmhuvlUI3LLq8rGF4DZbYVZWSR3TC1UdyKR_LRw9nyV4apL_HVKP-uEFsVsWmQPvYxRLVdKA1C0K4lVzRP-cmidoZi1NB-awF5v2fnb6jlbgf-gxzZj7WsT0Cw3_n23UsrdD7udKkYxlgKZeWyGoW_WDSvqY3qteOg7i2DB_vUOJqxE-vrEK8SMzbBdznsGVWPLBMRzp1dyF7_sQWhWCzGdFkRUWccMaLJppdyB1DvbUItNbMIggMEphKtAKPfJoRNBd065-6U0osHucg0E06LSkRwRBY9SM2TLJ3-Chjw0q6b5yeLdh9yHnMjxWDU7JTTXlVFs0F8KnrUDiXIV_z07pDeHrqzoWdPr20p32JKWx_2pUOuL4qPTuZoNZyjf9eMtaw5a9xgSz-JIP6mAjQxloy1tfjZkrIhK7urSoNKRewSvb5blNIzgTCz3BeIn9tK3JZQ0Geq0IOYZxVMO_u9U8J-DvTpcCVgDqe1v1rX4IxCrXNF72TltVzsvbNCA-Sj6rS46KGvTWXNvScYZeArVeG9kysCKm3yqvzXtZF-KYOTBTxho9_ChHMXqw_NqmRelmrhvcaVgYzpkrHmeHfNuiZj-yxIIvjv4H4V_dM7WodrGep2eTYxcyTYWtFxuNGe-01G_qJmWIsD8Hmbk8K_zdIoKV1e6fgOjXKLkxkcOBvIDr6I_LfLs0qMRn1nA0kJKUM1bxVILLn1g-fSIGg23KiZvUzDjYPOTYTiaC7W5tffJOJJ0c139Zp3Z5kCt21ClpSU-YD3xp2D3T7fjamHeHvnkJCL40FIDvr7qJ2ePLb3KyHYIx-Ox9ICE6uf9yp5TXFjD73KfNNrsvWtNQALG6WcitXIWBpMWllxsBBbBKKcWDt_AJddyIJ92Ddchil8mF7uBA2KKaZcvt008hc56df8pOHxtk0YvU261fijm8i0U7EWIUpeJfsnpqDpzPCv80wT8zureWWDA8tXCSrjWb8v1pGvNvLkN-FIEy3Ufo6pzwe727C9xLzrKKh5nE4WXdQsDT7bsxvU0HSE5OIc5szLJ0Pv1QNpGwtGM3dpgeSoqczPQyOyi1zwT4FfVEn2Tjfx4TMswdaVJivgaERFcGCYuurh9WAwxWU3JSQNNK6gSM2ycz7l7hBcRNZ1b8c8nqKKm_tiJL3IroSwJlFWD7QH_s78TpoXzpx6Ei2FFWdN5iJsIl8l4C2rTJ42I9Qgg6ti3VAJzVxEis9TvrlWLLOq2leABzZM8Mjo5uf3_uU1WHCwOdFhCAapqfp6VUKV04SU6-g6lyYPfRnvF4hCCduOQoKdNu_tsrZu2W1QE_92GSc9Hwuw5jxR2D1uKGNMXlnWhOwY5nUpkfdmcSZmCfQXByUVL0ehFZC4Nru1EwPdjHhN9E30qSrfnFQtb12_rIqPELmzIvjwmpukWtliJmsNQ0KlD9z092KGPnruUCFUFK2lAYN1NBKqX0-fc2C8OjQrHc_Y5ncTEd-q_SUmFLnz8hWXe2d6B9MGazDiO0t6EN02PIwBFvy6kL8x8RNfsz4143wxMiXu3yrTrKhsszkpvc2CKJwZ8HWLqH2IeEsXvPh5u1S4A5I1oXVz4P-fuhhVDMDRn1h1Iomxz2FbHFrGdK9I5sEWczZxZCbhpi8rL5ZRPiQ9bo4t0n1NrOsMM4fFXYz6--F5dxZ2Wi2Do2EwT_SsZz64-0suAXgxL2dxe_5Six1Y-N0y1EEg5K-EoWh1qmHl9FuIQJbx3pccM6c72DoBXJSWF777gSzbKMuRXy3FPaHaq6tXsryP7-QCbBMtPcIbs8S8UUPOmwUlnEsSK2E2Wxes5I1ty010sSuVkiwVdcUmY6hIF5ZbkbjlLXMAKXP61Q3eQNJ-3eXVcT8jaNE_FDcLMISy9VBREs3g9glYRARzjt6kfXqXlMjDtFOpLwS6GEojpwEaHGQGFR7_92xFXuWetxpdcNAIw62snOhk7Xm1B24LNkpy1NWoe2OW0VaVlcn8W-iVn6Pvgoll1xwRzHLx6m25ebyVbUaQggEEjwA1BOcphev8e07nP5d6SgXcimGGvnweSGd8ELY2Ez55KZt7eUbvuAvmwQ2etzMGS4QQPd2FLUd7XWtMLQYAWAB&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-5022500717598236&ias_chanId=1&ias_placementId=18137318564&bidurl=https://www.netflu.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j1XKS4hlbH1NGniWjDgdVN&adsafe_url=https%3A%2F%2Fwww.netflu.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.netflu.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:fac213d3-4bf9-6841-c588-84a3c5a76921,c:5IhAdk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-qxcrj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:txm83cr+111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C192%7C1a*.1135760-65089096%7C1a1%7C1a21%7C1b,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:f345eda5-b903-11ed-8a73-2af2049f224f,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-BkSysaKR5EoCUJt-LSDpcrgrgw0wZ-nir6OQGLltcg8W8CqBuGE69nllqYuHyLTUKjKtmh1pBkCY63_Smrzs3IsPlcGyj-lLvztfDxXShFig5nkkIPm418wlI6WNBxGiTlmztgY27FW1Y9-Bu2j5Y-BowAhYCXl5VRAZw8V3G9uaRCe6oSqRQAoCZ_4L3GlPlZ1QpSNbhcRJUlYEZb37voeODV6nup95QhgNTH9DsYnxQdTW984Q_Z0Jm2p_fxyi0Ugw07es-telmdekVAQRerpMhGz2NeEImk968lqpgbISa17FhSb6GYU3kijFZ154t-fptvT5ygr6gZWtNnUL6AK8gR8MifoTUfT9g7kHk7SkzkWIUddENbCaAvRq5XKc8Kaervro0mZH27MbttDRf6l3C9TK9EqWs9R3nku2BnMjdjmbGM423W2z6lIg5k71tOixpzaByE8VvY9BTwrKCw3P2PtAPDoLYatnd_fmTBHVBdvMNeLj7gtI86qKUx6xUihSBsFb9daoSoErmqdEJPg_FFKv3kGO8-Phlif_kX2RkrrtQMGqCTmUerhUslVs1gQ0QY_7J7sudXH2gCg8j7BsftvLx0FqlGUaREnqHqRqiQd3qNilx1fOr6F4oUq9fwXkeYi300wnWnbxc-O_kmrRmSXsZiBeXnOARSSS_xu4AAXpbjCLbI6rrFrnjANXNTn_XuYkIi_qd76zSiSsYuJOz38AWwRACFnbSu79cHojJwNN-I41Ju80W25KuSZfoajrT0l5S3VcCtMBxOnFVZBVuhut6fcn_GbElBPzewRp232bOBn8IcrB7CxIqopz5Oqab2ioN3I811vQs8YZskt5GgP_TRej1100m-wjuZb8grYsoIqewtWRhtjvYajFz2CC8otRCYoQcn51diEcHwS_dtCZZ6ex-atd3hCBr-sik-RbSAO59gSVQtFOWCGMwjxe2TOkLsEjjlAnhBFNSYTBUvCnJ3GKrDIrDuME8Q4RfZZmqOMfRFGNIonaPzENbGGzs5lll79_qGi8Mf31_CwTSeCh_7LcxafCzVH6uYLKASTaNLmrIcltzkXl1JGnZSl7RLtt6aMWOTeea2gagyx1cNoU8W6a1tY-yQ37HIV-MuLCIDza4V5n-oV8fhhiYGetqftjZM-l5vW1SvE0K9BP9hFNnMmcUPQeaxGLckKSRQMOQQJTT7FDR6Hh2KBXYCNRIaA3wLLIUH3j5_hMl09u68suXBLh-6xSHQumcoaYRw4mUU6GUssLhn2x7rdczMnmDEVyeAbPFxghB-thisqdkSIskUz63pwVbvVxweoxwbNlqQLP3T5u-E2ZX6gzZrK4AstaM-0BWFWXS1g_ILM8ePAd67o_i4LOUMJFIv7DwDoZxj55I_tGnVrr4HcEWTzbB0r34Wf9vdSq1lWSgzvaMUsurjpgTbUIHfWCGpIhYntsnRNUKceaJDmxIDCCNHKcgIrrc16_qLTmPUvcpov_mQR4S295aPY9BkO3UmS8kJuIyryMpGWADyMjah8_W1lSXREiJQu1_Xk809QWUqnHBb3i-0P_eSF7D42rcRENzVn1zv3N0YLvgpi8gpqXDU2_7FsZ0qp2nI7RJUZO0fmhuvlUI3LLq8rGF4DZbYVZWSR3TC1UdyKR_LRw9nyV4apL_HVKP-uEFsVsWmQPvYxRLVdKA1C0K4lVzRP-cmidoZi1NB-awF5v2fnb6jlbgf-gxzZj7WsT0Cw3_n23UsrdD7udKkYxlgKZeWyGoW_WDSvqY3qteOg7i2DB_vUOJqxE-vrEK8SMzbBdznsGVWPLBMRzp1dyF7_sQWhWCzGdFkRUWccMaLJppdyB1DvbUItNbMIggMEphKtAKPfJoRNBd065-6U0osHucg0E06LSkRwRBY9SM2TLJ3-Chjw0q6b5yeLdh9yHnMjxWDU7JTTXlVFs0F8KnrUDiXIV_z07pDeHrqzoWdPr20p32JKWx_2pUOuL4qPTuZoNZyjf9eMtaw5a9xgSz-JIP6mAjQxloy1tfjZkrIhK7urSoNKRewSvb5blNIzgTCz3BeIn9tK3JZQ0Geq0IOYZxVMO_u9U8J-DvTpcCVgDqe1v1rX4IxCrXNF72TltVzsvbNCA-Sj6rS46KGvTWXNvScYZeArVeG9kysCKm3yqvzXtZF-KYOTBTxho9_ChHMXqw_NqmRelmrhvcaVgYzpkrHmeHfNuiZj-yxIIvjv4H4V_dM7WodrGep2eTYxcyTYWtFxuNGe-01G_qJmWIsD8Hmbk8K_zdIoKV1e6fgOjXKLkxkcOBvIDr6I_LfLs0qMRn1nA0kJKUM1bxVILLn1g-fSIGg23KiZvUzDjYPOTYTiaC7W5tffJOJJ0c139Zp3Z5kCt21ClpSU-YD3xp2D3T7fjamHeHvnkJCL40FIDvr7qJ2ePLb3KyHYIx-Ox9ICE6uf9yp5TXFjD73KfNNrsvWtNQALG6WcitXIWBpMWllxsBBbBKKcWDt_AJddyIJ92Ddchil8mF7uBA2KKaZcvt008hc56df8pOHxtk0YvU261fijm8i0U7EWIUpeJfsnpqDpzPCv80wT8zureWWDA8tXCSrjWb8v1pGvNvLkN-FIEy3Ufo6pzwe727C9xLzrKKh5nE4WXdQsDT7bsxvU0HSE5OIc5szLJ0Pv1QNpGwtGM3dpgeSoqczPQyOyi1zwT4FfVEn2Tjfx4TMswdaVJivgaERFcGCYuurh9WAwxWU3JSQNNK6gSM2ycz7l7hBcRNZ1b8c8nqKKm_tiJL3IroSwJlFWD7QH_s78TpoXzpx6Ei2FFWdN5iJsIl8l4C2rTJ42I9Qgg6ti3VAJzVxEis9TvrlWLLOq2leABzZM8Mjo5uf3_uU1WHCwOdFhCAapqfp6VUKV04SU6-g6lyYPfRnvF4hCCduOQoKdNu_tsrZu2W1QE_92GSc9Hwuw5jxR2D1uKGNMXlnWhOwY5nUpkfdmcSZmCfQXByUVL0ehFZC4Nru1EwPdjHhN9E30qSrfnFQtb12_rIqPELmzIvjwmpukWtliJmsNQ0KlD9z092KGPnruUCFUFK2lAYN1NBKqX0-fc2C8OjQrHc_Y5ncTEd-q_SUmFLnz8hWXe2d6B9MGazDiO0t6EN02PIwBFvy6kL8x8RNfsz4143wxMiXu3yrTrKhsszkpvc2CKJwZ8HWLqH2IeEsXvPh5u1S4A5I1oXVz4P-fuhhVDMDRn1h1Iomxz2FbHFrGdK9I5sEWczZxZCbhpi8rL5ZRPiQ9bo4t0n1NrOsMM4fFXYz6--F5dxZ2Wi2Do2EwT_SsZz64-0suAXgxL2dxe_5Six1Y-N0y1EEg5K-EoWh1qmHl9FuIQJbx3pccM6c72DoBXJSWF777gSzbKMuRXy3FPaHaq6tXsryP7-QCbBMtPcIbs8S8UUPOmwUlnEsSK2E2Wxes5I1ty010sSuVkiwVdcUmY6hIF5ZbkbjlLXMAKXP61Q3eQNJ-3eXVcT8jaNE_FDcLMISy9VBREs3g9glYRARzjt6kfXqXlMjDtFOpLwS6GEojpwEaHGQGFR7_92xFXuWetxpdcNAIw62snOhk7Xm1B24LNkpy1NWoe2OW0VaVlcn8W-iVn6Pvgoll1xwRzHLx6m25ebyVbUaQggEEjwA1BOcphev8e07nP5d6SgXcimGGvnweSGd8ELY2Ez55KZt7eUbvuAvmwQ2etzMGS4QQPd2FLUd7XWtMLQYAWAB
Request Chain 279
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 287
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMwUpOIbscqIhGilcljx4ug&google_cver=1&google_push=Aa02lx-gy2RrazbvPKdRICkiVFZHh1dgQWkid_xOZ5uYJUzY9jw77rIE_m5qwf5wGbk7lNUxmMxoIHuw-qK1m_cz1Zqa9HcI3Ljf-g HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMwUpOIbscqIhGilcljx4ug&google_cver=1&google_push=Aa02lx-gy2RrazbvPKdRICkiVFZHh1dgQWkid_xOZ5uYJUzY9jw77rIE_m5qwf5wGbk7lNUxmMxoIHuw-qK1m_cz1Zqa9HcI3Ljf-g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b0Y5NjV5Q2ExUHhKRG81&google_gid=CAESEMwUpOIbscqIhGilcljx4ug&google_cver=1&google_push=Aa02lx-gy2RrazbvPKdRICkiVFZHh1dgQWkid_xOZ5uYJUzY9jw77rIE_m5qwf5wGbk7lNUxmMxoIHuw-qK1m_cz1Zqa9HcI3Ljf-g
Request Chain 288
  • https://um.simpli.fi/gp_match?google_gid=CAESELKhdjPTlMrdyTDWoAToRVY&google_cver=1&google_push=Aa02lx-vi85nY-vf3W2ouxK1yg6gfejWuZDrK4zoDHgDB1_uuILdnhTs_GoU9J-gyeKJmpFVtzq9SORbgpf45KVEPjxMNQumW6fJ6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=385FD20595C241C19601DC5FF944F092&google_push=Aa02lx-vi85nY-vf3W2ouxK1yg6gfejWuZDrK4zoDHgDB1_uuILdnhTs_GoU9J-gyeKJmpFVtzq9SORbgpf45KVEPjxMNQumW6fJ6w
Request Chain 290
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAPexGiNXYwF_coe1gcqZss&google_cver=1&google_push=Aa02lx_YkfvcD-o1Yl4z6pesX4PiL-p-H9XX-ifl94TusoELpInkDEzUuhRdYRcQzxGiprUGuY72ZV7rkdZM8zcbpUYAF8oxWTzM5Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_YkfvcD-o1Yl4z6pesX4PiL-p-H9XX-ifl94TusoELpInkDEzUuhRdYRcQzxGiprUGuY72ZV7rkdZM8zcbpUYAF8oxWTzM5Q&google_hm=iLYBRylYRPKrSA1174CrHxU
Request Chain 291
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOMpWeBhxlCcsMEPZtWuYis&google_cver=1&google_push=Aa02lx-XEm2-_z86-Em26Gmv9uyd86htqZrxYxzEgChHiyUU7KrGX8ZSlKsdYGsv2U4oGnnY4s7HV_FTNLTjb_B_EMOKWV9REjAdzw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTk1MTAxNTE3OTQ1MDUxNg%3D%3D&google_push=Aa02lx-XEm2-_z86-Em26Gmv9uyd86htqZrxYxzEgChHiyUU7KrGX8ZSlKsdYGsv2U4oGnnY4s7HV_FTNLTjb_B_EMOKWV9REjAdzw
Request Chain 292
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDLMwmghXNzPNIK2-nE8T6U&google_cver=1&google_push=Aa02lx8Icp5xfPds3lmrAkl-KDhSxkjc7W4RhTKWj50bnq4ZYYHoSZHrC7HRctgpd7jPmVY6DP0hXgg_ZTKM7VQLxaWVS6yfyzhPbA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XiCoEyjHTBiYOwa_1cooaw2&google_push=Aa02lx8Icp5xfPds3lmrAkl-KDhSxkjc7W4RhTKWj50bnq4ZYYHoSZHrC7HRctgpd7jPmVY6DP0hXgg_ZTKM7VQLxaWVS6yfyzhPbA
Request Chain 293
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFFnX9DQ77BwVZHtuYlss7E&google_cver=1&google_push=Aa02lx9yJqv0OWlXvong3kHJOjc7lZm5lbc2g5_UJcjkhvgwooLwMudJZXoPoA71aItEQC4ZzWTM9ruXjbzh3O-OcVr3IZgNi0Xuyck HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9yJqv0OWlXvong3kHJOjc7lZm5lbc2g5_UJcjkhvgwooLwMudJZXoPoA71aItEQC4ZzWTM9ruXjbzh3O-OcVr3IZgNi0Xuyck HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 398
  • https://cdn.jwplayer.com/strips/vWsikaHo-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/vWsikaHo-120.vtt
Request Chain 413
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMHYskt7zighEODd6Y5mHn4&google_cver=1&google_ula=862479430,0
Request Chain 416
  • https://cdn.jwplayer.com/v2/media/MdTp8Bi4/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/NJerEC45-120.jpg

412 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.netflu.com.br/
Redirect Chain
  • http://netflu.com.br/
  • https://netflu.com.br/
  • https://www.netflu.com.br/
198 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 / PHP/7.4.33
Resource Hash
ad97c59fa1224d843c70c57e93b42b1cb776e4a36239fe0704d837503e7e87c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=60, stale-if-error=2592000
content-encoding
gzip
content-length
34262
content-type
text/html; charset=UTF-8
date
Thu, 02 Mar 2023 14:10:10 GMT
mrf-cache-status
HH
mrf-tech
CDN
server
nginx/1.17.4
vary
Accept-Encoding, User-Agent
x-b3-traceid
eb89f8d733a449d6ba1338ed6392ef98
x-b3-traceid-primal
27bbb3ad641c4802be3dfba5432eec15
x-cache
HIT, HIT
x-cache-hits
2, 1
x-powered-by
PHP/7.4.33
x-served-by
cache-lcy-eglc8600054-LCY, cache-hhn-etou8220076-HHN
x-timer
S1677766211.578305,VS0,VE7

Redirect headers

accept-ranges
bytes
content-length
0
date
Thu, 02 Mar 2023 14:10:10 GMT
location
https://www.netflu.com.br/
mrf-cache-status
M
retry-after
0
server
Varnish
vary
User-Agent
x-b3-traceid
b5bc60fbcd8b4e54bdfea4e756b19cff
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220076-HHN
x-timer
S1677766210.437954,VS0,VE0
gardac-sync.js
live.mrf.io/statics/marfeel/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.mrf.io/statics/marfeel/gardac-sync.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5428d1ef9d83754dce94a68d89cfd445ee439f51872b5c6d687b646e40c6f58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
content-encoding
br
via
1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
dfd2aa68ecba46eda939c1aacaf0e452
x-amz-cf-pop
YUL62-C1
x-mrs-cache
MISS
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
M-HH
x-mrf-rendered
1674546806331
content-disposition
inline;filename=f.txt
x-b3-traceid-primal
f6b9e7549a7843aabdb75e76b5f530cd
x-mrs-age
0
content-length
3764
x-mshield-cache-status
MISS
x-served-by
mshield-b-02, haproxy3, cache-yul12827-YUL, cache-hhn-etou8220026-HHN
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1677766211.685061,VS0,VE0
etag
W/"08e1729697a60cc7f930ece0a1a11fb0e"
x-mrf-shard
all
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86401
x-mrs-cache-hits
0
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
_1BqOd38P5_PjtSp6Kp15-ukqNQx_sCokg-Yhr3u5O4akNVhoPvXEw==
x-cache-hits
40, 969
style.min.css
www.netflu.com.br/wp-includes/css/dist/block-library/ 		93 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
353e2be369e54bd6b78fa3ee466fef74
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
108eaa00757f4ecebc297a614df21550
content-length
94889
x-served-by
cache-lcy-eglc8600024-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.636139,VS0,VE17
etag
"638486e8-172a9"
vary
User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
15, 0
classic-themes.min.css
www.netflu.com.br/wp-includes/css/ 		217 B
398 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
b431457ccd7e4793997ed0d5951cff40
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
22af4192245040f58ff4b082a7e683a4
content-length
217
x-served-by
cache-lcy-eglc8600050-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.634947,VS0,VE17
etag
"638486e8-d9"
vary
User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
16, 0
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C400%2C600%2C700&ver=6.1.1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97844d9c35450fd5aa5c6cfe6d3c698a8f976d6bcb09e310389cb5069d62f897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Mar 2023 14:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 14:05:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Mar 2023 14:10:10 GMT
css
fonts.googleapis.com/ 		12 KB
941 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A500%2C400italic%2C700%2C500italic%2C400%2C300&ver=6.1.1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce767ed3c7dd3906efaf0658c9ee9160f2cd9152d57f47179f123046cbab8899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Mar 2023 14:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 14:10:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Mar 2023 14:10:10 GMT
js_composer.min.css
www.netflu.com.br/wp-content/plugins/js_composer/assets/css/ 		452 KB
452 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.10.0
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
4787743c8f6e49818cbff23d61f0f5f1
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
628ccac38f5c416e844b75499b0f3f7a
content-length
462565
x-served-by
cache-lcy-eglc8600037-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.636688,VS0,VE21
etag
"634e279f-70ee5"
vary
User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
16, 0
style.css
www.netflu.com.br/wp-content/themes/Newspaper/ 		742 KB
742 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-content/themes/Newspaper/style.css?ver=6.7.2
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
e1388ee0da5c9c61b244abcbacb6b4097642836b0e91ddd5c4ec125aafea1e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
ec030d45681942d0a0811a64e8900a57
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
2ab9289796ea4e55af384ea54de5ac72
content-length
759498
x-served-by
cache-lcy-eglc8600053-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.637129,VS0,VE20
etag
"5e4f4d4b-b96ca"
vary
User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
11, 0
jquery.min.js
www.netflu.com.br/wp-includes/js/jquery/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
e76a238d5edc4d018b5d890f06bd76f6
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
9dbf82ad95a34bada5f5924af4483814
content-length
89684
x-served-by
cache-lcy-eglc8600031-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.638286,VS0,VE17
etag
"638486e8-15e54"
vary
User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
12, 0
jquery-migrate.min.js
www.netflu.com.br/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
8705b9d75a384c5995f9c8257bc14547
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
0f024842531c4442b0dad022a83e5335
content-length
11224
x-served-by
cache-lcy-eglc8600038-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.638836,VS0,VE17
etag
"6052d3bf-2bd8"
vary
User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
13, 0
seo-automated-link-building.js
www.netflu.com.br/wp-content/plugins/seo-automated-link-building/js/ 		493 B
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-content/plugins/seo-automated-link-building/js/seo-automated-link-building.js?ver=6.1.1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
3a8566c410bdc9c4b1a222d4e198c179255893accb662ed34ac308c39fc01bac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
f8dff8f1883a47f780163c8ba7522fdf
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
b99d835dc372454b8a951a673c27d115
content-length
493
x-served-by
cache-lcy-eglc8600043-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.639315,VS0,VE15
etag
"61406eb2-1ed"
vary
User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
9, 0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
233a9209c444376564cf5b7217f9e52c82c4133ee2a5691474337a2226bcc6bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26849
x-xss-protection
0
server
sffe
etag
"1498 / 652 of 1000 / last-modified: 1677758962"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Mar 2023 14:10:11 GMT
js
www.googletagmanager.com/gtag/ 		130 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-863330933
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6bbcd73b38e3df3f89fc360f94a4d37bb01185a668eced02866ff3663e8e4a6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51374
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 14:10:10 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JXN5WJ3NNM
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0849099cbf02eac6a5c3123108a83d8320470e86643a861c38343b1103b5c6a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78003
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 Mar 2023 14:10:10 GMT
amp-story-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-story-auto-ads-0.1.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e81de8016a317c5483e4a74f0e10dda568c79ae059f77024d839281e46f7925
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 02 Mar 2023 14:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20905
x-xss-protection
0
server
sffe
etag
"a0c284e665fa242d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Mar 2023 14:10:11 GMT
novalogo.png
www.netflu.com.br/wp-content/uploads/2018/11/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2018/11/novalogo.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
31e42fe3e5d8155824c2ef0cc57907e42d9a5af796f20da6c9d11f07f058eba6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
1317c5b51e2a41d69619089681435fe1
x-cache
HIT, MISS
fastly-io-info
ifsz=88538 idim=245x90 ifmt=png ofsz=4914 odim=245x90 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
365815b90ad747cc8a52f7da6d341808
content-length
4914
x-served-by
cache-lcy-eglc8600051-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.875740,VS0,VE17
etag
"ITRVoxZpR4mzuZFst2rSeKnJemKin0d9QQ/2TYmuMDQ"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
5, 0
felipe-534x462.jpg
www.netflu.com.br/wp-content/uploads/2023/03/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/felipe-534x462.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
e1d8079027ee5f2eef4dba4ac845546016037e56e23e16c740dc9789b46d5007

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
835ed40d3be048adb8732d27afb784f5
x-cache
HIT, MISS
fastly-io-info
ifsz=29140 idim=534x462 ifmt=jpeg ofsz=29140 odim=534x462 ofmt=jpeg
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
11e576baa0534e8ea20ee6a4b7c43f3c
content-length
29140
fastly-io-warning
Failed to shrink image
x-served-by
cache-lcy-eglc8600034-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.887648,VS0,VE18
etag
"wF0daERC908U80DI1aQP8xsjYbEtKGhPqyAm5W3oKqc"
vary
Accept, User-Agent
content-type
image/jpeg
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
marcelo-lateral-5-533x261.jpg
www.netflu.com.br/wp-content/uploads/2023/02/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/02/marcelo-lateral-5-533x261.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
f7d469442d58a5098703ab1a8521cbd368b05f837864cb50d7c447e04e858949

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
2cea7fad19fe4ed4a8b4321d02b741a9
x-cache
HIT, MISS
fastly-io-info
ifsz=18202 idim=533x261 ifmt=jpeg ofsz=16744 odim=533x261 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
128591e2cf3a43f28dd8e99e55a2ac68
content-length
16744
x-served-by
cache-lcy-eglc8600054-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.884111,VS0,VE19
etag
"4/c6JvT3WgWAaHjMI/VGuekZh9nR4yL+HZ4V+PTYjEk"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
Luiz-Freitas-Palmeiras-265x198.jpg
www.netflu.com.br/wp-content/uploads/2023/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/Luiz-Freitas-Palmeiras-265x198.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
de5d24f2310f924261eada7a7ccaca9f118d27641f89289ac82bd75ad9204736

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
9315443b01cd41e0ba0603467def8646
x-cache
HIT, MISS
fastly-io-info
ifsz=5183 idim=265x198 ifmt=jpeg ofsz=4728 odim=265x198 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
427e0bd1ae9c474fab26560bd3517cc8
content-length
4728
x-served-by
cache-lcy-eglc8600036-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.889643,VS0,VE15
etag
"9CaC4k6bb7w35zb6DO1eVZttQU11HGVY8x8jVCspvAo"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
32945C0F-D912-45AF-B1E2-6724E65C2BDA-265x198.jpeg
www.netflu.com.br/wp-content/uploads/2023/03/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/32945C0F-D912-45AF-B1E2-6724E65C2BDA-265x198.jpeg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
a866552c42bdce11aef776877ea3d085df60f5c2495e9eb842c751f4b9f76e0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
8858720270e04ecb84d8add3f5e95dd5
x-cache
HIT, MISS
fastly-io-info
ifsz=7023 idim=265x198 ifmt=jpeg ofsz=6486 odim=265x198 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
5dadd59963904db088b421151d47b1ec
content-length
6486
x-served-by
cache-lcy-eglc8600020-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.884156,VS0,VE17
etag
"TAnhIWSBKTC/0+QC9+c8W/kw47yLHp7WSpwJH8GLHME"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
3, 0
gabriel-pirani-2-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/gabriel-pirani-2-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
3fbe4a5714b18e80893787efcd995eb77f21858a9fe2dcafcc947a0734374a1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
6fb59c39df6548a0be7a2748937521d8
x-cache
HIT, MISS
fastly-io-info
ifsz=7160 idim=218x150 ifmt=jpeg ofsz=7160 odim=218x150 ofmt=jpeg
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
e0d814bbb3cf493287fb9ad52ef2515c
content-length
7160
fastly-io-warning
Failed to shrink image
x-served-by
cache-lcy-eglc8600048-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.883473,VS0,VE16
etag
"wxCdlqqYNoSGzuEsFEHd+Ua4vqO4aNf4qjpDLilkwi0"
vary
Accept, User-Agent
content-type
image/jpeg
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
3, 0
face-218x150.png
www.netflu.com.br/wp-content/uploads/2023/01/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/01/face-218x150.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
854501c099e62606d3644e3dfaded70fa22f6a544211c93afa8be94ff1afd859

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
d75f96b05b534fa28b245539e0f6d2ef
x-cache
HIT, MISS
fastly-io-info
ifsz=33278 idim=218x150 ifmt=png ofsz=22368 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
212b15aadc084681a9e668f38d2b882a
content-length
22368
x-served-by
cache-lcy-eglc8600024-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.883438,VS0,VE16
etag
"HPzx7/apoUG8LefykTtoyJnf0QwVfB0RFPe1CMpxGHM"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
mario-bittencourt-218x150.png
www.netflu.com.br/wp-content/uploads/2023/01/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/01/mario-bittencourt-218x150.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
d7116885368f49b92d5c8d93831f9a82a68a437410f33a961e1634b786eccf62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
9368745cd1f24e3784078b3f6c01b019
x-cache
HIT, MISS
fastly-io-info
ifsz=57299 idim=218x150 ifmt=png ofsz=35734 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
2ae7d342d4d34dbf9d360d3a0d6e6efa
content-length
35734
x-served-by
cache-lcy-eglc8600053-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.960553,VS0,VE16
etag
"k9ZyTsVeLtilr+oglAoYx5ygXMUyAoWQXGrOw/HsK88"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
gabriel-pirani-2-218x150.png
www.netflu.com.br/wp-content/uploads/2023/03/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/gabriel-pirani-2-218x150.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
d7f935ad520078c34a72d8fed93c16fd35d69a99404e2913a476e28a14ed8572

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
da90c2546ad541d1b59142461d0081c3
x-cache
HIT, MISS
fastly-io-info
ifsz=36787 idim=218x150 ifmt=png ofsz=22554 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
cdd0b2d63c464650b1f193b1ba6611df
content-length
22554
x-served-by
cache-lcy-eglc8600057-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.981472,VS0,VE16
etag
"LIlG/KZzG3Yk0mcdHVaXZZf2pagiGVUjAHnci7pINgA"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
5, 0
sub-16-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/sub-16-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
386ad7b1d39959a71443dea78288e51d450cc9b22fdad4ed7de574253b9f2bab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
afd1be2786fa456ea606cf2fd8fe9828
x-cache
HIT, MISS
fastly-io-info
ifsz=6054 idim=218x150 ifmt=jpeg ofsz=6054 odim=218x150 ofmt=jpeg
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
0b435accee8340e9887c31e5ec12000c
content-length
6054
fastly-io-warning
Failed to shrink image
x-served-by
cache-lcy-eglc8600055-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.982512,VS0,VE20
etag
"HFCVv229X8Y+CXqoY8Nw194FIOI3Bbwv7xHkzVYDIDc"
vary
Accept, User-Agent
content-type
image/jpeg
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
5, 0
felipe-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/felipe-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
d1bdb6b123bc53b7dfd43678ebe5b10df4f7c556d62220bc533c08223f8c83e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
bd248eb16c394c3fa843c3007c08a5e9
x-cache
HIT, MISS
fastly-io-info
ifsz=6242 idim=218x150 ifmt=jpeg ofsz=6242 odim=218x150 ofmt=jpeg
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
dccf4deb1fb547c9842a68c532163afa
content-length
6242
fastly-io-warning
Failed to shrink image
x-served-by
cache-lcy-eglc8600045-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.985482,VS0,VE16
etag
"UqV2Q0sWJaqjAiET/UK54WCZQjGAShA5b0+7P749gps"
vary
Accept, User-Agent
content-type
image/jpeg
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
gabriel-pirani-1-218x150.png
www.netflu.com.br/wp-content/uploads/2023/03/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/gabriel-pirani-1-218x150.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
97c7d262744f55a38cc0f135f6f47f8876581ea219a32e59132673c8576d46a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
2a0f95861d894f658fc0d48bf64378b0
x-cache
HIT, MISS
fastly-io-info
ifsz=61917 idim=218x150 ifmt=png ofsz=39966 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
0c78f558bca741ffb96de8bda1096028
content-length
39966
x-served-by
cache-lcy-eglc8600050-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.994975,VS0,VE17
etag
"a480Q6U3O+nfUqzg/vHndOxbjxWEcNRtIxsPvlwiZfE"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
miguel-218x150.webp
www.netflu.com.br/wp-content/uploads/2023/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/miguel-218x150.webp
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
af0e571dbd261b8fbcad8d6bea3be238508706f3c8d5619286a48e1364136e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
ab00da6ac2d442858655c2b90a571f12
x-cache
HIT, MISS
fastly-io-info
ifsz=7240 idim=218x150 ifmt=webp ofsz=4910 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
69f799596e5d44a3a1a679c93b3c0aef
content-length
4910
x-served-by
cache-lcy-eglc8600050-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.999457,VS0,VE19
etag
"d6CElmP4/I76gJaQUIURrTUjipNYQVRLzIqn2Vp8Kww"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
marcelo-lateral-5-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/02/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/02/marcelo-lateral-5-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
70dc1988dc071287e1b9b8f97121bccf9fc220e3bc797b96a0f6830e7e8ebfba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
68cc5a25fbc54cbd956dfa9233cef091
x-cache
HIT, MISS
fastly-io-info
ifsz=6941 idim=218x150 ifmt=jpeg ofsz=6941 odim=218x150 ofmt=jpeg
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
fa3c355f540c4a5cb9ed6b5c7c9eb16a
content-length
6941
fastly-io-warning
Failed to shrink image
x-served-by
cache-lcy-eglc8600040-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.021140,VS0,VE17
etag
"4gjLPEbBis8XzO01qwVauIn7/Hn9/6qGu9ZEttF8HgU"
vary
Accept, User-Agent
content-type
image/jpeg
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
3, 0
ailton-ferraz-218x150.jpg
www.netflu.com.br/wp-content/uploads/2022/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2022/02/ailton-ferraz-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
47d65d45be487c554f6fbcd236cf43e255824a7cfa50059aa8d35d0a4daffebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
be8c19eb7c994d8e90c57746fd266e95
x-cache
HIT, MISS
fastly-io-info
ifsz=5517 idim=218x150 ifmt=jpeg ofsz=5008 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
b74db6a318514fbe914f6654cdaccdc8
content-length
5008
x-served-by
cache-lcy-eglc8600048-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.026049,VS0,VE17
etag
"/zxMUgCxZ9LMxLo7v/uM8SjDjgD4PK9RWDiUMDeH4QA"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
copa-do-brasil-218x150.jpeg
www.netflu.com.br/wp-content/uploads/2022/05/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2022/05/copa-do-brasil-218x150.jpeg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
06dcde7e94c477e60a75fcdc0d1ac20dce7698617feed8541252dd134e439ed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
5d3f7450afad43c7bfc75ae8af8e2ee3
x-cache
HIT, MISS
fastly-io-info
ifsz=5546 idim=218x150 ifmt=jpeg ofsz=5542 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
d14c00d8e494498b859948c7f511be35
content-length
5542
x-served-by
cache-lcy-eglc8600048-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.026160,VS0,VE19
etag
"EJOau++oyvrP98uML8tkbVnH2JAviviEKUSOjcW4kXk"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
3, 0
Trofeu-Libertadores-218x150.jpg
www.netflu.com.br/wp-content/uploads/2021/12/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2021/12/Trofeu-Libertadores-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
d83cd58015b20ef4b84818d4ccf4e448a2f8ae206b44ee49deddc9e9fc31d308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
17af2f035adf4bb78edf1b5ec27df97f
x-cache
HIT, MISS
fastly-io-info
ifsz=5104 idim=218x150 ifmt=jpeg ofsz=5104 odim=218x150 ofmt=jpeg
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
cdf34ff42faf45f387bd6ce9ae18322e
content-length
5104
fastly-io-warning
Failed to shrink image
x-served-by
cache-lcy-eglc8600034-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.027231,VS0,VE16
etag
"ocdP009B3XTyvH7R2mZ3E5KlDk/MAgW1DWdYFMP3gyM"
vary
Accept, User-Agent
content-type
image/jpeg
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
51354382065_44da789c3a_k-218x150.jpg
www.netflu.com.br/wp-content/uploads/2021/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2021/08/51354382065_44da789c3a_k-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
6c0411f1017b80f831ce929090ed55b5649a857b6774ddb2fcc6a43dac7ce649

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
ed6a5c0a289b4aa4bfeb6686d568f80f
x-cache
HIT, MISS
fastly-io-info
ifsz=4985 idim=218x150 ifmt=jpeg ofsz=4776 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
ec82b999d2b441c2b7700985aca18cc4
content-length
4776
x-served-by
cache-lcy-eglc8600042-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.036412,VS0,VE16
etag
"Q1K3WC9xGOMEE2Nkvw6NdX8+Z4hrprZSfUB9I5elKJc"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
torcida-fluminense-maracana-16-218x150.jpg
www.netflu.com.br/wp-content/uploads/2022/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2022/08/torcida-fluminense-maracana-16-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
f13756a398e1fc71738053edd79240d485bbd02db4fc4fd2d60c53f84299efea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
2881e3b092834258bbc195991042e7c6
x-cache
HIT, MISS
fastly-io-info
ifsz=4931 idim=218x150 ifmt=jpeg ofsz=4906 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
587dcc1966514f93b7da69a0e6332977
content-length
4906
x-served-by
cache-lcy-eglc8600050-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.042673,VS0,VE17
etag
"PfbbUatrUixktrThDKdYYiQ9yBL++sPMj8V2IqwXGzI"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
marcelo-lateral-2-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/02/marcelo-lateral-2-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
a5f583b2486d14d53ed27282df186413f4b0264a0f5bbe2566815dca378d56fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
10179a5395a44121967334284b127b54
x-cache
HIT, MISS
fastly-io-info
ifsz=5236 idim=218x150 ifmt=jpeg ofsz=4994 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
91ebce822ea24cbca90dbfa75cd9c1e8
content-length
4994
x-served-by
cache-lcy-eglc8600048-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.060965,VS0,VE15
etag
"LO2BdR25YmW01lcrA16jeLrF5d5MT9Q84UEVkRSsETg"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
3, 0
Lele-1-218x150.webp
www.netflu.com.br/wp-content/uploads/2023/02/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/02/Lele-1-218x150.webp
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
7c39f1e259655b162987d69c2c28f501142a34a2208a44d954030628c401f7ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
73af83c3ab114be5846de2ae2ed169ab
x-cache
HIT, MISS
fastly-io-info
ifsz=6642 idim=218x150 ifmt=webp ofsz=4408 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
a57cf5bf1f3047a7a6b38cd821287587
content-length
4408
x-served-by
cache-lcy-eglc8600045-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.065875,VS0,VE16
etag
"4HxcbR56sE//iinSo79SOs8hLljyF9NFA0pX584aoNg"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
5, 0
Luiz-Freitas-Palmeiras-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/Luiz-Freitas-Palmeiras-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
0ca020440d315ff46bdfd2802f602f82d14134c101cb1b337737b37af2373c09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
44c8d44efc604387b41e4b577231c3e8
x-cache
HIT, MISS
fastly-io-info
ifsz=3667 idim=218x150 ifmt=jpeg ofsz=3216 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
eadc4fa6612f410a9038ee05009e5c4d
content-length
3216
x-served-by
cache-lcy-eglc8600053-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.065845,VS0,VE22
etag
"pYfBAic7ozt0gw5p2jD1JHKnmZmhyYp0aSN3xIvK+os"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
cris-silva-218x150.jpg
www.netflu.com.br/wp-content/uploads/2022/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2022/04/cris-silva-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
a38ab89c216c2f20943cfbc80294add8d861d20de963fe501e6d6431baac1008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
1719eb69885a41b38287ea9a3ee2863a
x-cache
HIT, MISS
fastly-io-info
ifsz=7277 idim=218x150 ifmt=jpeg ofsz=7277 odim=218x150 ofmt=jpeg
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
bda1be4f6f3c461c8a489163cc11950a
content-length
7277
fastly-io-warning
Failed to shrink image
x-served-by
cache-lcy-eglc8600043-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.067346,VS0,VE16
etag
"L5qWpHzsYVe9rq/xCkeO1KOXeSgtiY+KfdjMCpeGo9c"
vary
Accept, User-Agent
content-type
image/jpeg
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
52602886466_c92d2e9a65_b-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/01/52602886466_c92d2e9a65_b-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
3784648f1018b4e483722f177bcd6dfa6fe99ce54f18016a4da3b36621792e4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
2f36a4e2f16e467a9df2b4b8b1a2f9ca
x-cache
HIT, MISS
fastly-io-info
ifsz=3971 idim=218x150 ifmt=jpeg ofsz=3172 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
da0a3cd209e14beb8532e1ffd529faa8
content-length
3172
x-served-by
cache-lcy-eglc8600024-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.075089,VS0,VE17
etag
"zd6bC1dxZEZcP9dXbh74eMAFHhbVI8yEMtAjMsx1KjQ"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
32945C0F-D912-45AF-B1E2-6724E65C2BDA-218x150.jpeg
www.netflu.com.br/wp-content/uploads/2023/03/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/32945C0F-D912-45AF-B1E2-6724E65C2BDA-218x150.jpeg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
854cf52b60b1274ca9fe53e04cb875e6c8d5e4671d47594c3d80dbb6176a399f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
0b5fd928f36b4561918544eba05e6f53
x-cache
HIT, MISS
fastly-io-info
ifsz=4962 idim=218x150 ifmt=jpeg ofsz=4576 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
b7dbc9ad0a2140a18307ea4ca5fe16d7
content-length
4576
x-served-by
cache-lcy-eglc8600035-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.081649,VS0,VE16
etag
"U6YEpmsYlleiBNyVYdzmMf6R2BsMQHY6DLKG9B2UbN4"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
Lele-Fluminense-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/Lele-Fluminense-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
4c6c7e075758bdd53b08a0983024ff09b8226e8b317467536814b98a805da6d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
831b2da3cfef43b793575dbcd590c7da
x-cache
HIT, MISS
fastly-io-info
ifsz=4843 idim=218x150 ifmt=jpeg ofsz=4644 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
95f4c82f4fb14e2b92f2290a0afcb004
content-length
4644
x-served-by
cache-lcy-eglc8600020-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.098903,VS0,VE15
etag
"06YMpKfSHKBN+zmhoi/8w0XFQItJlSZK+sE+3bXhBYY"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
3, 0
985475-678x381-1-218x150.png
www.netflu.com.br/wp-content/uploads/2023/02/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/02/985475-678x381-1-218x150.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
74ee2c231b1f4742bb370658d019cf013f33f842858a3998198ca02dc4de517e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
69dd2bb21aae47c287b4697c5be5cf2b
x-cache
HIT, MISS
fastly-io-info
ifsz=74344 idim=218x150 ifmt=png ofsz=51104 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
0faa3b71c06b4a339453d24146d2f8f5
content-length
51104
x-served-by
cache-lcy-eglc8600047-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.107718,VS0,VE17
etag
"0/ghN3kffi91/dTRIsr/MZrS6V8crb7pGmxos/K5Hfs"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
Kaua-Elias-218x150.png
www.netflu.com.br/wp-content/uploads/2023/03/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/Kaua-Elias-218x150.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
397e60a319234c1c4671833988b7efd653f08cb96853f83bff20a4900b66b13e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
5f6312ccffbf4bc492093f33a82c8729
x-cache
HIT, MISS
fastly-io-info
ifsz=43059 idim=218x150 ifmt=png ofsz=26198 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
7811cdab22524827a936fb67d869c607
content-length
26198
x-served-by
cache-lcy-eglc8600053-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.109533,VS0,VE18
etag
"mAVXdSpx4WOwxghf5YcNTxfGkyl6x1tAstaYJKNOxuw"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
3, 0
treino-fluminense-ct-carlos-castilho-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/02/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/02/treino-fluminense-ct-carlos-castilho-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
38418db13b2a5bb9de1e695a7764553a0a7e3093f3926097bf7c447de91225d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
7bc631eada294584bed14267181e7f9a
x-cache
HIT, MISS
fastly-io-info
ifsz=6902 idim=218x150 ifmt=jpeg ofsz=6902 odim=218x150 ofmt=jpeg
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
e7843689b3824e739a74bee6ce3b9b2d
content-length
6902
fastly-io-warning
Failed to shrink image
x-served-by
cache-lcy-eglc8600054-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.114693,VS0,VE16
etag
"xQWEHK64z41Z/RDSHgZ+igPXoEc0BBRq9AlCZjX+HJU"
vary
Accept, User-Agent
content-type
image/jpeg
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
3, 0
Marcelo-lateral-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/Marcelo-lateral-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
a973aebf0d10840e4f029b6374fcbd096d0420f340e6cea38ae4c006a9d95922

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
8687a6852bba47d4aed812fa1e743d56
x-cache
HIT, MISS
fastly-io-info
ifsz=5673 idim=218x150 ifmt=jpeg ofsz=4768 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
905bc30161d04766af385d3cb6174f92
content-length
4768
x-served-by
cache-lcy-eglc8600049-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.118206,VS0,VE15
etag
"T1zWUGYmEYpzGX4eJ70kevdyBZhJonZ88/T0W7C14m4"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
3, 0
gabriel-pirani-218x150.png
www.netflu.com.br/wp-content/uploads/2023/03/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/gabriel-pirani-218x150.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
fc961dd9968e4fe675480ff46e9d538471f54575b7d3594c7321d4a34bfd73f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
4e12f8f1cc974ef9836135bc43a9321d
x-cache
HIT, MISS
fastly-io-info
ifsz=63614 idim=218x150 ifmt=png ofsz=38586 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
84e139cea66544c2bff82a2c61262ba7
content-length
38586
x-served-by
cache-lcy-eglc8600027-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.122194,VS0,VE17
etag
"AWIVUD4wwq6BkRv3JRzwAsAS1Xjf8OHBWB8F+d4w8Ag"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
marcelo-lateral-3-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/02/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/02/marcelo-lateral-3-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
4311c1c3fa05b43379c0ca3c97b9e7f2672487040eff78fbfc6044117e4e524d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
39dc16afb1c64f40ab6548ad8acdf7ad
x-cache
HIT, MISS
fastly-io-info
ifsz=5988 idim=218x150 ifmt=jpeg ofsz=5954 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
c2c2274b61ec441bbe827e3b85aeba92
content-length
5954
x-served-by
cache-lcy-eglc8600045-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.142692,VS0,VE16
etag
"9dxPG9tGyXxwCqpRAU+1RYH0BjZFWm0gn+nIpICALeo"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
5, 0
20210529212205255660o-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/20210529212205255660o-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
2aaf0b9f43f75589a82e7dc8066a60c364900e24678ceea3f51bc269cbd00175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
da71ac0cd2174181a29cca375b88914e
x-cache
HIT, MISS
fastly-io-info
ifsz=4569 idim=218x150 ifmt=jpeg ofsz=4170 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
0a2ee8b7a9e64c9c81d7a28d95a6eac3
content-length
4170
x-served-by
cache-lcy-eglc8600024-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.148855,VS0,VE21
etag
"RGwBhSGSfESvq9LmgIuSD2jey81Qo1qDd0SSADbnBSc"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
jhon-arias-12-218x150.jpg
www.netflu.com.br/wp-content/uploads/2022/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2022/08/jhon-arias-12-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
02ef63b1ce61513fda2e1e244e0145eea17dba72cd12de4ec079375a1cca9a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
22b2282863ec41668fa14f360727ee6c
x-cache
HIT, MISS
fastly-io-info
ifsz=5666 idim=218x150 ifmt=jpeg ofsz=5662 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
ba4870650d364ac5a8c889b1f004fae1
content-length
5662
x-served-by
cache-lcy-eglc8600024-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.152042,VS0,VE17
etag
"Fu28vwVeF9rZ3a1oYoUPe2fJp17xTNWF1196HVoTIwY"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
whatsapp-image-2023-03-01-at-13.53.34-218x150.jpg
www.netflu.com.br/wp-content/uploads/2023/03/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/whatsapp-image-2023-03-01-at-13.53.34-218x150.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
df34ccd80a1d2262c4a1f316bfe36f87be4de1fabd02e025144ed071fce2274e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
48bad1ba288b451ebe13665fca60b9c1
x-cache
HIT, MISS
fastly-io-info
ifsz=5542 idim=218x150 ifmt=jpeg ofsz=5460 odim=218x150 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
8a6ddec398e14e58940ac073cc488d75
content-length
5460
x-served-by
cache-lcy-eglc8600040-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.152899,VS0,VE17
etag
"0gBKTunGKNIbat92WyNOpFmIpayECPJrxz9rTmpyKC8"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
store.min.js
cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/store.min.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
14569932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
994
last-modified
Mon, 04 May 2020 16:16:28 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fdc-a35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVUpiuem5tbwKOhZ2ZrQp2CBuVmU%2Byyq88oE4F9QYSSVBpoQWutfs65y1IHvWPkMJgrG5G2cvHkMYEF84uWqeeI62HHy6BvRbTbQs03rpvr0e7qu3qKV7SA5O3P6LORy5bFPRhEOxIQKkVbo73rWMcHe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a1a38c1a9b191cf-FRA
expires
Tue, 20 Feb 2024 14:10:10 GMT
netflu.js
embed.dugout.com/v3.1/ 		473 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.dugout.com/v3.1/netflu.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1e00:8:ced9:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
432c0da404eca5c07da8c90bdf265fd6f41228dfd7c49ad277a6eb527b5d4ff3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
content-encoding
gzip
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
x-amz-cf-id
UWWCESTF_9UvOtB3ofcar4EkY480TS5P8vW8VW8MbvnCrF1ByzG9DA==
pirani-320x220.png
www.netflu.com.br/wp-content/uploads/2023/03/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/pirani-320x220.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
55350e318a83be1be76588f5f3879559b8569580e19c05e0392d78bd7a8066fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
513373648f1d4328859955c25957b6e2
x-cache
HIT, MISS
fastly-io-info
ifsz=120144 idim=320x220 ifmt=png ofsz=73290 odim=320x220 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
1be85afc0173449c936fc39ae89bfcfd
content-length
73290
x-served-by
cache-lcy-eglc8600029-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.156500,VS0,VE20
etag
"76PbgcpMO+Xm2Dp72Xnj4H+Xu0idu46uSviWO2FjMPc"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
ico-video-large.png
www.netflu.com.br/wp-content/themes/Newspaper/images/icons/ 		588 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/themes/Newspaper/images/icons/ico-video-large.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
dd03d6417d3b1b99d8293267f3f42baeec380fb0e8b29459750e1fc8d8273a94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
8fae728e5582421c85b05c2d87b3a1af
x-cache
HIT, MISS
fastly-io-info
ifsz=695 idim=40x40 ifmt=png ofsz=588 odim=40x40 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
809a9cf042b84762ac0afeda98778cbc
content-length
588
x-served-by
cache-lcy-eglc8600030-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.161574,VS0,VE17
etag
"0tKWyOe6Bt5VxI3pl/sgxYTpHleczu9zdmoCLC6z6Kw"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
gabriel-pirani-356x220.png
www.netflu.com.br/wp-content/uploads/2023/03/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/gabriel-pirani-356x220.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
04365a5f7f58164a78bf9559bddea95e542a5b3519a17d768171f7d7b66a6406

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
725866531b664c9d9587a4fdf86103e8
x-cache
HIT, MISS
fastly-io-info
ifsz=128494 idim=356x220 ifmt=png ofsz=77900 odim=356x220 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
9211685a08c645f49d6ff4a809037e6d
content-length
77900
x-served-by
cache-lcy-eglc8600045-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.182467,VS0,VE17
etag
"AofDdGrZjqCILjTr7eGB3gsFTJFcRHQYXPpwr7O3d4I"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
6, 0
l-356x220.png
www.netflu.com.br/wp-content/uploads/2023/03/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/03/l-356x220.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
d84f85dd897bd82753ed9407e1cc3ba97f2e945755659749482b7e84ff8ce406

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
89ec3b939207498ead0c735a586f0860
x-cache
HIT, MISS
fastly-io-info
ifsz=102044 idim=356x220 ifmt=png ofsz=59186 odim=356x220 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
61baa470518248eabc17490a148cddd7
content-length
59186
x-served-by
cache-lcy-eglc8600021-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.214998,VS0,VE23
etag
"JVJygbkA7dSs2zcppaepJtDMoQg6Ag8KjQlV8XuWu2s"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
fernando-diniz-10-324x235.jpg
www.netflu.com.br/wp-content/uploads/2023/01/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/01/fernando-diniz-10-324x235.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
02f53a9dfffbdd30e9507786515c408dbfa32bd23338fb5d5bcf769620a30353

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
b5b0ea5028324aea98ecfb4edfe12878
x-cache
HIT, MISS
fastly-io-info
ifsz=8654 idim=324x235 ifmt=jpeg ofsz=7558 odim=324x235 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
a9bc64a2222e43dc9c40d9250bf2c895
content-length
7558
x-served-by
cache-lcy-eglc8600047-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.216613,VS0,VE16
etag
"UcMXFfS7JJvPuu1WCcbK+92SaHfrP8Uoet35ohR93Tw"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
Torcida-do-Fluminense-no-Maracana-1-100x70.jpeg
www.netflu.com.br/wp-content/uploads/2022/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2022/09/Torcida-do-Fluminense-no-Maracana-1-100x70.jpeg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
33fa986d768705d4ff2d14a66ca676c3b1fa5175f517c706ada1ce596ab089e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
f075a6dfc0a84ebe98f162b2a0a9a131
x-cache
HIT, MISS
fastly-io-info
ifsz=1857 idim=100x70 ifmt=jpeg ofsz=1542 odim=100x70 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
0c9f713e8e0a41259348412720c07056
content-length
1542
x-served-by
cache-lcy-eglc8600037-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.217195,VS0,VE17
etag
"gH35lUezzsMzEDDnfWFMCe7rHsuMqIYqLRmnAda3JmE"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
5, 0
fernando-diniz-5-100x70.jpg
www.netflu.com.br/wp-content/uploads/2023/01/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/01/fernando-diniz-5-100x70.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
9627511fc05770f9ce620477fc9d35ea9e81395aafec6cd856cae2890a568600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
c82e7b3ecd0542ee8f3eec6f59781bcb
x-cache
HIT, MISS
fastly-io-info
ifsz=1783 idim=100x70 ifmt=jpeg ofsz=1376 odim=100x70 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
4ed56a8e26df4c8e9e916ccd62a103a1
content-length
1376
x-served-by
cache-lcy-eglc8600053-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.217702,VS0,VE19
etag
"uB+bcSzPgD0nTn15LrFLgSmtpXNBNx9ubv7ICw3r4To"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
vitorc-100x70.jpg
www.netflu.com.br/wp-content/uploads/2023/01/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/01/vitorc-100x70.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
866bdf3e5f0f342e234155d88f148b2f49982412e32f9955f75c8e429a271b7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
7c41190edc69420e97c62636384571e6
x-cache
HIT, MISS
fastly-io-info
ifsz=2460 idim=100x70 ifmt=jpeg ofsz=2460 odim=100x70 ofmt=jpeg
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
7605d0f720154963b769206a81008d6a
content-length
2460
fastly-io-warning
Failed to shrink image
x-served-by
cache-lcy-eglc8600052-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.241181,VS0,VE17
etag
"mhriVxazmc12p0AFA/BXFuxZVGJJwaKrCTZCm3LERyk"
vary
Accept, User-Agent
content-type
image/jpeg
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
diniz-4-100x70.jpg
www.netflu.com.br/wp-content/uploads/2023/01/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netflu.com.br/wp-content/uploads/2023/01/diniz-4-100x70.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
16cdb207a2070fb7eb76737f8a71663835fd383cf029f0471d28bc24e4ae76de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
cc9820e8c0e643cbb68321e206ce6072
x-cache
HIT, MISS
fastly-io-info
ifsz=2209 idim=100x70 ifmt=jpeg ofsz=2068 odim=100x70 ofmt=webp
mrf-cache-status
HM
fastly-stats
io=1
x-b3-traceid-primal
53c18d21995e424a83ab2df59f11cd27
content-length
2068
x-served-by
cache-lcy-eglc8600051-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.242359,VS0,VE16
etag
"Y8rGQyvHAvWiPKf/v1H3ucuRhXxC/hQxebZ4S7t2AvM"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 0
resizer.js
www.netflu.com.br/wp-content/plugins/marfeelpress/includes/base/src/resources/js/ 		681 B
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-content/plugins/marfeelpress/includes/base/src/resources/js/resizer.js?ver=6.1.1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
67f91e33374ee1809e741a8cde5fd171a4eaa8b599bada4d6a97b9293da307a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
416ed303de2b46528689b259b5802280
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
b4c10fe4d1a54c85a483b5b4c5891b71
content-length
681
x-served-by
cache-lcy-eglc8600049-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.850654,VS0,VE24
etag
"6217815e-2a9"
vary
User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
11, 0
tagdiv_theme.js
www.netflu.com.br/wp-content/themes/Newspaper/js/ 		417 KB
417 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-content/themes/Newspaper/js/tagdiv_theme.js?ver=6.7.2
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
fa7d55d27ec619928ad9acf30788d1e64cc18247cc1746e89722260c6a8c5ae8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
24332be0c6b040b68fb570cbe0541d21
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
36f8a8ba822e4dd0a115df979ded0064
content-length
426772
x-served-by
cache-lcy-eglc8600029-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.850341,VS0,VE17
etag
"5e4f4d4b-68314"
vary
User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
15, 0
comment-reply.min.js
www.netflu.com.br/wp-includes/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-includes/js/comment-reply.min.js?ver=6.1.1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
5e4bc4b2035f4ecabf8ac781b7f76c24
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
e66f8a48be02461a9a4c45a17ca7c981
content-length
2981
x-served-by
cache-lcy-eglc8600050-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.850317,VS0,VE16
etag
"63537c17-ba5"
vary
User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
3, 0
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.1.1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3565ea346e63fda91cc67ba8fc11e95b7482d5873a4f4c6a47c4185b772d9a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
128
etag
W/"5ffd70753209ca4d09cfef90e7c44df3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7a1a38c2788a9b69-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 Mar 2023 14:10:10 GMT
js_composer_front.min.js
www.netflu.com.br/wp-content/plugins/js_composer/assets/js/dist/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.10.0
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
9cbaaf1f6fec4ed78f7616d68e7f7ce2
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
4d544375c62343918a17e5f3f684f9ed
content-length
20050
x-served-by
cache-lcy-eglc8600051-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.850275,VS0,VE16
etag
"634e279f-4e52"
vary
User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
3, 0
e9a681f6-bffa-4344-8870-242d6a0a253d-loader.js
d335luupugsy2.cloudfront.net/js/loader-scripts/ 		13 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/loader-scripts/e9a681f6-bffa-4344-8870-242d6a0a253d-loader.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-175.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
fuwbwnVjAXaaC6PNsOAnS0Oo.lHk0nXu
date
Thu, 02 Mar 2023 14:10:12 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 13:12:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"8e742d11d6b24c401e35f3b516726584"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
13
x-amz-cf-id
raoePBQgYENrA0StDUKIocLkeJVgY6vJYFLnufhY4DItHy1PjF5zOg==
rt.js
www.netflu.com.br/apostas/wp-content/themes/cheerup/js/ 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/apostas/wp-content/themes/cheerup/js/rt.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
fd69a7986deb8054e40038791bfcdd8ce3bfe3006949bb27677a00e9effaad66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
6bc6c1b29ca94c24a391b0d33aa0932b
x-cache
MISS
mrf-cache-status
M
x-b3-traceid-primal
6bc6c1b29ca94c24a391b0d33aa0932b
content-length
15633
x-served-by
cache-hhn-etou8220076-HHN
mrf-tech
CDN
last-modified
Wed, 04 Jan 2023 15:04:47 GMT
server
nginx/1.17.4
x-timer
S1677766211.254515,VS0,VE167
etag
"63b5958f-3d11"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
1624-6788-01.js
t.seedtag.com/t/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/t/1624-6788-01.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b974c77e1cb9d144501afd0f8df482126fd29af2fa3aac5ac33c6cbb57fcb0c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
via
1.1 google
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
etag
W/"abba-qxY+/rguvp1zfLkrSVOuf9UrYCs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1200
cf-ray
7a1a38c28d0891ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 02 Mar 2023 14:30:10 GMT
netflu.js
autozep.adzep.com.br/config/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://autozep.adzep.com.br/config/netflu.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:38c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1545e430380b71b38a512b6d5e3294f3f95e06db39b51eeef220fb47855cb521

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
763
cf-polished
origSize=4003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 13:07:25 GMT
server
cloudflare
etag
W/"64009f8d-fa3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6QGaylN2s8kSczI6YsIir%2BrEos7o5zql4vhzgjMNoLsR1ctz%2BjfX4d3iLLeGrTuEFvVgWV74wMMRq3nuquhfejsMRqxIf8XBIZhdm9VnXY9WaWK0ni209m6SavSTTzr1PeJu6a0KyFacLaysToz7v2biw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
7a1a38c32b4b916a-FRA
main.d.js
live.mrf.io/www.netflu.com.br/ 		13 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.mrf.io/www.netflu.com.br/main.d.js
Requested by
Host: live.mrf.io
URL: https://live.mrf.io/statics/marfeel/gardac-sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
via
1.1 43334f58904cd7106ee523ee0361b402.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
7e9037b0221349178d72cd76669857ce
x-amz-cf-pop
YUL62-C2
x-mrs-cache
REFRESHING
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
R-HH
x-mrf-rendered
1677448856160
x-mrs-age
0
x-b3-traceid-primal
a8b32d7415b642199e4abbf54b73b6f5
content-length
13
x-mshield-cache-status
REFRESHING
x-served-by
mshield-b-02, haproxy2, cache-yul12821-YUL, cache-hhn-etou8220026-HHN
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1677766211.842659,VS0,VE4
etag
"067e866c735744ec6037b77b623ee022d"
x-mrf-shard
0
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin, Date
cache-control
public, max-age=61
x-mrs-cache-hits
0
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
kUbBY7KNVnNhcQaVojAitiNWb6DIOKh6OqlN9-f5y_s48w1bd_Re9Q==
x-cache-hits
2, 1
wp-emoji-release.min.js
www.netflu.com.br/wp-includes/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
x-b3-traceid
8f80887273be491abd9e87437589a655
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
aca2a2d977ec477aade3aa46d9c2af0a
content-length
18617
x-served-by
cache-lcy-eglc8600026-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.256734,VS0,VE18
etag
"63537c17-48b9"
vary
User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
16, 0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Mar 2023 12:14:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6920
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 02 Mar 2023 14:14:50 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		97 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1268
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b847bd3787cf04c4e33fff5c2f82a1e0c99cefaaa26d8e4de9676735ba1232ea

Request headers

Referer
https://www.netflu.com.br/
Origin
https://www.netflu.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time
6ms
date
Thu, 02 Mar 2023 14:10:10 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Thu, 02 Mar 2023 07:23:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
13
accept-ranges
bytes
cf-ray
7a1a38c22d752bc3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28043
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-39.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 00:58:17 GMT
content-encoding
gzip
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
47514
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
0T6QcT8zYp_9iz3LL6Y-mv22IxT4XSn93uHZ8JWSv0qKrryrakgZCw==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A500%2C400italic%2C700%2C500italic%2C400%2C300&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.netflu.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:13:56 GMT
x-content-type-options
nosniff
age
3374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 13:13:56 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C400%2C600%2C700&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.netflu.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 19:34:57 GMT
x-content-type-options
nosniff
age
585313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 19:34:57 GMT
newspaper.woff
www.netflu.com.br/wp-content/themes/Newspaper/images/icons/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?8
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/wp-content/themes/Newspaper/style.css?ver=6.7.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
aba55d83602476cb099be3edff5d2264d00081c45f69e5ecef881a1cb8fbb6bd

Request headers

Referer
https://www.netflu.com.br/wp-content/themes/Newspaper/style.css?ver=6.7.2
Origin
https://www.netflu.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
x-b3-traceid
7b03f7d128274889a6d09d806f15eb59
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
4aa9a5f632a0482c89d14241193769c7
content-length
14296
x-served-by
cache-lcy-eglc8600034-LCY, cache-hhn-etou8220076-HHN
mrf-tech
CDN
server
nginx/1.17.4
x-timer
S1677766211.876076,VS0,VE16
etag
"5e4f4d4b-37d8"
vary
User-Agent
content-type
font/woff
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
2, 0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A500%2C400italic%2C700%2C500italic%2C400%2C300&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.netflu.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 16:57:30 GMT
x-content-type-options
nosniff
age
76360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:57:30 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C400%2C600%2C700&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.netflu.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 19:37:29 GMT
x-content-type-options
nosniff
age
585161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 19:37:29 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/863330933/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863330933/?random=1677766210961&cv=11&fst=1677766210961&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&auid=1584816808.1677766211&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-863330933
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3337576b01b47831121d2692c99c4f4a471fed2a92a6cf9e1bda082440119ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1266
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/863330933/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/863330933/?random=1677766210974&cv=11&fst=1677766210974&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=EAkoCPSi2NEBEPXE1ZsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&gtm_ee=1&auid=1584816808.1677766211&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-863330933
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a8bf83f4dd5e4d4496d1fac4688570a89efb83591d43312a7e6554b89c7f127e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1601
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JXN5WJ3NNM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-863330933
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd7f439de7d4f8a5df97569998c72de112d9d94880d06cbd35088678e7666d3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77991
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 Mar 2023 14:10:10 GMT
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=613259006&t=pageview&_s=1&dl=https%3A%2F%2Fwww.netflu.com.br%2F&ul=en-us&de=UTF-8&dt=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1632794533&gjid=264852372&cid=1112351711.1677766211&tid=UA-6457120-1&_gid=432516788.1677766211&_r=1&_slc=1&z=551134167
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.netflu.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.netflu.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ingest.php
events.newsroom.bi/ 		50 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1268
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.159.24 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy02.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://www.netflu.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.netflu.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b3&cv=3.8.0.210223&ns__t=1677766211017&ns_c=UTF-8&c7=https%3A%2F%2Fwww.netflu.com.br%2F&c8=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&c9=
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-39.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
XCTDQWGm8FPAi9PiV_WluLHk2AYDBks_eUdEM2yBW3ORzLkq5s9ESg==
x-cache
Miss from cloudfront
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6457120-1&cid=1112351711.1677766211&jid=1632794533&gjid=264852372&_gid=432516788.1677766211&_u=IEBAAEAAAAAAACAAI~&z=1186026832
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.netflu.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 02 Mar 2023 14:10:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.netflu.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JXN5WJ3NNM&gtm=45je32r0&_p=613259006&cid=1112351711.1677766211&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677766211&sct=1&seg=0&dl=https%3A%2F%2Fwww.netflu.com.br%2F&dt=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXN5WJ3NNM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.netflu.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-6457120-1&cid=1112351711.1677766211&jid=1632794533&_u=IEBAAEAAAAAAACAAI~&z=466388133
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-6457120-1&cid=1112351711.1677766211&jid=1632794533&_u=IEBAAEAAAAAAACAAI~&z=466388133
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/863330933/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/863330933/?random=1677766210961&cv=11&fst=1677765600000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=598125986&rmt_tld=0&ipr=y
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/863330933/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/863330933/?random=1677766210961&cv=11&fst=1677765600000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=598125986&rmt_tld=1&ipr=y
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/863330933/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863330933/?random=1229790690&cv=11&fst=1677766210974&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=EAkoCPSi2NEBEPXE...
  • https://www.google.com/pagead/1p-conversion/863330933/?random=1229790690&cv=11&fst=1677766210974&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=EAkoCPSi2NEBEPXE1ZsD&hn=www.googleads...
  • https://www.google.de/pagead/1p-conversion/863330933/?random=1229790690&cv=11&fst=1677766210974&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=EAkoCPSi2NEBEPXE1ZsD&hn=www.googleadse...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/863330933/?random=1229790690&cv=11&fst=1677766210974&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=EAkoCPSi2NEBEPXE1ZsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&gtm_ee=1&auid=1584816808.1677766211&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVlBcVZVdjhRZHpBVzVyanpxUnJkVUpVTXJUN0Q1dHVlOUxzMkwycXpWMzNkbWg3MERXUFEaWkNoRUlnSy1Cb0FZUW4tVHd4Sl8tNTlfN0FSSXVBQTFJTlZBbnhOcHZ6YmdPTUFZdmM4dWU5Z2p1U21XUmhkbUhCQWY2ZTVSVTVzdjVBUmJ2NWlJSml0UjlaZw&is_vtc=1&ocp_id=Q64AZOzUEtPVxwLGnoq4Bg&cid=CAQSKQDUE5ymkYVWj_XC6RYhKJB1FM9FOvb99H6Q1wf1E0S7GSbPocqvfpdr&random=1375270364&ipr=y&prhg=0
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/863330933/?random=1229790690&cv=11&fst=1677766210974&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=EAkoCPSi2NEBEPXE1ZsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&gtm_ee=1&auid=1584816808.1677766211&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVlBcVZVdjhRZHpBVzVyanpxUnJkVUpVTXJUN0Q1dHVlOUxzMkwycXpWMzNkbWg3MERXUFEaWkNoRUlnSy1Cb0FZUW4tVHd4Sl8tNTlfN0FSSXVBQTFJTlZBbnhOcHZ6YmdPTUFZdmM4dWU5Z2p1U21XUmhkbUhCQWY2ZTVSVTVzdjVBUmJ2NWlJSml0UjlaZw&is_vtc=1&ocp_id=Q64AZOzUEtPVxwLGnoq4Bg&cid=CAQSKQDUE5ymkYVWj_XC6RYhKJB1FM9FOvb99H6Q1wf1E0S7GSbPocqvfpdr&random=1375270364&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ssusersync
tv.springserve.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.springserve.com/ssusersync
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.156.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-156-6.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
35dae3e6ab79df765c47114987e2554087caf8ae5ee7cefd0323a4c750130c51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Mar 2023 14:10:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
5158
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
pubads_impl_2023022801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccd9121a14b7d9a66e942de02634cb4058f3b8faa32ae268a14fb6a8fe301d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:44:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132270
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 09:36:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 29 Feb 2024 11:44:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.netflu.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6586d422ecbf32568a6e2248f541f6b6bbd216797b84c8e90a3891cf22a32bd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
x-xss-protection
0
expires
Thu, 02 Mar 2023 14:10:11 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A500%2C400italic%2C700%2C500italic%2C400%2C300&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.netflu.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 12:23:05 GMT
x-content-type-options
nosniff
age
6426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 12:23:05 GMT
t3m.js
tags.t.tailtarget.com/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
c5069d5859762e144dd21e117ecb7f9534041b8ade694d370196ef824b825683

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:06:01 GMT
content-encoding
gzip
via
1.1 google
age
3850
x-guploader-uploadid
ADPycdt2GZsx5UJS_xgM8klKtPw40IaOu5Y8bUgamVaVo3shpWIIDGrC5RMg2Pb78leaxHaQ5ul2myK4acHupAVgDjK2AQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21237
last-modified
Thu, 08 Dec 2022 19:57:19 GMT
server
nginx/1.8.1
etag
"49a4c682460b470d4ff3a0b23a4e8189"
vary
Accept-Encoding
x-goog-generation
1670529439078058
x-goog-hash
md5=SaTGgkYLRw1P86CyOk6BiQ==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
21237
accept-ranges
bytes
expires
Thu, 02 Mar 2023 15:06:01 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3af293c92bffe2f5f6f31753be6de274bf677ee5c4de05428cf394d63d4941
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
140
etag
W/"725985d8b3cb9e8905cfe4c97cc83600"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7a1a38c64db59b69-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 Mar 2023 14:10:11 GMT
rt.php
www.netflu.com.br/apostas/ 		25 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.netflu.com.br/apostas/rt.php
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/apostas/wp-content/themes/cheerup/js/rt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.17.4 / PHP/7.4.33
Resource Hash
a9aa9ec7ef3ec92e7eb52220a9f0cb578ff2ba0a71cb3e9c1a0b828857529fcc

Request headers

Referer
https://www.netflu.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded;

Response headers

x-served-by
cache-hhn-etou8220076-HHN
date
Thu, 02 Mar 2023 14:10:11 GMT
mrf-tech
CDN
server
nginx/1.17.4
x-b3-traceid
06abda17cc0045d2bb3d00389a519c22
x-timer
S1677766212.564018,VS0,VE90
x-powered-by
PHP/7.4.33
vary
User-Agent
x-cache
MISS
content-type
text/html; charset=UTF-8
mrf-cache-status
M
x-b3-traceid-primal
06abda17cc0045d2bb3d00389a519c22
accept-ranges
bytes
x-cache-hits
0
st_1.17a03fafd33041050d3b.js
t.seedtag.com/c/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_1.17a03fafd33041050d3b.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/1624-6788-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
060d53c5830750d5c4211d637be7c22ae55b9b7310aae674e9435ed67f4f5162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
5958
x-guploader-uploadid
ADPycdsYZlm7vBKmtOJnSH9I2KRfjBXsb1Ivj8UJ9o250HSSAafWZ57C8NNfENtZWFh3wS-MUimulEAI-nvmi-GxMp8WeGNVP8jL
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 02 Mar 2023 12:30:43 GMT
server
cloudflare
etag
W/"07a1eac5d0e1d0f7682faaea72ef2383"
vary
Accept-Encoding
x-goog-hash
crc32c=lb0e3g==, md5=B6HqxdDh0PdoL6rqcu8jgw==
x-goog-generation
1677760243012463
content-type
application/javascript
cache-control
public, max-age=31530032
x-goog-stored-content-length
17436
cf-ray
7a1a38c64a7291ed-FRA
expires
Fri, 01 Mar 2024 12:30:43 GMT
st_0.2198981f6aeb1efb456f.js
t.seedtag.com/c/ 		338 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_0.2198981f6aeb1efb456f.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/1624-6788-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0396ab8504cd6f62973980510e7921ca2c4e768e62dc13086b8cd560cac6c76d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
5956
x-guploader-uploadid
ADPycduX4ZVA63M1iOWh-isA5A3HRLN8KEMTwoh_ihDHxglwqW6uYFVGxKlPnJdmhMrhUZQHy-aKAuXhIgoR_n4iwf9FGlhEX0MD
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 02 Mar 2023 12:30:43 GMT
server
cloudflare
etag
W/"19f05d59fb17cac0a8a2cc1a32bcc5eb"
vary
Accept-Encoding
x-goog-hash
crc32c=6KQmjQ==, md5=GfBdWfsXysCooswaMrzF6w==
x-goog-generation
1677760243047269
content-type
application/javascript
cache-control
public, max-age=31530032
x-goog-stored-content-length
95973
cf-ray
7a1a38c64a7691ed-FRA
expires
Fri, 01 Mar 2024 12:30:43 GMT
st_5.6120d8e685b8d18cdcf1.js
t.seedtag.com/c/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_5.6120d8e685b8d18cdcf1.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/1624-6788-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b480d72fda5593368c517773b775e20e416461b9e446f730c0ba715fc215206

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
5956
x-guploader-uploadid
ADPycdvQdLlBm4YxrBWp8HmclU6kMoxe8t8_zmpuUgkgnSCHy8Oy3aOVZDmuzLgr4IngNI8RGIynIpqeAiZjgeWWu60Rxk3Prlng
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 02 Mar 2023 12:30:43 GMT
server
cloudflare
etag
W/"ce0346ed82bd4ac9eed4fc81b4f1745c"
vary
Accept-Encoding
x-goog-hash
crc32c=SGb6Ww==, md5=zgNG7YK9Ssnu1PyBtPF0XA==
x-goog-generation
1677760243384848
content-type
application/javascript
cache-control
public, max-age=31530032
x-goog-stored-content-length
4872
cf-ray
7a1a38c64a7891ed-FRA
expires
Fri, 01 Mar 2024 12:30:43 GMT
autozep.js
autozep.adzep.com.br/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://autozep.adzep.com.br/autozep.js
Requested by
Host: autozep.adzep.com.br
URL: https://autozep.adzep.com.br/config/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:38c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b1690a74ecff077522c6b5daa12b94f8b2b37394c4801de976343e85c0b318

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 13:29:29 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=25146
etag
W/"6400a4b9-623a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cygELUgrzuJOMDGig0ADL61YbQNLTDzGFeiNJFJFYcn2wTa7k0ocxlfjlvRbnO7UwNkD2rLlhw6hlTv%2FleDUDvpJ89CErupOM4ixuzvAi21JH0Pspy%2Bj9NJZq%2B2080EE%2FPgejOTM%2FZz1%2B21PZhPTsTUwXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
7a1a38c64858916a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
netflu.com.br.js
intersc.igaming-service.io/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intersc.igaming-service.io/netflu.com.br.js?ver=202332
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:6c00:17:1c9a:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81f03cc39c2ec2a17a1b365d08704a62c9073079783d1a66087fc1c46a262e8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 17:10:23 GMT
content-encoding
gzip
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 13:40:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
75589
x-amz-server-side-encryption
AES256
etag
W/"d505041c675f968099df378d7fd65c31"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
0FGEKpOxKrZMDop33HfJu4XA0jbd-hzRKjq-SHv1BRAaT2KP_mj8OA==
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A500%2C400italic%2C700%2C500italic%2C400%2C300&ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.netflu.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 20:58:20 GMT
x-content-type-options
nosniff
age
148311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Feb 2024 20:58:20 GMT
14048
rtb.gumgum.com/usync/ Frame B513 		55 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: tv.springserve.com
URL: https://tv.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.223.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-223-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
74b03851b17506833b0506eb8292bd9842e5b32aaaccb1b5553fa967b65db792

Request headers

Referer
https://www.netflu.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 02 Mar 2023 14:10:11 GMT
etag
W/"0656d408e84feebb88e950b10efb49503"
server
nginx
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F6E2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: tv.springserve.com
URL: https://tv.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.netflu.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=78458
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 02 Mar 2023 14:10:11 GMT
expires
Fri, 03 Mar 2023 11:57:49 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
sync.springserve.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.springserve.com%252Fusersync%253Faid%253D1000001%2526gdpr%253D1%2526gdpr_consent%253D%2526us_privacy%253D%2526uuid%253D%2524UID
  • https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=1656581579555146187
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=1656581579555146187
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Server
52.17.250.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-250-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Mar 2023 14:10:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Date
Thu, 02 Mar 2023 14:10:11 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.21; 217.114.218.21; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
234f8f93-0abc-4a16-b038-005f9b6b8ef9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=1656581579555146187
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
syncb
sync.bfmio.com/ 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/syncb?pid=111&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.189.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-189-182.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 02 Mar 2023 14:10:11 GMT
usersync
sync.springserve.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184932&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%2...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=184932&us_...
  • https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=ZACuQ0pg9LL.x0NqimZP2gAA%261171
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=ZACuQ0pg9LL.x0NqimZP2gAA%261171
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Server
52.17.250.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-250-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Mar 2023 14:10:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=II1lVmJ3g1JE%2FB9KnIvwA9WBO%2Bm%2F9KjzL4DUcZbmGeSMjjdEzORoqJe9eNv%2FAhwmvRsTkFbKdhZfWOI%2B3VaR80aAmBx7KCXSqO%2FLixKldWOUmp8T7Ny%2FX6LI3d99UgPCIHW9Qp3F"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=ZACuQ0pg9LL.x0NqimZP2gAA%261171
cache-control
no-cache
cf-ray
7a1a38c77d6f382a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
sync
ups.analytics.yahoo.com/ups/58185/
Redirect Chain
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
0
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
date
Thu, 02 Mar 2023 14:10:11 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.25
content-length
373
content-language
en
prebid
rtb.openx.net/sync/ 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7BUID%7D
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
qhr1tn8842uh1356mv6j00k0nh2qoaqh
usersync
sync.springserve.com/
Redirect Chain
  • https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uu...
  • https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=OJtvEE3QcLZx&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=OJtvEE3QcLZx&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Server
52.17.250.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-250-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Mar 2023 14:10:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.50.v20221201)
content-language
de-DE
location
https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=OJtvEE3QcLZx&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-68b8b6bc74-7rwmz
expires
-1
usersync
sync.springserve.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_...
  • https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Server
52.17.250.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-250-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Mar 2023 14:10:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
pragma
no-cache
date
Thu, 02 Mar 2023 14:10:11 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
etag
OPTOUT
content-type
text/html
us.gif
sync.go.sonobi.com/ 		49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?gdpr=1&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 14:10:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-180
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
sync.springserve.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privac...
  • https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privac...
  • https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=f23334e9-b903-11ed-a446-14604df00306
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=f23334e9-b903-11ed-a446-14604df00306
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Server
52.17.250.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-250-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Mar 2023 14:10:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Date
Thu, 02 Mar 2023 14:10:11 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=f23334e9-b903-11ed-a446-14604df00306
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
71
Connection
keep-alive
Content-Length
0
verify
pbs.publishers.tremorhub.com/pubsync/
Redirect Chain
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid...
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D...
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Server
2600:1f18:612b:4280:1fbc:eb5:e253:bacb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 02 Mar 2023 14:10:12 GMT
server
Apache-Coyote/1.1
content-type
image/gif

Redirect headers

location
pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D
date
Thu, 02 Mar 2023 14:10:12 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
getuid
eb2.3lift.com/ 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pbsync
ads.yieldmo.com/ 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/pbsync?gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000017%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.136.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-136-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
sync
ssbsync.smartadserver.com/api/ 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=52&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000018%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Bssb_sync_pid%5D
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58518/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58518/occ?gdpr=1&gdpr_consent=
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sync.sxp.smartclip.net/
Redirect Chain
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 02 Mar 2023 14:10:11 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
match.sharethrough.com/universal/ 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=BGApXMcE
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.222.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-222-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.33.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-33-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
map.js
js.adscale.de/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.adscale.de/map.js?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
nfWb_qxWqQeXQ_mckcpitVALzQ7APTXs
content-encoding
br
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date
Thu, 02 Mar 2023 12:51:42 GMT
last-modified
Thu, 02 Mar 2023 06:51:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
4711
x-amz-server-side-encryption
AES256
etag
W/"1c73c5e67b978b07dca5a7818f0aaa46"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, stale-while-revalidate=86400
x-amz-cf-id
3UYL34DwDi41641TAiLP5nc0vo58Wb8rB4B68ITh5Xwu-p_ATu2-GA==
web
onesignal.com/api/v1/sync/e5c7e911-5c92-4f15-86ac-b163a1a36a09/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/e5c7e911-5c92-4f15-86ac-b163a1a36a09/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c10543283f39d9f76050642a0a11f00ce0d4b334ed91f8e095ff48ccaf4ccc98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
247
cf-polished
origSize=3407
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
09a243ea-c90b-4b1a-9862-73eb255211e5
x-runtime
0.021022
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"f80e628ad047683a157dd301f7a4d38b"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7a1a38c929619b69-FRA
access-control-allow-headers
SDK-Version
expires
Thu, 02 Mar 2023 15:10:12 GMT
/
ip-api.igaming-service.io/ 		271 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ip-api.igaming-service.io/
Requested by
Host: intersc.igaming-service.io
URL: https://intersc.igaming-service.io/netflu.com.br.js?ver=202332
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
3.10.72.72 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-72-72.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bceabf4c867de89d980dbff8207092106441b69cc16ab6767d8641f6c5e21382
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 02 Mar 2023 14:10:11 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
271
Content-Type
application/json; charset=utf-8
pv
s.seedtag.com/c/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/pv?token=1624-6788-01&device=desktop&fullUrl=https%3A%2F%2Fwww.netflu.com.br%2F&cache=1677766211721&v=-&ft=true
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.2198981f6aeb1efb456f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6f01a8de7dd38ab8ce455980f7d6bc04149982ae3a9d6a9feef9900628a6532d

Request headers

Referer
https://www.netflu.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
content-encoding
gzip
via
1.1 google
server
nginx
etag
W/"a10-ME39PMu1jZ11C59e6fUpZvB8FhY"
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.netflu.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hkn.js
tag.hariken.co/ 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.hariken.co/hkn.js?code=b9c457e0-a80b-11ed-b465-5daff4bbe891
Requested by
Host: autozep.adzep.com.br
URL: https://autozep.adzep.com.br/autozep.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-161-183.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
x-powered-by
Express
content-length
0
vary
Accept-Encoding
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
content-type
text/html; charset=utf-8
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.netflu.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.netflu.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		43 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4084414213667510&correlator=3244436200588740&eid=31072562%2C31072789%2C31070233&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=8545395%2C300_600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=1181487536&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1677766211783&lmt=1677766211&dlt=1677766210606&idt=1020&adxs=1010&adys=2115&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.netflu.com.br%2F&frm=20&vis=1&psz=324x600&msz=324x600&fws=4&ohw=1600&ga_vid=1112351711.1677766211&ga_sid=1677766212&ga_hid=613259006&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
752cd9f8ec05748b2266bfdef91134a41f5f4bd65eeaf91031dbd1d58b23c0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10855
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.netflu.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F4A2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.netflu.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 14:10:11 GMT
expires
Fri, 01 Mar 2024 14:10:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		529 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4084414213667510&correlator=3244436200588740&eid=31072562%2C31072789%2C31070233&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=8545395%2Cpageview-track&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=2697564213&sfv=1-0-40&prev_scp=p%3D1&cust_params=ul%3Dnew%26r%3Ddirect&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1677766211808&lmt=1677766211&dlt=1677766210606&idt=1020&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.netflu.com.br%2F&frm=20&vis=1&psz=1600x0&msz=0x-1&fws=0&ohw=0&ga_vid=1112351711.1677766211&ga_sid=1677766212&ga_hid=613259006&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc0290178fbce5943e9e2bc169e6828d4781ad0c1e7cb1cbb7eb714a0c1091af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
264
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.netflu.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4084414213667510&correlator=3244436200588740&eid=31072562%2C31072789%2C31070233&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=8545395%2Cnetflu-ros&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C468x60&ifi=3&adks=3032165911&sfv=1-0-40&prev_scp=adunit%3Dhome-billboard02&cust_params=ul%3Dnew%26r%3Ddirect&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1677766211815&lmt=1677766211&dlt=1677766210606&idt=1020&adxs=315&adys=1064&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.netflu.com.br%2F&frm=20&vis=1&psz=1068x271&msz=1068x250&fws=4&ohw=1600&ga_vid=1112351711.1677766211&ga_sid=1677766212&ga_hid=613259006&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0deabf5dae586b60215500eeacb2f86771104e567302accb6aafc2c042781f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10520
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.netflu.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		528 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4084414213667510&correlator=3244436200588740&eid=31072562%2C31072789%2C31070233&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=8545395%2Csession-track&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=737252538&sfv=1-0-40&cust_params=ul%3Dnew%26r%3Ddirect&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1677766211819&lmt=1677766211&dlt=1677766210606&idt=1020&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.netflu.com.br%2F&frm=20&vis=1&psz=1600x0&msz=0x-1&fws=0&ohw=0&ga_vid=1112351711.1677766211&ga_sid=1677766212&ga_hid=613259006&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03294355e8b1f4ade2579edf5d4c59a4cb6a62b1af82b8b12360737ee33e75bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.netflu.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4084414213667510&correlator=3244436200588740&eid=31072562%2C31072789%2C31070233&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=8545395%2Cnetflu-ros&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C250x250%7C200x200&ifi=5&adks=1004778951&sfv=1-0-40&prev_scp=adunit%3Dhome-infeed01&cust_params=ul%3Dnew%26r%3Ddirect&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1677766211822&lmt=1677766211&dlt=1677766210606&idt=1020&adxs=446&adys=1712&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.netflu.com.br%2F&frm=20&vis=1&psz=666x301&msz=666x280&fws=4&ohw=666&ga_vid=1112351711.1677766211&ga_sid=1677766212&ga_hid=613259006&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee8830cb0fb2a9ee5a9fb774e292d3e9f25b7381fa93de19eb71500af26389d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11805
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.netflu.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4084414213667510&correlator=3244436200588740&eid=31072562%2C31072789%2C31070233&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=8545395%2Cnetflu-ros&enc_prev_ius=%2F0%2F1&prev_iu_szs=990x90%7C980x90%7C970x90%7C728x90&ifi=6&adks=2062749448&sfv=1-0-40&prev_scp=adunit%3Danchor%26r%3D45&cust_params=ul%3Dnew%26r%3Ddirect&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1677766211826&lmt=1677766211&dlt=1677766210606&idt=1020&adxs=305&adys=1260&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.netflu.com.br%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1112351711.1677766211&ga_sid=1677766212&ga_hid=613259006&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ec715198b4409012020f481ddd566ed3881d5a1e881240729ac98989c4376e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12489
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.netflu.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4084414213667510&correlator=3244436200588740&eid=31072562%2C31072789%2C31070233&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=8545395%2Cnetflu-ros&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x450%7C300x250%7C160x600%7C120x600&ifi=7&adks=3044096704&sfv=1-0-40&prev_scp=adunit%3Dhome-side01&cust_params=ul%3Dnew%26r%3Ddirect&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1677766211829&lmt=1677766211&dlt=1677766210606&idt=1020&adxs=1022&adys=1702&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.netflu.com.br%2F&frm=20&vis=1&psz=324x621&msz=324x600&fws=4&ohw=1600&ga_vid=1112351711.1677766211&ga_sid=1677766212&ga_hid=613259006&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58ec5c9b8082fcdef3cae41dcfbf91e5a1bd909bc49ac81bea28747b356b7224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11224
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.netflu.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4084414213667510&correlator=3244436200588740&eid=31072562%2C31072789%2C31070233&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=8545395%2Cnetflu-ros&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C250x250%7C200x200&ifi=8&adks=2210703298&sfv=1-0-40&prev_scp=adunit%3Dhome-infeed02&cust_params=ul%3Dnew%26r%3Ddirect&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1677766211834&lmt=1677766211&dlt=1677766210606&idt=1020&adxs=446&adys=3019&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.netflu.com.br%2F&frm=20&vis=1&psz=666x301&msz=666x280&fws=4&ohw=666&ga_vid=1112351711.1677766211&ga_sid=1677766212&ga_hid=613259006&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dad5a9c36600a9539952b3a8ea19679223c22c3c0e28207f00a6d06eb6f930b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10592
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.netflu.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		116 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4084414213667510&correlator=3244436200588740&eid=31072562%2C31072789%2C31070233&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=8545395%2Cnetflu-ros&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=9&adks=4089589787&sfv=1-0-40&prev_scp=adunit%3Dhome-billboard01&cust_params=ul%3Dnew%26r%3Ddirect&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1677766211837&lmt=1677766211&dlt=1677766210606&idt=1020&adxs=436&adys=286&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.netflu.com.br%2F&frm=20&vis=1&psz=1600x111&msz=1068x90&fws=4&ohw=1600&ga_vid=1112351711.1677766211&ga_sid=1677766212&ga_hid=613259006&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b456ef7253d066c94d871de14eba9ae95664101fe56b15d3953db13160e8e111
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNCmsJm2vf0CFREg4AodjQAEPg&gqi=&layout=/sadbundle/%24csp%253Der3%24/11393203926244038689/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNCmsJm2vf0CFREg4AodjQAEPg&gqi=&layout=/sadbundle/%24csp%253Der3%24/11393203926244038689/index.html
date
Thu, 02 Mar 2023 14:10:13 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44058
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.netflu.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ Frame C8C9 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.2198981f6aeb1efb456f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
79b87df922384438d3c4a7e6f3b2ebaef856e7b2ddc5f15e279dc7167c33553c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
content-encoding
gzip
etag
"liYNKlRv1+e+pwbkZBrDjQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 09 Mar 2023 14:10:12 GMT
t3m.js
tags.t.tailtarget.com/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-12765-5/CT-1068
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.2198981f6aeb1efb456f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:34:54 GMT
content-encoding
gzip
via
1.1 google
age
2117
x-guploader-uploadid
ADPycduvxmKfE22vArjD1S5EbpjwDCgRsyoLCnvPvKE0tflACWAye_FqA4mhLxOmPjcshY9Dslen54J0iDq7O8RLpg5kBA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7679
last-modified
Thu, 17 Mar 2022 15:35:15 GMT
server
nginx/1.8.1
etag
"ad2f9abb7bbec08e62cf17d0cc7d9125"
vary
Accept-Encoding
x-goog-generation
1647531315191220
x-goog-hash
md5=rS+au3u+wI5izxfQzH2RJQ==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
7679
accept-ranges
bytes
expires
Thu, 02 Mar 2023 15:34:54 GMT
p
sb.scorecardresearch.com/ 		43 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=26817122&c3=$accountId&c7=$currentUrl&c9=$referrerUrl&cv=2.0&cj=1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-39.fra2.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:11 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
43
x-amz-cf-id
SDY-rrMedTg-I9b8NQF8fA_7fFsJA499XKW6Wxe76M-Dpfokz7uQwQ==
x-cache
Miss from cloudfront
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame F6E2 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4618855&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:10 GMT
content-length
0
webPushIframe
netflu.os.tc/ Frame CCAC 		503 B
708 B 		Document
General
Check archive.org
Download Go to
Full URL
https://netflu.os.tc/webPushIframe
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f2ff2fdeffb247163ad858eeeeb0565d4928cf951fda677cb83a2a3517902e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.netflu.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
REVALIDATED
cf-ray
7a1a38c9ef643a5a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 02 Mar 2023 14:10:13 GMT
expires
Thu, 02 Mar 2023 15:10:13 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin, Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
51007d10-6d19-4163-bcfe-323b65fae911
x-runtime
0.016441
x-xss-protection
1; mode=block
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012302171719000/ Frame D46F 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61847
x-xss-protection
0
server
sffe
etag
"b91941a2860567a7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame D46F 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5237
x-xss-protection
0
server
sffe
etag
"304dd5725e1eccd8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame D46F 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28901
x-xss-protection
0
server
sffe
etag
"8f636c70fc937458"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame D46F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1926
x-xss-protection
0
server
sffe
etag
"df03f558eda3b320"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame D46F 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12954
x-xss-protection
0
server
sffe
etag
"e0426f4a93046162"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
truncated
/ Frame D46F 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8210cdf77643d308b044f4cf38787ba71d671e8490b083ebac37913d8830bb18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
10143679237862376453
tpc.googlesyndication.com/daca_images/simgad/ Frame D46F 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/10143679237862376453
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52e98c12aa5083add7bbb076cb7744a6b46541d559e16b97c188d2782a1e9b0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 10:03:04 GMT
x-content-type-options
nosniff
age
446828
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146429
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 10:09:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Feb 2024 10:03:04 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D46F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 01:01:56 GMT
x-content-type-options
nosniff
server
cafe
age
47296
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Fri, 03 Mar 2023 01:01:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D46F 		344 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 16:18:57 GMT
x-content-type-options
nosniff
server
cafe
age
78675
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 02 Mar 2023 16:18:57 GMT
l
www.google.com/ads/measurement/ Frame D46F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8Qiyim0p3bGpAmNb4hgZN5pdGRY_hKvQ_tUHelk1Bfd6KEg09t1YDcPy_oMg-DORIFP3I-ZYQXNImR5dJnj65TcH8sw
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame D46F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cnd6BQ64AZJG3M82SgAevgq2gAf-655lv2tSlha8R2tkeEAEgseuylAFglbqAgpgHoAHr1ejyKMgBAuACAKgDAcgDCKoE8wFP0Ek9gHrDs69bjOT0Hh5jqX_aEUzSfgEohDimmvKPXsbrvF6jdbe1n-5bPzN9oVomrgAhgi_0Bty3o-bbyrZsHhv1gZfe_aWB9kNy_CaEalohEYXV9awtunKJ_JfatHY4Hc-JoRV4YzmKNt06nEWdyJUZw8m65Cn76Q6eugTWfUeTuNFxDNOrStDJpnbHWy_YXSFefun7pH4eMeV8MmUdAN6a_zrlakkmva6g6K1WoPaZgAFDg4p5QPJXR-O_DOm6YnrmvIVtCNut7UT1RRuy1SnaltQdTH2fPIzgI8kWvR-UooV0iDyF6NowNL5dhwUkPDXABK-Ah9afBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeMuePRA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEODnAtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BML0BUBgBcBshceChwIABIUcHViLTUwMjI1MDA3MTc1OTgyMzYY-74T&sigh=ViqYJ9INxpc&uach_m=[UACH]&cid=CAQSPADUE5ymiwMaM5G9e6xopkd9N6Sf2XO910wx5Jgah_SD85s9Nls1D2puD_jltBeN_3kzQlDmM3hgfAZpixgB
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rules-p-PFW5FesqXn206.js
rules.quantcount.com/ Frame C8C9 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:52:39 GMT
content-encoding
gzip
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1054
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:36:52 GMT
server
AmazonS3
etag
W/"a521a7bf6d17b50bc9827eaad4be8ecc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
dKfgxp9BUsniwasuTu0yu2_3kbquml0OqYdzOH1xBvJSQ6ohA2kiiw==
si
googleads.g.doubleclick.net/pagead/drt/ Frame D46F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

date
Thu, 02 Mar 2023 14:10:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel;r=1947518076;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fwww.netflu.com.br%2F;ref=https%3A%2F%2Fwww.netflu.com.br%2F;uht=2;fpan=1;fpa=P0-1003655661-1677766212145;pbc=;ns=1;ce=1;qjs...
pixel.quantserve.com/ Frame C8C9 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1947518076;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fwww.netflu.com.br%2F;ref=https%3A%2F%2Fwww.netflu.com.br%2F;uht=2;fpan=1;fpa=P0-1003655661-1677766212145;pbc=;ns=1;ce=1;qjs=1;qv=463953fd-20230224153512;cm=;gdpr=0;d=netflu.com.br;dst=0;et=1677766212275;tzo=0;ogl=;ses=a0cb83a8-3c94-4150-8ada-5b6bc4c0177e
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012302171719000/ Frame 1887 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61847
x-xss-protection
0
server
sffe
etag
"b91941a2860567a7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 1887 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5237
x-xss-protection
0
server
sffe
etag
"304dd5725e1eccd8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 1887 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28901
x-xss-protection
0
server
sffe
etag
"8f636c70fc937458"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 1887 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1926
x-xss-protection
0
server
sffe
etag
"df03f558eda3b320"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 1887 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12954
x-xss-protection
0
server
sffe
etag
"e0426f4a93046162"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1887 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 01:01:56 GMT
x-content-type-options
nosniff
server
cafe
age
47296
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Fri, 03 Mar 2023 01:01:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1887 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 16:18:57 GMT
x-content-type-options
nosniff
server
cafe
age
78675
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 02 Mar 2023 16:18:57 GMT
truncated
/ Frame 1887 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aba885e1b936359de1508205089090da4b6c1d687066d837473b392a2149cb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
3475119113036960001
tpc.googlesyndication.com/daca_images/simgad/ Frame 1887 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3475119113036960001
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c85412361c28fa60f6a99ec244d29e03cfd0818b167afb96c5f464464439c86c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:19:16 GMT
x-content-type-options
nosniff
age
71456
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109737
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 10:07:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 18:19:16 GMT
l
www.google.com/ads/measurement/ Frame 1887 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5OAcOcKuySLMCUeBLfPFvnWMPKjd5wiMoXhWsCdPXn132fpKywOT0DX82AXsYSIGQzZDrMIxiZ1kbn5FRCf0fsdARtg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1887 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgurHRK4AZM6tCtucgAfCn6CADf-655lvytulha8R2tkeEAEgseuylAFglbqAgpgHoAHr1ejyKMgBAuACAKgDAcgDCKoE8AFP0I4PD8SjDzD9Zt88Nhy_AxjaDvaFm0KMHxWofbcaxfACXTHiEMnsW1HdkptK_iuiFGkDLJgZlerSAlCDUuay2V27u0QgUUySVT-1pPQ_NgpjuhzQRDoGXq5rNHuf4l-AfK956F_gaQoYdp7vWiw7Fxt8Q0Xmknl8I4kXHALuSTBOwLoyMJ0fJc848DzWVvD790Dfx1Gubu8pC5zUrlxlukxYonFFpB78EKbzzw_cpc8L6PL3WH5PXRmfwbxOHmLWxBIcrLprFUN8uTe-wX8oanxDrf2aYfr2SQtqW55ruxvZtXvBgJyYfXp5ZlOYIBXABK-Ah9afBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAeMuePRA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKX5CNIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BML0BUBgBcBshceChwIABIUcHViLTUwMjI1MDA3MTc1OTgyMzYY-74T&sigh=0BrbooNhI5M&uach_m=[UACH]&cid=CAQSPADUE5ym9mzS8ZfThda1FmxnD6f5qQ5L7lfPXHPijIA44FoN_eXzti56VEE4eqUWa6HVsEBLdxZM8SQynRgB
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1887
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

date
Thu, 02 Mar 2023 14:10:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012302171719000/ Frame EDF7 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61847
x-xss-protection
0
server
sffe
etag
"b91941a2860567a7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame EDF7 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5237
x-xss-protection
0
server
sffe
etag
"304dd5725e1eccd8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame EDF7 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28901
x-xss-protection
0
server
sffe
etag
"8f636c70fc937458"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame EDF7 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9518cad0cb9b991cf7cbcf4cc2bc537f78ab2db57f57c68a834d5b7e3be3a24a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 27 Feb 2023 18:08:29 GMT
age
244903
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16650
x-xss-protection
0
server
sffe
etag
"a00c559713bdf453"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Feb 2024 18:08:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame EDF7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1926
x-xss-protection
0
server
sffe
etag
"df03f558eda3b320"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ Frame EDF7 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Mar 2023 18:39:20 GMT
age
70252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12954
x-xss-protection
0
server
sffe
etag
"e0426f4a93046162"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Feb 2024 18:39:20 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EDF7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 01:01:56 GMT
x-content-type-options
nosniff
server
cafe
age
47296
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Fri, 03 Mar 2023 01:01:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EDF7 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 16:18:57 GMT
x-content-type-options
nosniff
server
cafe
age
78675
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 02 Mar 2023 16:18:57 GMT
truncated
/ Frame EDF7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
624cd8a961cf8c6a3d44410fc739beae6fc91bb0926ef752d541803bc19cb372

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
508126.svg
tpc.googlesyndication.com/sadbundle/5074836712931162887/images/ Frame EDF7 		147 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5074836712931162887/images/508126.svg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264a3189845f6bf08cee138091e035ac0508fc9412917b935eab3b59c0f8ae85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 19:05:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
587088
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
x-xss-protection
0
last-modified
Sat, 05 Nov 2022 10:50:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Feb 2024 19:05:24 GMT
50812.jpg
tpc.googlesyndication.com/sadbundle/5074836712931162887/images/ Frame EDF7 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5074836712931162887/images/50812.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e87d58debb87f6cb1031d4cc64738fb9e866af0bf67b3bf399904a9f708849aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 06:14:06 GMT
x-content-type-options
nosniff
age
114966
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66931
x-xss-protection
0
last-modified
Sat, 05 Nov 2022 10:50:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 06:14:06 GMT
508127.svg
tpc.googlesyndication.com/sadbundle/5074836712931162887/images/ Frame EDF7 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5074836712931162887/images/508127.svg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b5b5e037d19833a9ed58a5e87755f04b270d0fee6539beb3da629c62c29b9d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23022
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5201
x-xss-protection
0
last-modified
Sat, 05 Nov 2022 10:50:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Mar 2024 07:46:30 GMT
508140.png
tpc.googlesyndication.com/sadbundle/5074836712931162887/images/ Frame EDF7 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5074836712931162887/images/508140.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39e463680d09f6a4bbe3e0eeabf536cbad73e07e028d51a1b7584cdce47f5d7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 19:05:24 GMT
x-content-type-options
nosniff
age
587088
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28962
x-xss-protection
0
last-modified
Sat, 05 Nov 2022 10:50:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Feb 2024 19:05:24 GMT
508141.svg
tpc.googlesyndication.com/sadbundle/5074836712931162887/images/ Frame EDF7 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5074836712931162887/images/508141.svg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec2a3ef74af3f799d1d3827960edaf8d12943cf06ccd8e3c6e51721c737eb647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:47:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51738
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1892
x-xss-protection
0
last-modified
Sat, 05 Nov 2022 10:50:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 23:47:54 GMT
508144.svg
tpc.googlesyndication.com/sadbundle/5074836712931162887/images/ Frame EDF7 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5074836712931162887/images/508144.svg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3449b2fdc99f9a0c2701a28cbbdadb515b05af4819f95bd6009f62ea3f070bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 06:14:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114966
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2233
x-xss-protection
0
last-modified
Sat, 05 Nov 2022 10:50:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 06:14:06 GMT
508147.svg
tpc.googlesyndication.com/sadbundle/5074836712931162887/images/ Frame EDF7 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5074836712931162887/images/508147.svg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96e36765064c199b32cd6f08900de889f4f5c7617f44b0101836e6c9f97ae617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99055
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2893
x-xss-protection
0
last-modified
Sat, 05 Nov 2022 10:50:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 10:39:17 GMT
l
www.google.com/ads/measurement/ Frame EDF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6_256_P92L6GdBSWYbprKGOtzt3IWrlQysXIX2hkoBnLrUNnh95b49AX-F9O4tyRWtgYdc6gDHw7fjZQs2qfzjpSUog
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame EDF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CfSU-RK4AZJGiIs3tx_APiLeFgAWvt7S8bfKX6Z3iENqy287BLBABILHrspQBYJW6gIKYB6AB8ajGzgPIAQmpAiDZf8yg2LE-4AIAqAMByAMIqgTvAU_QCXmJ7IHbGowBEdZ19wuuszFJCFlXl9BFtxBgcoAsk9-5nD2Nj0FxTnDbZFmuXZOGAYK-AVeQL58Ho3w2MpXP6L9L3HXJ_onSJ8wXEjEksMOBtObkeIJb6FXD6iMwxDxpBNCOdNKedo6XZB_mBBQsv_COBm5X2AO7GSaDk6VGdszLmbG1YoDpRc5O2-9EqJRQ0YS3kxLg41E0vlQngQisDBgb8_tRjLb-ZOsbGt7wSy782CxA20v-dp42JYdkRuUSmKVxFOkMHXe4mA5q43DNMTj-9RHmBs2LMIdyIWg_0vykbcThqlcMMdMeZVhawAS6_9nx8QPgBAGSBQQIBBgBkgUECAUYBKAGLoAH99a5MagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENnZAtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTUwMjI1MDA3MTc1OTgyMzYY-74T&sigh=VLMOha3DdbU&uach_m=[UACH]&cid=CAQSPADUE5ym30hGX4mlsN9AX6dhyrHvpSrYFaCch2mRAoxpIva4QM0ZjWJK7KXTA6afOcKUKyeXWZXmBPy-nxgB&template_id=419
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
container.html
c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3B67 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.netflu.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 14:10:11 GMT
expires
Fri, 01 Mar 2024 14:10:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 3B67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClQk_RK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTmAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231p--JBPBPOogEYjKk360C3JZ8_nYX-pIo3X7pbRPRfIF-4708SL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01MDIyNTAwNzE3NTk4MjM2GPu-Ew&sigh=C6nkPNATQGk&uach_m=[UACH]&cid=CAQSOwDUE5ym-leGh6WczsbsM-4mq-E79dbXuEXT4Halfg5SAUr0tb-edjLPEimSt3x9xxi1hlUH5omP74IeGAE
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 3B67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jzbnz4mvzf42jtkw9x6a30gz5g27svsrzgxene8v1yes2q8a3pkbw5ra08g4sxeeqb1fbgmy74tmqjtged7ytqca9fw4kxk86qj8s0n07ehzzm0n6mc99hpegtkpsrskj0s4mv8rbn642hvh1pmfhjbr8hk0x7dzad76x6vn6yv4wxsrs12x8mkksj9xb3cdq96f38p5nj3f8dj6yfvm6k06psqta3g4f29g9r4yfbmp60znr3a2csyta959pzqt3fa2yd545cm26p98b7271we15v41qwkb6j412y65ydreh10hbty5jhxtrv7a6ma3geecnrt28xc8m825p656yype5mndc089hc9tvgk1kkgejccsn4vq1f7erfere23pxc5hkzpgq1n6ng&b=ZACuRAAL38IK4CKVAAtUHb3Sa9VlDbtPTAEVCg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Mar 2023 14:10:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 238E 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gnpwep9tb2w4tahjep4b6t92njwa7sx9qzadyc62ydwfjbthxqn0hcynvr8zmmr4hkf5dx44vbp1y2zz601s00w5rqy36wc86fn3eyvg4bw3nkbybxafad8fcnw806e67yfg1x2ghxsrw123jkc6x5k9nz7ebycesk52xybg6h0hp176rwg2s2q1m4w4kc5vk86ak8t0dcqwafb4vmh8zyd16vm3h21yyhs9nr4ketk7qdzvm8rbqmymfvb1mfbf3h450mack8kw64m3hy83y6zgk62rzx2ff6tbx7q4za5mpgnxzh5p76kyrdwj11g2bdwce79d2eam3m5r8avyg49mjmxs1nvz5ec7qeb8fzcw1hztnfh6bt3r86kcn7nhgc5s8xjq5xcgqw34dcefqc5m7p75cnwatf1d7t09w7hg44ybn027x8hbjt5tbj9axyaw3tm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%26client%3Dca-pub-5022500717598236%26adurl%3D
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b68186dd7d88775d294413cad33c89ba431c2319ce8da8cbeb8e45369f8164ab
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a1a38d07c61904c-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 14:10:13 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3B67 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 04:59:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
33024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Mar 2023 04:59:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 832B 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 06:41:34 GMT
etag
48472445140208031
expires
Fri, 03 Mar 2023 06:41:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3B67 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
70203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 18:40:10 GMT
l
www.google.com/ads/measurement/ Frame 3B67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnKaECk5jliC-sL99dqxpzI4T9_CUcBHzGMer4JoX4J6SxNK7U4tgFLsbTtLvKlaJf0SEtUjPNVVH9pvvoVghTgzNmRw
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3B67 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:41:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
70114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 29 Feb 2024 18:41:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B67 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 14:10:13 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ Frame CCAC 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: netflu.os.tc
URL: https://netflu.os.tc/webPushIframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3565ea346e63fda91cc67ba8fc11e95b7482d5873a4f4c6a47c4185b772d9a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://netflu.os.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
138
etag
W/"5ffd70753209ca4d09cfef90e7c44df3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7a1a38d02b112be6-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 Mar 2023 14:10:13 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ Frame CCAC 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3af293c92bffe2f5f6f31753be6de274bf677ee5c4de05428cf394d63d4941
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://netflu.os.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
129
etag
W/"725985d8b3cb9e8905cfe4c97cc83600"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7a1a38d06b642be6-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 Mar 2023 14:10:13 GMT
truncated
/ Frame 3B67 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40b0e3f35da3d109cb629ad1ca8ddf69efdd4a469c60de8e6f78795a16324d81

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 832B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEE14gogdcq96aZ3RiZPe-eg&google_cver=1&google_push=Aa02lx-PGnwceaHekyKymHUbzTFfD-KbWVcJwrIVLdPf-8pcch1uBUSnX_vgknCdc6bzBtdPq-uJ1-8TS8XQ-Ins...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-PGnwceaHekyKymHUbzTFfD-KbWVcJwrIVLdPf-8pcch1uBUSnX_vgknCdc6bzBtdPq-uJ1-8TS8XQ-InsAC7YmXXuf5Oj
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-PGnwceaHekyKymHUbzTFfD-KbWVcJwrIVLdPf-8pcch1uBUSnX_vgknCdc6bzBtdPq-uJ1-8TS8XQ-InsAC7YmXXuf5Oj
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 02 Mar 2023 14:10:13 GMT
Server
MT3 530 4e92630 master cdg-pixel-x29 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-PGnwceaHekyKymHUbzTFfD-KbWVcJwrIVLdPf-8pcch1uBUSnX_vgknCdc6bzBtdPq-uJ1-8TS8XQ-InsAC7YmXXuf5Oj
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 02 Mar 2023 14:10:12 GMT
i.match
s.tribalfusion.com/z/ Frame 832B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEITXvTbbzGHis5JliIOJHLQ&google_cver=1&google_push=Aa02lx92mee8Xiu1pLMBCrsCswq7ejhc2YfQ-ReZ_rUUNy1jCvjri41eSUFSArtAfXmTdwijAJBAKOKHF8hN1AvbjjLOhjlRvWys&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEITXvTbbzGHis5JliIOJHLQ&google_cver=1&google_push=Aa02lx92mee8Xiu1pLMBCrsCswq7ejhc2YfQ-ReZ_rUUNy1jCvjri41eSUFSArtAfXmTdwijAJBAKOKHF8hN1AvbjjLOhjlRvWy...
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEITXvTbbzGHis5JliIOJHLQ&google_cver=1&google_push=Aa02lx92mee8Xiu1pLMBCrsCswq7ejhc2YfQ-ReZ_rUUNy1jCvjri41eSUFSArtAfXmTdwijAJBAKOKHF8hN1AvbjjLOhjlRvWys&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx92mee8Xiu1pLMBCrsCswq7ejhc2YfQ-ReZ_rUUNy1jCvjri41eSUFSArtAfXmTdwijAJBAKOKHF8hN1AvbjjLOhjlRvWys%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a1a38d24b863680-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
137
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEITXvTbbzGHis5JliIOJHLQ&google_cver=1&google_push=Aa02lx92mee8Xiu1pLMBCrsCswq7ejhc2YfQ-ReZ_rUUNy1jCvjri41eSUFSArtAfXmTdwijAJBAKOKHF8hN1AvbjjLOhjlRvWys&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx92mee8Xiu1pLMBCrsCswq7ejhc2YfQ-ReZ_rUUNy1jCvjri41eSUFSArtAfXmTdwijAJBAKOKHF8hN1AvbjjLOhjlRvWys%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a1a38d1098b3680-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 832B
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELKhdjPTlMrdyTDWoAToRVY&google_cver=1&google_push=Aa02lx_YK_v6DyUqkfmsRTjVHMyASqHpe6WcAPf9JFJdVSCaU4H_BPbMQ89u9JqGYz7OrTwsmppK7ZGcYzh_uEdn6GA8FmbT08fN
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=385FD20595C241C19601DC5FF944F092&google_push=Aa02lx_YK_v6DyUqkfmsRTjVHMyASqHpe6WcAPf9JFJdVSCaU4H_BPbMQ89u9JqGYz7OrTwsmppK7ZGcYzh_uEd...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=385FD20595C241C19601DC5FF944F092&google_push=Aa02lx_YK_v6DyUqkfmsRTjVHMyASqHpe6WcAPf9JFJdVSCaU4H_BPbMQ89u9JqGYz7OrTwsmppK7ZGcYzh_uEdn6GA8FmbT08fN
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Mar 2023 14:10:13 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=385FD20595C241C19601DC5FF944F092&google_push=Aa02lx_YK_v6DyUqkfmsRTjVHMyASqHpe6WcAPf9JFJdVSCaU4H_BPbMQ89u9JqGYz7OrTwsmppK7ZGcYzh_uEdn6GA8FmbT08fN
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 01 Mar 2023 14:10:13 GMT
pixel
cm.g.doubleclick.net/ Frame 832B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOMpWeBhxlCcsMEPZtWuYis&google_cver=1&google_push=Aa02lx9-1hgJnT8r_6KduwJeRIHrQniBfY20lPomvcwZtxokIbhiEl9ktL73KExwYVJb2vGnKN4Nw4QsZah1BX...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTk1MTAxNTE3OTQ1MDUxNg%3D%3D&google_push=Aa02lx9-1hgJnT8r_6KduwJeRIHrQniBfY20lPomvcwZtxokIbhiEl9ktL73KExwYVJb2vGnKN4Nw4QsZah1BXleD4...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTk1MTAxNTE3OTQ1MDUxNg%3D%3D&google_push=Aa02lx9-1hgJnT8r_6KduwJeRIHrQniBfY20lPomvcwZtxokIbhiEl9ktL73KExwYVJb2vGnKN4Nw4QsZah1BXleD4jCgwsJZQ6R
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTk1MTAxNTE3OTQ1MDUxNg%3D%3D&google_push=Aa02lx9-1hgJnT8r_6KduwJeRIHrQniBfY20lPomvcwZtxokIbhiEl9ktL73KExwYVJb2vGnKN4Nw4QsZah1BXleD4jCgwsJZQ6R
Date
Thu, 02 Mar 2023 14:10:13 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 832B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDLMwmghXNzPNIK2-nE8T6U&google_cver=1&google_push=Aa02lx-VRslEpEghY6x4zyUDTe6VbpD5NVLkQXxOxfauFVNn-WCYn9-bmUUbmFpftCnYWN-WaRX4dH1R--vuwlw9...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XiCoEyjHTBiYOwa_1cooaw2&google_push=Aa02lx-VRslEpEghY6x4zyUDTe6VbpD5NVLkQXxOxfauFVNn-WCYn9-bmUUbmFpftCnYWN-WaRX4dH1R--vuwlw9QK9GGU4eS4vf
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XiCoEyjHTBiYOwa_1cooaw2&google_push=Aa02lx-VRslEpEghY6x4zyUDTe6VbpD5NVLkQXxOxfauFVNn-WCYn9-bmUUbmFpftCnYWN-WaRX4dH1R--vuwlw9QK9GGU4eS4vf
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Mar 2023 14:10:13 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XiCoEyjHTBiYOwa_1cooaw2&google_push=Aa02lx-VRslEpEghY6x4zyUDTe6VbpD5NVLkQXxOxfauFVNn-WCYn9-bmUUbmFpftCnYWN-WaRX4dH1R--vuwlw9QK9GGU4eS4vf
x-host
tde-deliveryengine-production-cdcfc8b9-m6v8m
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 832B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL2TcungizLUkSfLi-_EDsU&google_cver=1&google_push=Aa02lx80igMy4k0LNAj_IfBhrXmteU3gKHX_Db0fxHv5lUBFjaz94SmC5aR--kMvC_PXvtguYU-vKdFouS3Hw2pyi5jmD1T...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx80igMy4k0LNAj_IfBhrXmteU3gKHX_Db0fxHv5lUBFjaz94SmC5aR--kMvC_PXvtguYU-vKdFouS3Hw2pyi5jmD1TmsJIq&google_hm=eS03M3pYVWs1RTJwR0Rmaj...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx80igMy4k0LNAj_IfBhrXmteU3gKHX_Db0fxHv5lUBFjaz94SmC5aR--kMvC_PXvtguYU-vKdFouS3Hw2pyi5jmD1TmsJIq&google_hm=eS03M3pYVWs1RTJwR0Rmajkyc0c0MGVtOGxZVHprbGkwaH5B
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Mar 2023 14:10:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx80igMy4k0LNAj_IfBhrXmteU3gKHX_Db0fxHv5lUBFjaz94SmC5aR--kMvC_PXvtguYU-vKdFouS3Hw2pyi5jmD1TmsJIq&google_hm=eS03M3pYVWs1RTJwR0Rmajkyc0c0MGVtOGxZVHprbGkwaH5B
content-length
0
/
onetag-sys.com/match/ Frame 832B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFFnX9DQ77BwVZHtuYlss7E&google_cver=1&google_push=Aa02lx-5ENAGfU-WeTJwqqfSuFR5CATVwhuuvL-xT2ySgPBOECiD4asSyikK3GyJZ09haDSmmprNU0UqtoY...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-5ENAGfU-WeTJwqqfSuFR5CATVwhuuvL-xT2ySgPBOECiD4asSyikK3GyJZ09haDSmmprNU0UqtoYPViqpkSjgcUxaLGDCow
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 832B 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IrBKrahUxiscX6bGKuvezmpOYB6G8BbdV0cEkBkj73TgLKRSEtH5KxvTze-5LkF0ElktYZxg
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 238E 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gnpwep9tb2w4tahjep4b6t92njwa7sx9qzadyc62ydwfjbthxqn0hcynvr8zmmr4hkf5dx44vbp1y2zz601s00w5rqy36wc86fn3eyvg4bw3nkbybxafad8fcnw806e67yfg1x2ghxsrw123jkc6x5k9nz7ebycesk52xybg6h0hp176rwg2s2q1m4w4kc5vk86ak8t0dcqwafb4vmh8zyd16vm3h21yyhs9nr4ketk7qdzvm8rbqmymfvb1mfbf3h450mack8kw64m3hy83y6zgk62rzx2ff6tbx7q4za5mpgnxzh5p76kyrdwj11g2bdwce79d2eam3m5r8avyg49mjmxs1nvz5ec7qeb8fzcw1hztnfh6bt3r86kcn7nhgc5s8xjq5xcgqw34dcefqc5m7p75cnwatf1d7t09w7hg44ybn027x8hbjt5tbj9axyaw3tm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%26client%3Dca-pub-5022500717598236%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gnpwep9tb2w4tahjep4b6t92njwa7sx9qzadyc62ydwfjbthxqn0hcynvr8zmmr4hkf5dx44vbp1y2zz601s00w5rqy36wc86fn3eyvg4bw3nkbybxafad8fcnw806e67yfg1x2ghxsrw123jkc6x5k9nz7ebycesk52xybg6h0hp176rwg2s2q1m4w4kc5vk86ak8t0dcqwafb4vmh8zyd16vm3h21yyhs9nr4ketk7qdzvm8rbqmymfvb1mfbf3h450mack8kw64m3hy83y6zgk62rzx2ff6tbx7q4za5mpgnxzh5p76kyrdwj11g2bdwce79d2eam3m5r8avyg49mjmxs1nvz5ec7qeb8fzcw1hztnfh6bt3r86kcn7nhgc5s8xjq5xcgqw34dcefqc5m7p75cnwatf1d7t09w7hg44ybn027x8hbjt5tbj9axyaw3tm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%26client%3Dca-pub-5022500717598236%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
99402
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=halp9bp8CEbDKaTF%2Fk6RmdAB%2F1%2B5AWhB4eBFAPzn%2BxsXj76eXvhFokRmHh0GyNi4E8oC8V6pH2ZBrMDNQxAwAmmV0jRAyKbqR4BgpOvG7pFoG2TjoQY3WeN8Er2wqzCnbpSJyjc8lBQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a1a38d0cce7904c-FRA
expires
Thu, 02 Mar 2023 15:10:13 GMT
r62eglto.js
ad4m.at/ Frame 238E 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gnpwep9tb2w4tahjep4b6t92njwa7sx9qzadyc62ydwfjbthxqn0hcynvr8zmmr4hkf5dx44vbp1y2zz601s00w5rqy36wc86fn3eyvg4bw3nkbybxafad8fcnw806e67yfg1x2ghxsrw123jkc6x5k9nz7ebycesk52xybg6h0hp176rwg2s2q1m4w4kc5vk86ak8t0dcqwafb4vmh8zyd16vm3h21yyhs9nr4ketk7qdzvm8rbqmymfvb1mfbf3h450mack8kw64m3hy83y6zgk62rzx2ff6tbx7q4za5mpgnxzh5p76kyrdwj11g2bdwce79d2eam3m5r8avyg49mjmxs1nvz5ec7qeb8fzcw1hztnfh6bt3r86kcn7nhgc5s8xjq5xcgqw34dcefqc5m7p75cnwatf1d7t09w7hg44ybn027x8hbjt5tbj9axyaw3tm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%26client%3Dca-pub-5022500717598236%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
56384
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdPLrca6o8YoNJz0qqWaRR5tQrX0HRDFRgJvVySH1mIsLZbx0YrPmetk23Y9DLLxx5TeueH24iPQXCDojHHVpv3O8mzL%2Fsk9f589VMSUrmhNs4HkuIRNB%2BUmJKktmXVmEAmg3Zc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7a1a38d0dd08904c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 27 Feb 2023 22:45:45 GMT
web
onesignal.com/api/v1/sync/e5c7e911-5c92-4f15-86ac-b163a1a36a09/ Frame CCAC 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/e5c7e911-5c92-4f15-86ac-b163a1a36a09/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c154faf7ff6d2339a9cdc019bfbd8873892a5a5c6e9704bb6f2a3280f164083
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://netflu.os.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ae3d880e-72bb-47ad-a8af-690569117742
x-runtime
0.024154
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"6c154faf7ff6d2339a9cdc019bfbd887"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7a1a38d12c9b2be6-FRA
access-control-allow-headers
SDK-Version
expires
Thu, 02 Mar 2023 15:10:13 GMT
container.html
c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F4C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.netflu.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 14:10:11 GMT
expires
Fri, 01 Mar 2024 14:10:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 238E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2930
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZIEP62iYvc8XOXBfCQVRrb9mJFgJr0JXzC%2BPaIC0Z97yy4MfZBPk4hcVZoJfqGLdwzAtFn6dCmi%2BVDnB7LM9f35S5KeioiomtKzooK0p6kryZJMq6hLTnvD7YrEW4ZWp1IqnW%2BZaIONWkjmOxEFqNXC"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7a1a38d1baaa92b9-FRA
expires
Thu, 02 Mar 2023 13:51:10 GMT
frame.html
ad4m.at/ Frame 64C8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1803980
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7a1a38d16faebb5c-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 02 Mar 2023 14:10:13 GMT
expires
Thu, 19 Jan 2023 19:22:47 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJNOaQebh0mU2tBAHrfEuN%2BBepsX0JnwoBD1vAZOFJ9kItGIiwtKfwkFB1zlU1zkVj8XrzBDYB0%2FGVvcjFP1ujq1O1IUywdzfatwJMXDiqajCKO43QAyCHEUzdFN0dB6C8ODeME%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel
googleads.g.doubleclick.net/xbbe/ Frame 00B3 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjDsaDRATAB&v=APEucNWt5EhvmZ6GPA0UUcl9ajLwpKfXiwFt8-m9b6reRibhLCxLfMaxkLFot2TSvOoSTqCiUvK5VpjFFoD6XQYHDShuvDZv83Wwu5mBZeH-wD-4OI_g-K80htwiGFQD5rtBigmqWygRtexmYRSuLZQHZ6xxk5CQ5UWLNQcfZfwNcO26ZKr6RS8
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 14:10:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3F4C 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 14:10:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F4C 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ADMqh5bpJReWqUr7ktLDsnzsZ4Z-M14fv1e_fq61QVGC295DGKBKGJsS8BivCUaKHkS_kvlsbB6qxPl90QEERlzqoNQrt2a8Rint_mp3xY7LPOs04
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F4C 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17358801527394425637&x=1&ct=76
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1135760/65089096/xbbe/creative/ Frame 3F4C 		250 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1135760/65089096/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-BkSysaKR5EoCUJt-LSDpcrgrgw0wZ-nir6OQGLltcg8W8CqBuGE69nllqYuHyLTUKjKtmh1pBkCY63_Smrzs3IsPlcGyj-lLvztfDxXShFig5nkkIPm418wlI6WNBxGiTlmztgY27FW1Y9-Bu2j5Y-BowAhYCXl5VRAZw8V3G9uaRCe6oSqRQAoCZ_4L3GlPlZ1QpSNbhcRJUlYEZb37voeODV6nup95QhgNTH9DsYnxQdTW984Q_Z0Jm2p_fxyi0Ugw07es-telmdekVAQRerpMhGz2NeEImk968lqpgbISa17FhSb6GYU3kijFZ154t-fptvT5ygr6gZWtNnUL6AK8gR8MifoTUfT9g7kHk7SkzkWIUddENbCaAvRq5XKc8Kaervro0mZH27MbttDRf6l3C9TK9EqWs9R3nku2BnMjdjmbGM423W2z6lIg5k71tOixpzaByE8VvY9BTwrKCw3P2PtAPDoLYatnd_fmTBHVBdvMNeLj7gtI86qKUx6xUihSBsFb9daoSoErmqdEJPg_FFKv3kGO8-Phlif_kX2RkrrtQMGqCTmUerhUslVs1gQ0QY_7J7sudXH2gCg8j7BsftvLx0FqlGUaREnqHqRqiQd3qNilx1fOr6F4oUq9fwXkeYi300wnWnbxc-O_kmrRmSXsZiBeXnOARSSS_xu4AAXpbjCLbI6rrFrnjANXNTn_XuYkIi_qd76zSiSsYuJOz38AWwRACFnbSu79cHojJwNN-I41Ju80W25KuSZfoajrT0l5S3VcCtMBxOnFVZBVuhut6fcn_GbElBPzewRp232bOBn8IcrB7CxIqopz5Oqab2ioN3I811vQs8YZskt5GgP_TRej1100m-wjuZb8grYsoIqewtWRhtjvYajFz2CC8otRCYoQcn51diEcHwS_dtCZZ6ex-atd3hCBr-sik-RbSAO59gSVQtFOWCGMwjxe2TOkLsEjjlAnhBFNSYTBUvCnJ3GKrDIrDuME8Q4RfZZmqOMfRFGNIonaPzENbGGzs5lll79_qGi8Mf31_CwTSeCh_7LcxafCzVH6uYLKASTaNLmrIcltzkXl1JGnZSl7RLtt6aMWOTeea2gagyx1cNoU8W6a1tY-yQ37HIV-MuLCIDza4V5n-oV8fhhiYGetqftjZM-l5vW1SvE0K9BP9hFNnMmcUPQeaxGLckKSRQMOQQJTT7FDR6Hh2KBXYCNRIaA3wLLIUH3j5_hMl09u68suXBLh-6xSHQumcoaYRw4mUU6GUssLhn2x7rdczMnmDEVyeAbPFxghB-thisqdkSIskUz63pwVbvVxweoxwbNlqQLP3T5u-E2ZX6gzZrK4AstaM-0BWFWXS1g_ILM8ePAd67o_i4LOUMJFIv7DwDoZxj55I_tGnVrr4HcEWTzbB0r34Wf9vdSq1lWSgzvaMUsurjpgTbUIHfWCGpIhYntsnRNUKceaJDmxIDCCNHKcgIrrc16_qLTmPUvcpov_mQR4S295aPY9BkO3UmS8kJuIyryMpGWADyMjah8_W1lSXREiJQu1_Xk809QWUqnHBb3i-0P_eSF7D42rcRENzVn1zv3N0YLvgpi8gpqXDU2_7FsZ0qp2nI7RJUZO0fmhuvlUI3LLq8rGF4DZbYVZWSR3TC1UdyKR_LRw9nyV4apL_HVKP-uEFsVsWmQPvYxRLVdKA1C0K4lVzRP-cmidoZi1NB-awF5v2fnb6jlbgf-gxzZj7WsT0Cw3_n23UsrdD7udKkYxlgKZeWyGoW_WDSvqY3qteOg7i2DB_vUOJqxE-vrEK8SMzbBdznsGVWPLBMRzp1dyF7_sQWhWCzGdFkRUWccMaLJppdyB1DvbUItNbMIggMEphKtAKPfJoRNBd065-6U0osHucg0E06LSkRwRBY9SM2TLJ3-Chjw0q6b5yeLdh9yHnMjxWDU7JTTXlVFs0F8KnrUDiXIV_z07pDeHrqzoWdPr20p32JKWx_2pUOuL4qPTuZoNZyjf9eMtaw5a9xgSz-JIP6mAjQxloy1tfjZkrIhK7urSoNKRewSvb5blNIzgTCz3BeIn9tK3JZQ0Geq0IOYZxVMO_u9U8J-DvTpcCVgDqe1v1rX4IxCrXNF72TltVzsvbNCA-Sj6rS46KGvTWXNvScYZeArVeG9kysCKm3yqvzXtZF-KYOTBTxho9_ChHMXqw_NqmRelmrhvcaVgYzpkrHmeHfNuiZj-yxIIvjv4H4V_dM7WodrGep2eTYxcyTYWtFxuNGe-01G_qJmWIsD8Hmbk8K_zdIoKV1e6fgOjXKLkxkcOBvIDr6I_LfLs0qMRn1nA0kJKUM1bxVILLn1g-fSIGg23KiZvUzDjYPOTYTiaC7W5tffJOJJ0c139Zp3Z5kCt21ClpSU-YD3xp2D3T7fjamHeHvnkJCL40FIDvr7qJ2ePLb3KyHYIx-Ox9ICE6uf9yp5TXFjD73KfNNrsvWtNQALG6WcitXIWBpMWllxsBBbBKKcWDt_AJddyIJ92Ddchil8mF7uBA2KKaZcvt008hc56df8pOHxtk0YvU261fijm8i0U7EWIUpeJfsnpqDpzPCv80wT8zureWWDA8tXCSrjWb8v1pGvNvLkN-FIEy3Ufo6pzwe727C9xLzrKKh5nE4WXdQsDT7bsxvU0HSE5OIc5szLJ0Pv1QNpGwtGM3dpgeSoqczPQyOyi1zwT4FfVEn2Tjfx4TMswdaVJivgaERFcGCYuurh9WAwxWU3JSQNNK6gSM2ycz7l7hBcRNZ1b8c8nqKKm_tiJL3IroSwJlFWD7QH_s78TpoXzpx6Ei2FFWdN5iJsIl8l4C2rTJ42I9Qgg6ti3VAJzVxEis9TvrlWLLOq2leABzZM8Mjo5uf3_uU1WHCwOdFhCAapqfp6VUKV04SU6-g6lyYPfRnvF4hCCduOQoKdNu_tsrZu2W1QE_92GSc9Hwuw5jxR2D1uKGNMXlnWhOwY5nUpkfdmcSZmCfQXByUVL0ehFZC4Nru1EwPdjHhN9E30qSrfnFQtb12_rIqPELmzIvjwmpukWtliJmsNQ0KlD9z092KGPnruUCFUFK2lAYN1NBKqX0-fc2C8OjQrHc_Y5ncTEd-q_SUmFLnz8hWXe2d6B9MGazDiO0t6EN02PIwBFvy6kL8x8RNfsz4143wxMiXu3yrTrKhsszkpvc2CKJwZ8HWLqH2IeEsXvPh5u1S4A5I1oXVz4P-fuhhVDMDRn1h1Iomxz2FbHFrGdK9I5sEWczZxZCbhpi8rL5ZRPiQ9bo4t0n1NrOsMM4fFXYz6--F5dxZ2Wi2Do2EwT_SsZz64-0suAXgxL2dxe_5Six1Y-N0y1EEg5K-EoWh1qmHl9FuIQJbx3pccM6c72DoBXJSWF777gSzbKMuRXy3FPaHaq6tXsryP7-QCbBMtPcIbs8S8UUPOmwUlnEsSK2E2Wxes5I1ty010sSuVkiwVdcUmY6hIF5ZbkbjlLXMAKXP61Q3eQNJ-3eXVcT8jaNE_FDcLMISy9VBREs3g9glYRARzjt6kfXqXlMjDtFOpLwS6GEojpwEaHGQGFR7_92xFXuWetxpdcNAIw62snOhk7Xm1B24LNkpy1NWoe2OW0VaVlcn8W-iVn6Pvgoll1xwRzHLx6m25ebyVbUaQggEEjwA1BOcphev8e07nP5d6SgXcimGGvnweSGd8ELY2Ez55KZt7eUbvuAvmwQ2etzMGS4QQPd2FLUd7XWtMLQYAWAB&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-5022500717598236&ias_chanId=1&ias_placementId=18137318564&bidurl=https://www.netflu.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j1XKS4hlbH1NGniWjDgdVN
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.14.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-14-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c36dade944caab9913437bbbb8d4b6745a819591b9348890dd10bd91efb62b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3F4C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 04:59:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
33024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Mar 2023 04:59:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3F4C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
70203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 18:40:10 GMT
l
www.google.com/ads/measurement/ Frame 3F4C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1hmq_9bpbRH-LxQ8p6S7-4-9Q6aW8P3A58J7oM3hB-Uh9BSwBcIjK2vytKTTMIxjsnWRZmY9vEOE-u2GJJCyie5h-Xw
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F4C 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 14:10:13 GMT
rs
ad4m.at/ Frame 238E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d338ae13bbac9a620bd69097e84e956f44708d8812eca86fce10ac83c6d8ca3

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGMDF%2B89%2B8HF6hrY0S2YIYwyKkzvQXJQfsu63MqmK%2FEhQISDpqzhYBqWiWan%2BCbl7J3Rgi1KIKCUAz55s6dEDJL73Oil6vTuKvrc6xOlyOqaNm5j1UJ77Pf4OAtlMzpQYc%2FprxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7a1a38d229e837fc-FRA
x-backend-server
aa-reachservice-group-europe-west1-0bnh
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a1a38d1e9a737fc-FRA
content-length
24
content-type
text/plain
date
Thu, 02 Mar 2023 14:10:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUDT9qG8OjGBYY9fXqNK0fC74468k7GtjianSIa9Cm93RxD9MnQbpitq%2FahPIY5vg%2F%2FpOEtXj9w%2BR2D6Hcg%2FnBMKp13Gfo17ybnCzCQv1S6Kk2EHf%2B1GB90I8XFvh9lI2WdyI2o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-0bnh
webPushIframe
netflu.onesignal.com/ Frame FB66 		474 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://netflu.onesignal.com/webPushIframe
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0765779057557a3aad6c0a6d0323c51ca33f8f0f5e498509fde04f336b8febcf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.netflu.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
REVALIDATED
cf-ray
7a1a38d21e069b69-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 02 Mar 2023 14:10:13 GMT
expires
Thu, 02 Mar 2023 15:10:13 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin, Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
a7193cf7-8d94-441a-ade2-23931c6ea0fa
x-runtime
0.009857
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 00B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2bpVfUDcYZnWrK-Y-DCBE&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2bpVfUDcYZnWrK-Y-DCBE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjDsaDRATAB&v=APEucNWt5EhvmZ6GPA0UUcl9ajLwpKfXiwFt8-m9b6reRibhLCxLfMaxkLFot2TSvOoSTqCiUvK5VpjFFoD6XQYHDShuvDZv83Wwu5mBZeH-wD-4OI_g-K80htwiGFQD5rtBigmqWygRtexmYRSuLZQHZ6xxk5CQ5UWLNQcfZfwNcO26ZKr6RS8
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 14:10:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2bpVfUDcYZnWrK-Y-DCBE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 00B3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZACuQ0pg9LL.x0NqimZP2gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2bpVfUDcYZnWrK-Y-DCBE&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2bpVfUDcYZnWrK-Y-DCBE&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjDsaDRATAB&v=APEucNWt5EhvmZ6GPA0UUcl9ajLwpKfXiwFt8-m9b6reRibhLCxLfMaxkLFot2TSvOoSTqCiUvK5VpjFFoD6XQYHDShuvDZv83Wwu5mBZeH-wD-4OI_g-K80htwiGFQD5rtBigmqWygRtexmYRSuLZQHZ6xxk5CQ5UWLNQcfZfwNcO26ZKr6RS8
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 14:10:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2bpVfUDcYZnWrK-Y-DCBE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 00B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELc9rQOFZIxthKSjrEfNOe8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELc9rQOFZIxthKSjrEfNOe8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjDsaDRATAB&v=APEucNWt5EhvmZ6GPA0UUcl9ajLwpKfXiwFt8-m9b6reRibhLCxLfMaxkLFot2TSvOoSTqCiUvK5VpjFFoD6XQYHDShuvDZv83Wwu5mBZeH-wD-4OI_g-K80htwiGFQD5rtBigmqWygRtexmYRSuLZQHZ6xxk5CQ5UWLNQcfZfwNcO26ZKr6RS8
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 14:10:13 GMT
AN-X-Request-Uuid
f9fc8336-d1e0-492a-8107-46c2ff7d5061
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.21; 217.114.218.21; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELc9rQOFZIxthKSjrEfNOe8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 00B3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY1NjU4MTU3OTU1NTE0NjE4Nw%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY1NjU4MTU3OTU1NTE0NjE4Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjDsaDRATAB&v=APEucNWt5EhvmZ6GPA0UUcl9ajLwpKfXiwFt8-m9b6reRibhLCxLfMaxkLFot2TSvOoSTqCiUvK5VpjFFoD6XQYHDShuvDZv83Wwu5mBZeH-wD-4OI_g-K80htwiGFQD5rtBigmqWygRtexmYRSuLZQHZ6xxk5CQ5UWLNQcfZfwNcO26ZKr6RS8
Protocol
H2
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 02 Mar 2023 14:10:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.21; 217.114.218.21; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1fad8c8f-aa1f-41d1-871b-6bd696f77c5d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY1NjU4MTU3OTU1NTE0NjE4Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F4C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2875969394208&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F4C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2875969394208&version=m202301230201&ct=76&x=1&cor=17358801527394425000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3F4C 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cns_3qmz5GI7tNSVdPBzxu3DHhQmW5C-V8JnWUz_xWMZL15K9tCpLJkz6YVFtClAdLJ_M7Qv5ArgulH0jKhtqMDwdERXq4fzm4SvHZ-aJBDIFBJgNMj-KsTH5xRGuGSw7-ZSsaXY727moMGeJEvQGRgDTihMnJxPmU1LqrQHSIlnEKKHk&cry=1&dbm_d=AKAmf-DNSXET4L-24N_NhjaJ1GsJTPfoDrqVyI3Wr81Xpa6UhdozZUBFYHS55ex32WXXIZduil9LdQPKQIcEXeJ9Lji98PvdQLN2xCgBGeRGvW3AASsnxZFWSvBIrGk2Jo_bNlYgR64NIiHS7PjRyNGdPixb4lLkUV-DKthzcB2kKjrhVTTwoquIskj6JQM68xKURVr_zuCz52W01evGESWNYnfRNTENLDTSRdRfR8ykOLrumfFpN60oqF8n8Ke4hv7Z7Ic0HK9PqfC3BHbbgcscAc2EI1QUXpmqT0JifT4YksQX8EE9vGM89FPz0gNCHKCYzUQt-VP-1GdHUIx5_vjkPKwmHUZLUrHJXnPIIso1buwoCxFKx8h5l3xaiMuu6-Mux8hn7kaPF_WDghmqi0JSPh09Y_oqVzbkSmCk7F7_CuSzacvzLdC3x4HVDaOOzNuRHFipBFZ_R8MN5f4oG0gUGbZXdWZYi2TYCAf8Q-YJQJWuQZV6j0eUsD69n9iG3qYwbTgwspO-A0jTjS5BfA2kXCpWbP4B6RAxAGPqRU85ZyQMT_5nvAyMdxf2O9tUMpotd71xRbx449PDQjtUhIMoa8h88TZwhF13Z6B-B0IQRAM2NUb0wZyKWCvHSm_Nw43sowo1tbClMxa6aqlfnNAqzoi_qOdnGOrFg3xi7NtAQz2O-o2N_yr8A7Jm-VNKHlRaMK7C8ZhlibRxEt2Szd2UgOVdAo_9eh_AnnmwGrut4qD2mpThWAhv_b6XtKp6VXZfiXZjMhaEVLQmgdmkzq-zvUzLo-sfmmHQFqhQh-KK3AwmDzckp-_8VZZGvHy5eg6dkCIIJjtVp7FcR8McKrUlu47fONt3Lt1aVnMU-tCo_yZjHMFD2r-BsgTrYrXRL6qsolKxCPUiJdCzR3bW4LDSLTQ597oQ3dXad8UyGY4Ko1gcWgR7cSaLnT8m6YxdCnqqxecEEtrZ99yjqXaFQflaVQ1FRT002_I_8X8qhxyKbh6vT3nP1M3x7XLWdDC0B4XxGShX3evBWAcn7u6h4xnKEtgaM-SnDcjxjyh-PIKJJDKXitscoMMnuwdZAox88VJPjR3kx5Qtwp7f2oWLwEtgn-fAbJl95bwifiXqFh98uVp-6BrbA9Ck1k8Dh49O8pf43nz_5puSjrBVKRDpDvwm2OWupa0ukZcxuu9xv32gtSAhIoztDuSKsmq3k5-UbRoznz6iLB8INHEPBZQefYcG4cZv1HVin9VR3kohjwTws__JG8y6RGG0SXMtbMaVII77QtlRFc85k7CAgQ_W8YZzGq1PKyZ4zD6H5nq5apKvMzN2HqYckfS6iQlLWEdy6OwJ81vMoMx3CZXVdzQc0cAhT-EkQV3kuQHvVMly1WXC_uktIOt8gDy7NoRife3G2rXm4WKQbDCKcdspGrf_W8P-FnuZ1k0ltc4lyBxpDPldy0H2rvM55XcF7isOItqbgedSDTFBMEGW28ENrj42DHG_XUMX0GMPHoLW7ctLHVX37PH_wl_e72z5av5-wfFkoU64by2-ox_8eOEFq-FPzF9Oz02YDJKYAsRj6bY1qTQupD8N42L0isytXo91Jv0zGSCtI_gDUxbAFp_gSu6h_4DicPv2bmpThHEyOSPkMyABS4u8UTpuTqvU8IsUCaxGTqz6wFLN0szET-aBiCsN-6oFEoq_8ZeVvYNoBLkgnA5TKUXj-Rb268eNKm6bcrGc8jsg8QXHxb6K1m4VOTu4JTyUIyrtHqTZ7kA-CgHCxjPOEL3RLttcdpiF3E8YcObHUwEsekaSc0QteCF_GYSjaNlFrRW11b9zxRtNchaz9g23n58uGJlCiskD40kS5YkOkRx0pk6CaD1azoyVFYcd_TPDXr5e7Mpt1X_G6FlS6Rkec_mOuEoNhCJ7C9tmMZDn2ZlctH584CgbkjHnmRNI3hrmIXftFPt5e5fPQsLp2-kEIxaYDVIUQph0XER1FojewXVw6N2jtK3v55bBgrKq8zOSChhOkrsFVSZA5Z0NK7rSJUOXU0KPt_yY3x10IWOpMhQsFTRH4rlthZVLsZs2PadeHnDxtcyiViz0Wmjd8WfCijl5YYb-SNB6pf9WGS1ajBFYOTMmqcktWVBDkWgNAwCdIyiWDOr5CrkasTRD_gRVm6nGcPHn_h9ngz5ahCWI7Xue4Kaj-shPusUrUSH5eKUNi94OYnkywSQ9ylV6WvMAHBT6Xb8KPXX6Oa2X6NRwTkxzAf7uHrpBMJopY4GnV748LM3inlOcvkZVWDMdbWBm5lCVe1wvt9h_oe1lZ_1i4smgEWAUzcJeTgEW8W3R7OSffOh4vHpKHBTglnad4PdllFZEX_e2PXHWAG_sRhiMyp8kJMzi0C0ToY9OTFkJ8uvC21lUkenSriB2H2e5mhrZmsAmhbnXOfOUxlowR0UnAlmadVNmf7Am4QKJOecTuwAVYlzLtMByeIs5cixV7_mwZ33ehUSDBt0ynk-BtEa8ooFJDZ8VOiidy3n5VQ_UVDKyHb0oegVkIGCSN8RV7rOIb35WlD4pUISmqcoTgy0u78Vu60U9Quk1G033tV3celysjtr5rK284TXptFfexMoLYpnaluRQj-F0W_MW6Vuy1OsPNR4ASlBQg8uNjc7HydS-mqT16aT1TSNsnuZxobye3l9gM6Lz2fHL1rCxJoBzegmLJ4hKunwH-9l3H94nw6ZsdH7V9weeCamObEhMw_yysimIx69wLeWa-eZsAAb73VLuEoDj9OhS74Sj1WAqEdqj6PwKFLp4IiGVEjt_rAfomwxhsGYP2UklR5P3dS3VVt-dX3QsAmTx-vsdTjK5Z78IH_O_n3GsEgSVGIpf-Qq8GZOp1TkXGGwbkFNQ9yv4Fr7SR1tJ5HHEyFGqv2bXlVFq-WUigVF4Jiv0Q6N0bDnSkkK8MB_fVCU&cid=CAQSPADUE5ymF6_x7Tuc_l3pKBdyKYYa-fB5IZ3wQtjYTPnkpm3t5Ru-4C-bBDZ63MwZLhBA93YUtR3tda0wtBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.netflu.com.br%2F&ds=l&xdt=1&iif=1&cor=17358801527394425000&adk=3944675600&idt=105&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1c151703179e283f29833ca6d39f0e16e6f383e8397593475cdf10a49f14b4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11579
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame C865 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
716d051a9d408e616477e1e26ea9eb08a61b19e7303c444f1ec0704eb9294e5d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gnpwep9tb2w4tahjep4b6t92njwa7sx9qzadyc62ydwfjbthxqn0hcynvr8zmmr4hkf5dx44vbp1y2zz601s00w5rqy36wc86fn3eyvg4bw3nkbybxafad8fcnw806e67yfg1x2ghxsrw123jkc6x5k9nz7ebycesk52xybg6h0hp176rwg2s2q1m4w4kc5vk86ak8t0dcqwafb4vmh8zyd16vm3h21yyhs9nr4ketk7qdzvm8rbqmymfvb1mfbf3h450mack8kw64m3hy83y6zgk62rzx2ff6tbx7q4za5mpgnxzh5p76kyrdwj11g2bdwce79d2eam3m5r8avyg49mjmxs1nvz5ec7qeb8fzcw1hztnfh6bt3r86kcn7nhgc5s8xjq5xcgqw34dcefqc5m7p75cnwatf1d7t09w7hg44ybn027x8hbjt5tbj9axyaw3tm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%26client%3Dca-pub-5022500717598236%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a1a38d279b1bb5c-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 14:10:13 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
OneSignalSDK.js
cdn.onesignal.com/sdks/ Frame FB66 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: netflu.onesignal.com
URL: https://netflu.onesignal.com/webPushIframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3565ea346e63fda91cc67ba8fc11e95b7482d5873a4f4c6a47c4185b772d9a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://netflu.onesignal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
138
etag
W/"5ffd70753209ca4d09cfef90e7c44df3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7a1a38d29f072be6-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 Mar 2023 14:10:13 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3F4C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cns_3qmz5GI7tNSVdPBzxu3DHhQmW5C-V8JnWUz_xWMZL15K9tCpLJkz6YVFtClAdLJ_M7Qv5ArgulH0jKhtqMDwdERXq4fzm4SvHZ-aJBDIFBJgNMj-KsTH5xRGuGSw7-ZSsaXY727moMGeJEvQGRgDTihMnJxPmU1LqrQHSIlnEKKHk&cry=1&dbm_d=AKAmf-DNSXET4L-24N_NhjaJ1GsJTPfoDrqVyI3Wr81Xpa6UhdozZUBFYHS55ex32WXXIZduil9LdQPKQIcEXeJ9Lji98PvdQLN2xCgBGeRGvW3AASsnxZFWSvBIrGk2Jo_bNlYgR64NIiHS7PjRyNGdPixb4lLkUV-DKthzcB2kKjrhVTTwoquIskj6JQM68xKURVr_zuCz52W01evGESWNYnfRNTENLDTSRdRfR8ykOLrumfFpN60oqF8n8Ke4hv7Z7Ic0HK9PqfC3BHbbgcscAc2EI1QUXpmqT0JifT4YksQX8EE9vGM89FPz0gNCHKCYzUQt-VP-1GdHUIx5_vjkPKwmHUZLUrHJXnPIIso1buwoCxFKx8h5l3xaiMuu6-Mux8hn7kaPF_WDghmqi0JSPh09Y_oqVzbkSmCk7F7_CuSzacvzLdC3x4HVDaOOzNuRHFipBFZ_R8MN5f4oG0gUGbZXdWZYi2TYCAf8Q-YJQJWuQZV6j0eUsD69n9iG3qYwbTgwspO-A0jTjS5BfA2kXCpWbP4B6RAxAGPqRU85ZyQMT_5nvAyMdxf2O9tUMpotd71xRbx449PDQjtUhIMoa8h88TZwhF13Z6B-B0IQRAM2NUb0wZyKWCvHSm_Nw43sowo1tbClMxa6aqlfnNAqzoi_qOdnGOrFg3xi7NtAQz2O-o2N_yr8A7Jm-VNKHlRaMK7C8ZhlibRxEt2Szd2UgOVdAo_9eh_AnnmwGrut4qD2mpThWAhv_b6XtKp6VXZfiXZjMhaEVLQmgdmkzq-zvUzLo-sfmmHQFqhQh-KK3AwmDzckp-_8VZZGvHy5eg6dkCIIJjtVp7FcR8McKrUlu47fONt3Lt1aVnMU-tCo_yZjHMFD2r-BsgTrYrXRL6qsolKxCPUiJdCzR3bW4LDSLTQ597oQ3dXad8UyGY4Ko1gcWgR7cSaLnT8m6YxdCnqqxecEEtrZ99yjqXaFQflaVQ1FRT002_I_8X8qhxyKbh6vT3nP1M3x7XLWdDC0B4XxGShX3evBWAcn7u6h4xnKEtgaM-SnDcjxjyh-PIKJJDKXitscoMMnuwdZAox88VJPjR3kx5Qtwp7f2oWLwEtgn-fAbJl95bwifiXqFh98uVp-6BrbA9Ck1k8Dh49O8pf43nz_5puSjrBVKRDpDvwm2OWupa0ukZcxuu9xv32gtSAhIoztDuSKsmq3k5-UbRoznz6iLB8INHEPBZQefYcG4cZv1HVin9VR3kohjwTws__JG8y6RGG0SXMtbMaVII77QtlRFc85k7CAgQ_W8YZzGq1PKyZ4zD6H5nq5apKvMzN2HqYckfS6iQlLWEdy6OwJ81vMoMx3CZXVdzQc0cAhT-EkQV3kuQHvVMly1WXC_uktIOt8gDy7NoRife3G2rXm4WKQbDCKcdspGrf_W8P-FnuZ1k0ltc4lyBxpDPldy0H2rvM55XcF7isOItqbgedSDTFBMEGW28ENrj42DHG_XUMX0GMPHoLW7ctLHVX37PH_wl_e72z5av5-wfFkoU64by2-ox_8eOEFq-FPzF9Oz02YDJKYAsRj6bY1qTQupD8N42L0isytXo91Jv0zGSCtI_gDUxbAFp_gSu6h_4DicPv2bmpThHEyOSPkMyABS4u8UTpuTqvU8IsUCaxGTqz6wFLN0szET-aBiCsN-6oFEoq_8ZeVvYNoBLkgnA5TKUXj-Rb268eNKm6bcrGc8jsg8QXHxb6K1m4VOTu4JTyUIyrtHqTZ7kA-CgHCxjPOEL3RLttcdpiF3E8YcObHUwEsekaSc0QteCF_GYSjaNlFrRW11b9zxRtNchaz9g23n58uGJlCiskD40kS5YkOkRx0pk6CaD1azoyVFYcd_TPDXr5e7Mpt1X_G6FlS6Rkec_mOuEoNhCJ7C9tmMZDn2ZlctH584CgbkjHnmRNI3hrmIXftFPt5e5fPQsLp2-kEIxaYDVIUQph0XER1FojewXVw6N2jtK3v55bBgrKq8zOSChhOkrsFVSZA5Z0NK7rSJUOXU0KPt_yY3x10IWOpMhQsFTRH4rlthZVLsZs2PadeHnDxtcyiViz0Wmjd8WfCijl5YYb-SNB6pf9WGS1ajBFYOTMmqcktWVBDkWgNAwCdIyiWDOr5CrkasTRD_gRVm6nGcPHn_h9ngz5ahCWI7Xue4Kaj-shPusUrUSH5eKUNi94OYnkywSQ9ylV6WvMAHBT6Xb8KPXX6Oa2X6NRwTkxzAf7uHrpBMJopY4GnV748LM3inlOcvkZVWDMdbWBm5lCVe1wvt9h_oe1lZ_1i4smgEWAUzcJeTgEW8W3R7OSffOh4vHpKHBTglnad4PdllFZEX_e2PXHWAG_sRhiMyp8kJMzi0C0ToY9OTFkJ8uvC21lUkenSriB2H2e5mhrZmsAmhbnXOfOUxlowR0UnAlmadVNmf7Am4QKJOecTuwAVYlzLtMByeIs5cixV7_mwZ33ehUSDBt0ynk-BtEa8ooFJDZ8VOiidy3n5VQ_UVDKyHb0oegVkIGCSN8RV7rOIb35WlD4pUISmqcoTgy0u78Vu60U9Quk1G033tV3celysjtr5rK284TXptFfexMoLYpnaluRQj-F0W_MW6Vuy1OsPNR4ASlBQg8uNjc7HydS-mqT16aT1TSNsnuZxobye3l9gM6Lz2fHL1rCxJoBzegmLJ4hKunwH-9l3H94nw6ZsdH7V9weeCamObEhMw_yysimIx69wLeWa-eZsAAb73VLuEoDj9OhS74Sj1WAqEdqj6PwKFLp4IiGVEjt_rAfomwxhsGYP2UklR5P3dS3VVt-dX3QsAmTx-vsdTjK5Z78IH_O_n3GsEgSVGIpf-Qq8GZOp1TkXGGwbkFNQ9yv4Fr7SR1tJ5HHEyFGqv2bXlVFq-WUigVF4Jiv0Q6N0bDnSkkK8MB_fVCU&cid=CAQSPADUE5ymF6_x7Tuc_l3pKBdyKYYa-fB5IZ3wQtjYTPnkpm3t5Ru-4C-bBDZ63MwZLhBA93YUtR3tda0wtBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.netflu.com.br%2F&ds=l&xdt=1&iif=1&cor=17358801527394425000&adk=3944675600&idt=105&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:40:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70204
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 18:40:09 GMT
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame C865 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
99402
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWByigDFFtkLZaFX6p8q6aUFqKJLP7GCVkP2%2FGqIAPFVd42p3WfsJVHui6C2gDZC%2BGGctHGk3ThQPawMuqOsB%2FHrcTMAbJy1QcT2t7g9X1v4F1hpxJtfXyneoRuDjcghHIdyS1x7VNc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a1a38d2da75bb5c-FRA
expires
Thu, 02 Mar 2023 15:10:13 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame C865 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2202786
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSlUfLM6B6PPSbfMNgaOMh93FEhAkI9rzGQ%2FrS7IXoeym0vsALjN1sJ7LtFUOAUXWZZ%2Fmt8vgl7ZFYbrrv8fU7x8C1OD7MWmKcVFefJwAJjPjCWZsLvbun74HP6J6icrIYJYbqaaUJBBlJUR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a1a38d30fa5904c-FRA
expires
Fri, 03 Mar 2023 14:10:13 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame C865 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35067
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FakwkaHl26pRZMOCo8MhMwbVxmJQtrUIy%2BAOLkV6SoHXbDHE7ZDXbdmozCMsSX3MeADzrqaixG6MyvC8UrX0w5tPHDWfSkVNSi9hKWNJZjsvIyAJ%2Be6SsQHl32jA%2BZAdVfbSxxc4ZlrSq5R%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a1a38d30fa7904c-FRA
expires
Fri, 03 Mar 2023 14:10:13 GMT
cshow.php
www.awin1.com/ Frame C865 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.132.42 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-132-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 14:10:13 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame C865 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2486102
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54554
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUhCgtGNjDYC%2B%2BdVYovu9tVvo9celGlGLeoS8V3MWzEjcqBX6Q28%2FiBbtlEfeURrxpWXHEzgNbp0Wle5mqfVA8R8SuLwDWbBCOJaNEkbiEfPsi1IYYY9MA17pgdDApz9cdIX5QBcTl%2BYN2gR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a1a38d30fa9904c-FRA
expires
Fri, 03 Mar 2023 14:10:13 GMT
BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
assets.ad4m.at/product_image/ Frame C865 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f517fb84e0461bf59d148d2cf42b9bdfd8cbee080020b56fc208f581ba556fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2529668
cf-polished
origSize=62182, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59907
cf-bgj
imgq:85,h2pri
last-modified
Wed, 09 Sep 2020 07:43:04 GMT
server
cloudflare
etag
"080d0c4839d9eb4fd08cffea44b1069a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gir%2FL5%2FtRuszheSqm6pGPMZ%2F%2Bh9lxQz62kXEudbtU2Nux%2FKHFMZZvscaeivCJuEk%2FOGNWYsgPL%2Bp6pUdxRLML92ljsMYXbS%2Fu65AzgsvQrtbk675NOxwjaJtH6acu58RRd%2BEQHQwvr6fKGQg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a1a38d30faa904c-FRA
expires
Fri, 03 Mar 2023 14:10:13 GMT
/
partner.o2online.de/a/ Frame C865
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COW2vJm2vf0CFaHzEQgdiIMBxg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023030215101482289520639X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023030215101482289520639X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023030215101482289520639X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 14:10:14 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023030215101482289520639X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023030215101482289520639X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date
Thu, 02 Mar 2023 14:10:14 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame C865 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
919122
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F26W3rRLz9lXehLG0ISKqIIDiTNUTUTa8r5nxWtdWEJkE9EWiizlsqZHDHdNlvAvUzS6MdMBq7dokQPNgycS7c9hLptuMrCu4viiBaeWUW76gHTsfT5TZ7dpErL89qg4pLQyxniEuq17zjgR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a1a38d30fa3904c-FRA
expires
Fri, 03 Mar 2023 14:10:13 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame C865 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2327923
cf-polished
origSize=342797, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
305593
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqB4DJ8BX8SdalWraFLMhXs36cmEYuJi0Vxki4%2FEdenm2h%2BfDKZw5weiOd0QG28D0QsGlJXRtTdxq8%2FY%2BzOvRsi5scUR2%2FLMeVsMaT2O0H%2FtGKHO29JrU1jVqM6kFduOY2iGn4OAVAOLbLkm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a1a38d30fa4904c-FRA
expires
Fri, 03 Mar 2023 14:10:13 GMT
ztpv.php
www.conrad.de/ Frame C865
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1677766213_f36ada20-b903-11ed-b520-223763a3e4ca&insert=AW&&gdpr=0&gdpr_consent=
0
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1677766213_f36ada20-b903-11ed-b520-223763a3e4ca&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=f261d9fa2385151e8e36cc72dde5bbeb%2F9415665555684787262&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677766213457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kh2760bs0qah3p6c2v8b6afr7md4y4wwacdbh2m6bjbd9mpmyzx5ze7twdv33stvztw78n4pfpcr9w7refggs7b58r1gb3bm8nwhmhm6p2gzby4d5158x18pw6csjdf59j8mybdbtrca06wgrfdz6xh0rnpevknr191664pg01471yyx165qg7kmm9yd09q4qkprhhgmgnac50cya4ejb9cvkewxj0xtqrzwav7b3wq9jehkd29dy754h2ekjy1a4xd9knnndn6tz38xvycnk78%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDw0CRK4AZMK_L5XFgAedqK2oA5DhgYRctqjCivACwI23ARABIABglbqAgpgHggEXY2EtcHViLTUwMjI1MDA3MTc1OTgyMzbIAQmpApRNQ-ZJ07E-4AIAqAMBqgTpAU_QhhSTm7-U7F2w4tvRo86Meh3oIBJtpH5KOaxXBs8FAGuurp8c-_D02UxLNVaMRMLo6HLFdvbzsPhkjBO2895Zrk3yv5Ys9QMZ4mNF88-WUVs7xRf04YEMnVxRFCJNFROiReM1X5DzUYNpVRfpTJrO2oSGPSaRuLh4tXV1852FJZhxiJZUawl0A_9kkcnwbVM1pCSobrsOpnGYKxKreSD5l0gOrnfWrvPYujS9ADDXZxLBs2YimgO4E5MJv8231t28BYEWxW1g2Q-CBaT9mYBg5_N1VcRQfvU57Ca30ewp41sobmI1YxzL4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31wgV3UQqmEkZPAQVOZZpHQ7CJ4g%2526client%253Dca-pub-5022500717598236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
cache-control
no-cache
cf-ray
7a1a38d51c852c6f-FRA
content-length
0
expires
-1

Redirect headers

Date
Thu, 02 Mar 2023 14:10:13 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1677766213_f36ada20-b903-11ed-b520-223763a3e4ca&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
data
a-fds.youborafds01.com/ 		116 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a-fds.youborafds01.com/data?outputformat=json&system=onefootball&pluginVersion=6.8.35-adapterless-js&requestNumber=0.09214048160704058&timemark=1677766213575
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1af8:4700:b214::101 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
a51391abc85480e9e19b43b5ebd907d3ea6ce53fa8fa08c42d8f56d7b00fe307

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Mar 2023 14:10:13 GMT
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Sat, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161235&gdpr=1&gdpr_consent=CO4SQrwO4SQs9AHABBENAyCsAP_AAH_AAAAAGStX_T9fb2vj-_5999t0eY1f9_63t-wjhgeMs-8NyZ-X_J4Wr2MyvB34JqQKGRgEunLBAQdlHGHcTQgAwIkViTL...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161235&gdpr=1&gdpr_consent=CO4SQrwO4SQs9AHABBENAyCsAP_AAH_AAAAAGStX_T9fb2vj-_5999t0eY1f9_63t-wjhgeMs-8NyZ-X_J4Wr2MyvB34JqQKGRgEunLBAQdlHGHcTQgAwIkViTL...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=161235&gdpr=1&gdpr_consent=CO4SQrwO4SQs9AHABBENAyCsAP_AAH_AAAAAGStX_T9fb2vj-_5999t0eY1f9_63t-wjhgeMs-8NyZ-X_J4Wr2MyvB34JqQKGRgEunLBAQdlHGHcTQgAwIkViTLMYk2MizNKJrJEilMbc2dYGG1vn8XTuZCY70-sP__zv3-_-33_4GSEEmCpfAQJCWMBJNmlUKIEIVxIVAOASghGEg0sNCRwU7I4CPUACABAYAIQIAQAgohJBAAIAAElEQAgAwIBEARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQTwAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161235%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fmedia.grid.bidswitch.net%252Fsync%253Ftp_id%253D27%2526tp_uid%253D%2523PMUID&rdf=1
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:12 GMT
content-length
0

Redirect headers

location
/AdServer/ImgSync?p=161235&gdpr=1&gdpr_consent=CO4SQrwO4SQs9AHABBENAyCsAP_AAH_AAAAAGStX_T9fb2vj-_5999t0eY1f9_63t-wjhgeMs-8NyZ-X_J4Wr2MyvB34JqQKGRgEunLBAQdlHGHcTQgAwIkViTLMYk2MizNKJrJEilMbc2dYGG1vn8XTuZCY70-sP__zv3-_-33_4GSEEmCpfAQJCWMBJNmlUKIEIVxIVAOASghGEg0sNCRwU7I4CPUACABAYAIQIAQAgohJBAAIAAElEQAgAwIBEARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQTwAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161235%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fmedia.grid.bidswitch.net%252Fsync%253Ftp_id%253D27%2526tp_uid%253D%2523PMUID&rdf=1
date
Thu, 02 Mar 2023 14:10:13 GMT
content-length
612
content-type
text/html; charset=utf-8
ATrJGUcF
cdn.jwplayer.com/v2/playlists/ 		134 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/ATrJGUcF
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
5431c5724e6a1087883b41e20ce1cee0b6cdf3c271797670e06334ba4de63cd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
gzip
via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
14750
x-amz-cf-id
hLVRLelbNJctuXDtTGbtxvJPxqVsojCDx_lRjqsthAdbu0AU2SuETA==
expires
Thu, 02 Mar 2023 14:13:13
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ Frame FB66 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3af293c92bffe2f5f6f31753be6de274bf677ee5c4de05428cf394d63d4941
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://netflu.onesignal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
129
etag
W/"725985d8b3cb9e8905cfe4c97cc83600"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7a1a38d2ef812be6-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 Mar 2023 14:10:13 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 76EE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
70234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 18:39:39 GMT
expires
Thu, 29 Feb 2024 18:39:39 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1887 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxinGpkVTcDCuRhF2kg2MWsKim40ZGj3SENTyurMkpjkMk-wniFx58rHwxgovFnHv_JhXWjigil4CBrqRZlx8qZidD9zzDxpcEbQmo2R4UrK3Mjdpm0OOqyj_Z1XWuDbN30NC6mg&sai=AMfl-YTirGFI30lFODREBI5AnufDq5EWR_z2HxQa3CdiVyyl3AgoutLyjIbkVckQr_7xs8YrGA8ajVEv90rymSabzUQIlx4nh8MH2jiwpHJCFR5hggXCYMcVZ2P_6wJc&sig=Cg0ArKJSzI4SKH8BJh2CEAE&cid=CAQSPADUE5ym9mzS8ZfThda1FmxnD6f5qQ5L7lfPXHPijIA44FoN_eXzti56VEE4eqUWa6HVsEBLdxZM8SQynRgB&id=ampim&o=315,939&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=133&tls=1134&g=100&h=100&tt=1135&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/e5c7e911-5c92-4f15-86ac-b163a1a36a09/ Frame FB66 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/e5c7e911-5c92-4f15-86ac-b163a1a36a09/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c4c829af973d83739e9158770fd649a4d6fb59939083fdb7534a4622bbe0f04
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://netflu.onesignal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
0
cf-polished
origSize=3407
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ae3d880e-72bb-47ad-a8af-690569117742
x-runtime
0.024154
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"6c154faf7ff6d2339a9cdc019bfbd887"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7a1a38d358232be6-FRA
access-control-allow-headers
SDK-Version
expires
Thu, 02 Mar 2023 15:10:13 GMT
fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
pagead2.googlesyndication.com/bg/ Frame 76EE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 12:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
5929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14340
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 12:31:24 GMT
ev
s.seedtag.com/e/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.2198981f6aeb1efb456f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.netflu.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
via
1.1 google
server
nginx
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://www.netflu.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 3F4C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1135760/65089096/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-BkSysaKR5EoCUJt-LSDpcrgrgw0wZ-nir6OQGLltcg8W8CqBuGE69...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-BkSysaKR5EoCUJt-LSDpcrgrgw0wZ-nir6OQGLltcg8W8CqBuGE69nllqYuHyLTUKjKtmh1pBkCY63_...
67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-BkSysaKR5EoCUJt-LSDpcrgrgw0wZ-nir6OQGLltcg8W8CqBuGE69nllqYuHyLTUKjKtmh1pBkCY63_Smrzs3IsPlcGyj-lLvztfDxXShFig5nkkIPm418wlI6WNBxGiTlmztgY27FW1Y9-Bu2j5Y-BowAhYCXl5VRAZw8V3G9uaRCe6oSqRQAoCZ_4L3GlPlZ1QpSNbhcRJUlYEZb37voeODV6nup95QhgNTH9DsYnxQdTW984Q_Z0Jm2p_fxyi0Ugw07es-telmdekVAQRerpMhGz2NeEImk968lqpgbISa17FhSb6GYU3kijFZ154t-fptvT5ygr6gZWtNnUL6AK8gR8MifoTUfT9g7kHk7SkzkWIUddENbCaAvRq5XKc8Kaervro0mZH27MbttDRf6l3C9TK9EqWs9R3nku2BnMjdjmbGM423W2z6lIg5k71tOixpzaByE8VvY9BTwrKCw3P2PtAPDoLYatnd_fmTBHVBdvMNeLj7gtI86qKUx6xUihSBsFb9daoSoErmqdEJPg_FFKv3kGO8-Phlif_kX2RkrrtQMGqCTmUerhUslVs1gQ0QY_7J7sudXH2gCg8j7BsftvLx0FqlGUaREnqHqRqiQd3qNilx1fOr6F4oUq9fwXkeYi300wnWnbxc-O_kmrRmSXsZiBeXnOARSSS_xu4AAXpbjCLbI6rrFrnjANXNTn_XuYkIi_qd76zSiSsYuJOz38AWwRACFnbSu79cHojJwNN-I41Ju80W25KuSZfoajrT0l5S3VcCtMBxOnFVZBVuhut6fcn_GbElBPzewRp232bOBn8IcrB7CxIqopz5Oqab2ioN3I811vQs8YZskt5GgP_TRej1100m-wjuZb8grYsoIqewtWRhtjvYajFz2CC8otRCYoQcn51diEcHwS_dtCZZ6ex-atd3hCBr-sik-RbSAO59gSVQtFOWCGMwjxe2TOkLsEjjlAnhBFNSYTBUvCnJ3GKrDIrDuME8Q4RfZZmqOMfRFGNIonaPzENbGGzs5lll79_qGi8Mf31_CwTSeCh_7LcxafCzVH6uYLKASTaNLmrIcltzkXl1JGnZSl7RLtt6aMWOTeea2gagyx1cNoU8W6a1tY-yQ37HIV-MuLCIDza4V5n-oV8fhhiYGetqftjZM-l5vW1SvE0K9BP9hFNnMmcUPQeaxGLckKSRQMOQQJTT7FDR6Hh2KBXYCNRIaA3wLLIUH3j5_hMl09u68suXBLh-6xSHQumcoaYRw4mUU6GUssLhn2x7rdczMnmDEVyeAbPFxghB-thisqdkSIskUz63pwVbvVxweoxwbNlqQLP3T5u-E2ZX6gzZrK4AstaM-0BWFWXS1g_ILM8ePAd67o_i4LOUMJFIv7DwDoZxj55I_tGnVrr4HcEWTzbB0r34Wf9vdSq1lWSgzvaMUsurjpgTbUIHfWCGpIhYntsnRNUKceaJDmxIDCCNHKcgIrrc16_qLTmPUvcpov_mQR4S295aPY9BkO3UmS8kJuIyryMpGWADyMjah8_W1lSXREiJQu1_Xk809QWUqnHBb3i-0P_eSF7D42rcRENzVn1zv3N0YLvgpi8gpqXDU2_7FsZ0qp2nI7RJUZO0fmhuvlUI3LLq8rGF4DZbYVZWSR3TC1UdyKR_LRw9nyV4apL_HVKP-uEFsVsWmQPvYxRLVdKA1C0K4lVzRP-cmidoZi1NB-awF5v2fnb6jlbgf-gxzZj7WsT0Cw3_n23UsrdD7udKkYxlgKZeWyGoW_WDSvqY3qteOg7i2DB_vUOJqxE-vrEK8SMzbBdznsGVWPLBMRzp1dyF7_sQWhWCzGdFkRUWccMaLJppdyB1DvbUItNbMIggMEphKtAKPfJoRNBd065-6U0osHucg0E06LSkRwRBY9SM2TLJ3-Chjw0q6b5yeLdh9yHnMjxWDU7JTTXlVFs0F8KnrUDiXIV_z07pDeHrqzoWdPr20p32JKWx_2pUOuL4qPTuZoNZyjf9eMtaw5a9xgSz-JIP6mAjQxloy1tfjZkrIhK7urSoNKRewSvb5blNIzgTCz3BeIn9tK3JZQ0Geq0IOYZxVMO_u9U8J-DvTpcCVgDqe1v1rX4IxCrXNF72TltVzsvbNCA-Sj6rS46KGvTWXNvScYZeArVeG9kysCKm3yqvzXtZF-KYOTBTxho9_ChHMXqw_NqmRelmrhvcaVgYzpkrHmeHfNuiZj-yxIIvjv4H4V_dM7WodrGep2eTYxcyTYWtFxuNGe-01G_qJmWIsD8Hmbk8K_zdIoKV1e6fgOjXKLkxkcOBvIDr6I_LfLs0qMRn1nA0kJKUM1bxVILLn1g-fSIGg23KiZvUzDjYPOTYTiaC7W5tffJOJJ0c139Zp3Z5kCt21ClpSU-YD3xp2D3T7fjamHeHvnkJCL40FIDvr7qJ2ePLb3KyHYIx-Ox9ICE6uf9yp5TXFjD73KfNNrsvWtNQALG6WcitXIWBpMWllxsBBbBKKcWDt_AJddyIJ92Ddchil8mF7uBA2KKaZcvt008hc56df8pOHxtk0YvU261fijm8i0U7EWIUpeJfsnpqDpzPCv80wT8zureWWDA8tXCSrjWb8v1pGvNvLkN-FIEy3Ufo6pzwe727C9xLzrKKh5nE4WXdQsDT7bsxvU0HSE5OIc5szLJ0Pv1QNpGwtGM3dpgeSoqczPQyOyi1zwT4FfVEn2Tjfx4TMswdaVJivgaERFcGCYuurh9WAwxWU3JSQNNK6gSM2ycz7l7hBcRNZ1b8c8nqKKm_tiJL3IroSwJlFWD7QH_s78TpoXzpx6Ei2FFWdN5iJsIl8l4C2rTJ42I9Qgg6ti3VAJzVxEis9TvrlWLLOq2leABzZM8Mjo5uf3_uU1WHCwOdFhCAapqfp6VUKV04SU6-g6lyYPfRnvF4hCCduOQoKdNu_tsrZu2W1QE_92GSc9Hwuw5jxR2D1uKGNMXlnWhOwY5nUpkfdmcSZmCfQXByUVL0ehFZC4Nru1EwPdjHhN9E30qSrfnFQtb12_rIqPELmzIvjwmpukWtliJmsNQ0KlD9z092KGPnruUCFUFK2lAYN1NBKqX0-fc2C8OjQrHc_Y5ncTEd-q_SUmFLnz8hWXe2d6B9MGazDiO0t6EN02PIwBFvy6kL8x8RNfsz4143wxMiXu3yrTrKhsszkpvc2CKJwZ8HWLqH2IeEsXvPh5u1S4A5I1oXVz4P-fuhhVDMDRn1h1Iomxz2FbHFrGdK9I5sEWczZxZCbhpi8rL5ZRPiQ9bo4t0n1NrOsMM4fFXYz6--F5dxZ2Wi2Do2EwT_SsZz64-0suAXgxL2dxe_5Six1Y-N0y1EEg5K-EoWh1qmHl9FuIQJbx3pccM6c72DoBXJSWF777gSzbKMuRXy3FPaHaq6tXsryP7-QCbBMtPcIbs8S8UUPOmwUlnEsSK2E2Wxes5I1ty010sSuVkiwVdcUmY6hIF5ZbkbjlLXMAKXP61Q3eQNJ-3eXVcT8jaNE_FDcLMISy9VBREs3g9glYRARzjt6kfXqXlMjDtFOpLwS6GEojpwEaHGQGFR7_92xFXuWetxpdcNAIw62snOhk7Xm1B24LNkpy1NWoe2OW0VaVlcn8W-iVn6Pvgoll1xwRzHLx6m25ebyVbUaQggEEjwA1BOcphev8e07nP5d6SgXcimGGvnweSGd8ELY2Ez55KZt7eUbvuAvmwQ2etzMGS4QQPd2FLUd7XWtMLQYAWAB
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.27.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f157.1e100.net
Software
cafe /
Resource Hash
f726f16e77faaa4a9a57064ba1dec683dc703ee9eeaa55257ffb7ac8156e4447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23635
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-BkSysaKR5EoCUJt-LSDpcrgrgw0wZ-nir6OQGLltcg8W8CqBuGE69nllqYuHyLTUKjKtmh1pBkCY63_Smrzs3IsPlcGyj-lLvztfDxXShFig5nkkIPm418wlI6WNBxGiTlmztgY27FW1Y9-Bu2j5Y-BowAhYCXl5VRAZw8V3G9uaRCe6oSqRQAoCZ_4L3GlPlZ1QpSNbhcRJUlYEZb37voeODV6nup95QhgNTH9DsYnxQdTW984Q_Z0Jm2p_fxyi0Ugw07es-telmdekVAQRerpMhGz2NeEImk968lqpgbISa17FhSb6GYU3kijFZ154t-fptvT5ygr6gZWtNnUL6AK8gR8MifoTUfT9g7kHk7SkzkWIUddENbCaAvRq5XKc8Kaervro0mZH27MbttDRf6l3C9TK9EqWs9R3nku2BnMjdjmbGM423W2z6lIg5k71tOixpzaByE8VvY9BTwrKCw3P2PtAPDoLYatnd_fmTBHVBdvMNeLj7gtI86qKUx6xUihSBsFb9daoSoErmqdEJPg_FFKv3kGO8-Phlif_kX2RkrrtQMGqCTmUerhUslVs1gQ0QY_7J7sudXH2gCg8j7BsftvLx0FqlGUaREnqHqRqiQd3qNilx1fOr6F4oUq9fwXkeYi300wnWnbxc-O_kmrRmSXsZiBeXnOARSSS_xu4AAXpbjCLbI6rrFrnjANXNTn_XuYkIi_qd76zSiSsYuJOz38AWwRACFnbSu79cHojJwNN-I41Ju80W25KuSZfoajrT0l5S3VcCtMBxOnFVZBVuhut6fcn_GbElBPzewRp232bOBn8IcrB7CxIqopz5Oqab2ioN3I811vQs8YZskt5GgP_TRej1100m-wjuZb8grYsoIqewtWRhtjvYajFz2CC8otRCYoQcn51diEcHwS_dtCZZ6ex-atd3hCBr-sik-RbSAO59gSVQtFOWCGMwjxe2TOkLsEjjlAnhBFNSYTBUvCnJ3GKrDIrDuME8Q4RfZZmqOMfRFGNIonaPzENbGGzs5lll79_qGi8Mf31_CwTSeCh_7LcxafCzVH6uYLKASTaNLmrIcltzkXl1JGnZSl7RLtt6aMWOTeea2gagyx1cNoU8W6a1tY-yQ37HIV-MuLCIDza4V5n-oV8fhhiYGetqftjZM-l5vW1SvE0K9BP9hFNnMmcUPQeaxGLckKSRQMOQQJTT7FDR6Hh2KBXYCNRIaA3wLLIUH3j5_hMl09u68suXBLh-6xSHQumcoaYRw4mUU6GUssLhn2x7rdczMnmDEVyeAbPFxghB-thisqdkSIskUz63pwVbvVxweoxwbNlqQLP3T5u-E2ZX6gzZrK4AstaM-0BWFWXS1g_ILM8ePAd67o_i4LOUMJFIv7DwDoZxj55I_tGnVrr4HcEWTzbB0r34Wf9vdSq1lWSgzvaMUsurjpgTbUIHfWCGpIhYntsnRNUKceaJDmxIDCCNHKcgIrrc16_qLTmPUvcpov_mQR4S295aPY9BkO3UmS8kJuIyryMpGWADyMjah8_W1lSXREiJQu1_Xk809QWUqnHBb3i-0P_eSF7D42rcRENzVn1zv3N0YLvgpi8gpqXDU2_7FsZ0qp2nI7RJUZO0fmhuvlUI3LLq8rGF4DZbYVZWSR3TC1UdyKR_LRw9nyV4apL_HVKP-uEFsVsWmQPvYxRLVdKA1C0K4lVzRP-cmidoZi1NB-awF5v2fnb6jlbgf-gxzZj7WsT0Cw3_n23UsrdD7udKkYxlgKZeWyGoW_WDSvqY3qteOg7i2DB_vUOJqxE-vrEK8SMzbBdznsGVWPLBMRzp1dyF7_sQWhWCzGdFkRUWccMaLJppdyB1DvbUItNbMIggMEphKtAKPfJoRNBd065-6U0osHucg0E06LSkRwRBY9SM2TLJ3-Chjw0q6b5yeLdh9yHnMjxWDU7JTTXlVFs0F8KnrUDiXIV_z07pDeHrqzoWdPr20p32JKWx_2pUOuL4qPTuZoNZyjf9eMtaw5a9xgSz-JIP6mAjQxloy1tfjZkrIhK7urSoNKRewSvb5blNIzgTCz3BeIn9tK3JZQ0Geq0IOYZxVMO_u9U8J-DvTpcCVgDqe1v1rX4IxCrXNF72TltVzsvbNCA-Sj6rS46KGvTWXNvScYZeArVeG9kysCKm3yqvzXtZF-KYOTBTxho9_ChHMXqw_NqmRelmrhvcaVgYzpkrHmeHfNuiZj-yxIIvjv4H4V_dM7WodrGep2eTYxcyTYWtFxuNGe-01G_qJmWIsD8Hmbk8K_zdIoKV1e6fgOjXKLkxkcOBvIDr6I_LfLs0qMRn1nA0kJKUM1bxVILLn1g-fSIGg23KiZvUzDjYPOTYTiaC7W5tffJOJJ0c139Zp3Z5kCt21ClpSU-YD3xp2D3T7fjamHeHvnkJCL40FIDvr7qJ2ePLb3KyHYIx-Ox9ICE6uf9yp5TXFjD73KfNNrsvWtNQALG6WcitXIWBpMWllxsBBbBKKcWDt_AJddyIJ92Ddchil8mF7uBA2KKaZcvt008hc56df8pOHxtk0YvU261fijm8i0U7EWIUpeJfsnpqDpzPCv80wT8zureWWDA8tXCSrjWb8v1pGvNvLkN-FIEy3Ufo6pzwe727C9xLzrKKh5nE4WXdQsDT7bsxvU0HSE5OIc5szLJ0Pv1QNpGwtGM3dpgeSoqczPQyOyi1zwT4FfVEn2Tjfx4TMswdaVJivgaERFcGCYuurh9WAwxWU3JSQNNK6gSM2ycz7l7hBcRNZ1b8c8nqKKm_tiJL3IroSwJlFWD7QH_s78TpoXzpx6Ei2FFWdN5iJsIl8l4C2rTJ42I9Qgg6ti3VAJzVxEis9TvrlWLLOq2leABzZM8Mjo5uf3_uU1WHCwOdFhCAapqfp6VUKV04SU6-g6lyYPfRnvF4hCCduOQoKdNu_tsrZu2W1QE_92GSc9Hwuw5jxR2D1uKGNMXlnWhOwY5nUpkfdmcSZmCfQXByUVL0ehFZC4Nru1EwPdjHhN9E30qSrfnFQtb12_rIqPELmzIvjwmpukWtliJmsNQ0KlD9z092KGPnruUCFUFK2lAYN1NBKqX0-fc2C8OjQrHc_Y5ncTEd-q_SUmFLnz8hWXe2d6B9MGazDiO0t6EN02PIwBFvy6kL8x8RNfsz4143wxMiXu3yrTrKhsszkpvc2CKJwZ8HWLqH2IeEsXvPh5u1S4A5I1oXVz4P-fuhhVDMDRn1h1Iomxz2FbHFrGdK9I5sEWczZxZCbhpi8rL5ZRPiQ9bo4t0n1NrOsMM4fFXYz6--F5dxZ2Wi2Do2EwT_SsZz64-0suAXgxL2dxe_5Six1Y-N0y1EEg5K-EoWh1qmHl9FuIQJbx3pccM6c72DoBXJSWF777gSzbKMuRXy3FPaHaq6tXsryP7-QCbBMtPcIbs8S8UUPOmwUlnEsSK2E2Wxes5I1ty010sSuVkiwVdcUmY6hIF5ZbkbjlLXMAKXP61Q3eQNJ-3eXVcT8jaNE_FDcLMISy9VBREs3g9glYRARzjt6kfXqXlMjDtFOpLwS6GEojpwEaHGQGFR7_92xFXuWetxpdcNAIw62snOhk7Xm1B24LNkpy1NWoe2OW0VaVlcn8W-iVn6Pvgoll1xwRzHLx6m25ebyVbUaQggEEjwA1BOcphev8e07nP5d6SgXcimGGvnweSGd8ELY2Ez55KZt7eUbvuAvmwQ2etzMGS4QQPd2FLUd7XWtMLQYAWAB
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame A723 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:aa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
13991637
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
dnragZyGnDvCtaIPVGYaF0cHNSabskk_GtdKs52zPmG9-QmxvMbvlQ==
dt
dt.adsafeprotected.com/ Frame 3F4C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=fac213d3-4bf9-6841-c588-84a3c5a76921&tv=%7Bc:5IhAdU,pingTime:-3,time:55,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txm83cr+111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C192%7C1a*.1135760-65089096%7C1a1%7C1a21%7C1b,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&br=c
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:9ba6:2dfb:92f2:ce4e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3F4C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=fac213d3-4bf9-6841-c588-84a3c5a76921&tv=%7Bc:5IhAdX,pingTime:-6,time:58,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:58,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txm83cr+111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C192%7C1a*.1135760-65089096%7C1a1%7C1a21%7C1b,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&tpiLookup=ao:www.netflu.com.br*&br=c
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:9ba6:2dfb:92f2:ce4e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3F4C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=fac213d3-4bf9-6841-c588-84a3c5a76921&tv=%7Bc:5IhAe3,pingTime:-2,time:64,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:381,beZ:382,mfA:385,cmA:386,inA:386,inZ:390,prA:390,prZ:395,si:400,poA:401,poZ:418,cmZ:418,mfZ:418,loA:438,loZ:440,ltA:444,ltZ:444%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B56~0%5D,as:%5B56~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txm83cr+111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C192%7C1a*.1135760-65089096%7C1a1%7C1a21%7C1b,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:20,sinceFw:42,readyFired:false%7D&br=c
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:9ba6:2dfb:92f2:ce4e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 76EE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiUTERa4AZOj_H8GrrATnk6DYAwAAAAA4AeAEAg&bg=!vb6lvurNAAbK-VRH6vk7ADkAdvg8WmPsBNo2BcJFH0aOWEK7aqOv3GBbJ0NA1Ww9hcmP226x8z4QMelL_I3S6yZxD_Ld678AChMCAAAAflIAAAAEaAEHmQL_Q471Z-tFTbWMMuevNrSNBbnGhTF8Uyup9fwBoAsioaDoANXkRw3BO1ES0c7jzkH5-tBCduC0_L5j9iD4589jwx-7SCLatgRu7Ap5I-nqmCXli-I2T6pvFS3fPvTTRGr5b1muVEQcbBBIJLKm5wDu_fjMTOSzACPP5WM3bj2YnmEHd1LavTb61cBlel4JeiwZKK2MBsA2OtVy2MUaLH_RoQPURtHkipCNQfrpopGIFHAJmLfqtgvReIZpUviHCSgM9RMqYToGtYnlDuG2NJ7yLToGfF9Z41bpxO0goR_44D2ElrR4cfJN8iJZeeGWanJPPW87cxNV8j06wwfTFuQ9uGj7gJlR2OMttnOqazB3EBLAhCgk12UOHDw9usm_uB7vkpb5trcEOMGhAeYOFA3zrpLC3G9hfdnwRQYdzUUJszeJ0cmroulemhOeaTGYAu5r3cyw-t5Gbv2QNJQNIINm_dN3d2ENDmAFOVxAoc9nHjvp6XDw7fqHgXE-IIW6MEL_wXL664l-bECuvaUx68bjTMouYEOvZ3c2rP1SRqXw5Rwy69-hlMOxWdcc-xZ_beiuOI0DGhxZmOT7dJKL352uz4RiloKarZ2ka4LCtrC5NTIvDLi6KcHF7TIw52N9s1Sfy3aPRToufeDQxhrN5au699i2fZG82xOnp8ZTNrqME56kLufuYym7qyMMuGz8DkNyHUxvmYtw1fcmnrFLYSuXBB_TCRq_txQs4PO0ZICxmgAHkWpeI0XPQoawQN9nTWKHT5gs1xqmN-SFG8rhbSlyIsvtQFhAS7a7cbPf5sYPvGPfw5sBVkMevLspGT12sLZxm2VOkuFQ1pJRq3Q70oLKjHNSME7VelemcXmEsPJBst5e2SVQ8oAX5_3fo-hrdA-IGFH7YDdtJOMtnJ-o2LFnvBVWt6B3P5l_yZRPaO19YMbnXUFZfs0QY5mVx5WizO50oiKLsPczmlMqCeapXTxvNj-tvDeUiC_rkSUvMrWJw1QWPXIU2xGx7lcaobXvYrc
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
90
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7a1a38d48ab42be6-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 01 Apr 2023 14:10:13 GMT
container.html
c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DCB0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.netflu.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 14:10:11 GMT
expires
Fri, 01 Mar 2024 14:10:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/ Frame CFD3 		2 KB
913 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/index.html
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75d21f8b6729b7182c639b60c4335ca2372ad1023a289e24552ea2638320fe76
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
65654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
875
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 19:55:59 GMT
expires
Thu, 29 Feb 2024 19:55:59 GMT
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame DCB0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdMzRRa4AZJDwHpHAgAeNgZDwA6-I95dvnZS1m-QQ2tkeEAEgseuylAFglbqAgpgHoAH_xLHOAsgBCakClE1D5knTsT7gAgCoAwHIA0iqBPUBT9B0xz-S1U5AKCu4K9bmRWl_3Wi0wmAg50VUWmNKC_uyG7JlbBGhxu8O2wKoQ1XgQUGSWpAMVWMGvgE7fHQAENzSo1BdavQadu546hen-Ca8asHWcXG-w14Nc-xvK-hSkr0aYTsVggyOTmsbFJi7owVbyoCAd35wFLTNgbiOFr_OHjrfo82S2Kfc7cv7J7sjdWfEw9VWL7hE2g-H7wWj9rv_YWP3iOp8IzrWp-xrFMMjbnAY1GGNPBJCyUUKmhBdWwzTCGWmWid5Ty1dUUuSG4MGSLIMVqUlwDdNy8h87IsbDkvxcLMhRVma3cWWr1c2SPUTQRzABM6Sjfn4AuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfpus6xAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMnSA9IIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTUwMjI1MDA3MTc1OTgyMzYY-74T&sigh=cckb7-Mlt0Q&uach_m=[UACH]&cid=CAQSOwDUE5ympOTGKrb3BbbdeKzAUrZX0yUWPl8aoJzSbMIlfkaixEU0_2QS0pswTLY76cLnHrqHwyAQy579GAE&template_id=419
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame DCB0 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 04:59:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
33024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9122
x-xss-protection
0
server
cafe
etag
6330344511044705610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Mar 2023 04:59:49 GMT
icon
onesignal.com/api/v1/apps/e5c7e911-5c92-4f15-86ac-b163a1a36a09/ 		192 B
579 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/e5c7e911-5c92-4f15-86ac-b163a1a36a09/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9748d6bba29e81c4c484e5698c9e09603f2b689f6d6ce23f2931951645c70e1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:13 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
43c8a3e6-7930-4bf7-9ac1-42ca36ea36de
x-runtime
0.006683
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e9748d6bba29e81c4c484e5698c9e096"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7a1a38d528c02bb0-FRA
access-control-allow-headers
SDK-Version
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame CFD3 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 01:06:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
47042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 03 Mar 2023 01:06:11 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CFD3 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 20:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
61982
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 02 Mar 2023 20:57:11 GMT
lottie.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/ Frame CFD3 		256 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/lottie.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e27b9cf011c3d5b006906bed6b2b64fbf0b82b2d4821f21dfdf00291c8c07be
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Mar 2023 09:58:56 GMT
age
101477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65920
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 09:58:56 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5245 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1395
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 13:46:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame DCB0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 04:59:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
33024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Mar 2023 04:59:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame DCB0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
70203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 18:40:10 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3F4C 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
Origin
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8881
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Mar 2023 11:42:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 3F4C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/65089096/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-BkSysaKR5EoCUJt-LSDpcrgrgw0wZ-nir6OQGLltcg8W8CqBuGE69nllqYuHyLTUKjKtmh1pBkCY63_Smrzs3IsPlcGyj-lLvztfDxXShFig5nkkIPm418wlI6WNBxGiTlmztgY27FW1Y9-Bu2j5Y-BowAhYCXl5VRAZw8V3G9uaRCe6oSqRQAoCZ_4L3GlPlZ1QpSNbhcRJUlYEZb37voeODV6nup95QhgNTH9DsYnxQdTW984Q_Z0Jm2p_fxyi0Ugw07es-telmdekVAQRerpMhGz2NeEImk968lqpgbISa17FhSb6GYU3kijFZ154t-fptvT5ygr6gZWtNnUL6AK8gR8MifoTUfT9g7kHk7SkzkWIUddENbCaAvRq5XKc8Kaervro0mZH27MbttDRf6l3C9TK9EqWs9R3nku2BnMjdjmbGM423W2z6lIg5k71tOixpzaByE8VvY9BTwrKCw3P2PtAPDoLYatnd_fmTBHVBdvMNeLj7gtI86qKUx6xUihSBsFb9daoSoErmqdEJPg_FFKv3kGO8-Phlif_kX2RkrrtQMGqCTmUerhUslVs1gQ0QY_7J7sudXH2gCg8j7BsftvLx0FqlGUaREnqHqRqiQd3qNilx1fOr6F4oUq9fwXkeYi300wnWnbxc-O_kmrRmSXsZiBeXnOARSSS_xu4AAXpbjCLbI6rrFrnjANXNTn_XuYkIi_qd76zSiSsYuJOz38AWwRACFnbSu79cHojJwNN-I41Ju80W25KuSZfoajrT0l5S3VcCtMBxOnFVZBVuhut6fcn_GbElBPzewRp232bOBn8IcrB7CxIqopz5Oqab2ioN3I811vQs8YZskt5GgP_TRej1100m-wjuZb8grYsoIqewtWRhtjvYajFz2CC8otRCYoQcn51diEcHwS_dtCZZ6ex-atd3hCBr-sik-RbSAO59gSVQtFOWCGMwjxe2TOkLsEjjlAnhBFNSYTBUvCnJ3GKrDIrDuME8Q4RfZZmqOMfRFGNIonaPzENbGGzs5lll79_qGi8Mf31_CwTSeCh_7LcxafCzVH6uYLKASTaNLmrIcltzkXl1JGnZSl7RLtt6aMWOTeea2gagyx1cNoU8W6a1tY-yQ37HIV-MuLCIDza4V5n-oV8fhhiYGetqftjZM-l5vW1SvE0K9BP9hFNnMmcUPQeaxGLckKSRQMOQQJTT7FDR6Hh2KBXYCNRIaA3wLLIUH3j5_hMl09u68suXBLh-6xSHQumcoaYRw4mUU6GUssLhn2x7rdczMnmDEVyeAbPFxghB-thisqdkSIskUz63pwVbvVxweoxwbNlqQLP3T5u-E2ZX6gzZrK4AstaM-0BWFWXS1g_ILM8ePAd67o_i4LOUMJFIv7DwDoZxj55I_tGnVrr4HcEWTzbB0r34Wf9vdSq1lWSgzvaMUsurjpgTbUIHfWCGpIhYntsnRNUKceaJDmxIDCCNHKcgIrrc16_qLTmPUvcpov_mQR4S295aPY9BkO3UmS8kJuIyryMpGWADyMjah8_W1lSXREiJQu1_Xk809QWUqnHBb3i-0P_eSF7D42rcRENzVn1zv3N0YLvgpi8gpqXDU2_7FsZ0qp2nI7RJUZO0fmhuvlUI3LLq8rGF4DZbYVZWSR3TC1UdyKR_LRw9nyV4apL_HVKP-uEFsVsWmQPvYxRLVdKA1C0K4lVzRP-cmidoZi1NB-awF5v2fnb6jlbgf-gxzZj7WsT0Cw3_n23UsrdD7udKkYxlgKZeWyGoW_WDSvqY3qteOg7i2DB_vUOJqxE-vrEK8SMzbBdznsGVWPLBMRzp1dyF7_sQWhWCzGdFkRUWccMaLJppdyB1DvbUItNbMIggMEphKtAKPfJoRNBd065-6U0osHucg0E06LSkRwRBY9SM2TLJ3-Chjw0q6b5yeLdh9yHnMjxWDU7JTTXlVFs0F8KnrUDiXIV_z07pDeHrqzoWdPr20p32JKWx_2pUOuL4qPTuZoNZyjf9eMtaw5a9xgSz-JIP6mAjQxloy1tfjZkrIhK7urSoNKRewSvb5blNIzgTCz3BeIn9tK3JZQ0Geq0IOYZxVMO_u9U8J-DvTpcCVgDqe1v1rX4IxCrXNF72TltVzsvbNCA-Sj6rS46KGvTWXNvScYZeArVeG9kysCKm3yqvzXtZF-KYOTBTxho9_ChHMXqw_NqmRelmrhvcaVgYzpkrHmeHfNuiZj-yxIIvjv4H4V_dM7WodrGep2eTYxcyTYWtFxuNGe-01G_qJmWIsD8Hmbk8K_zdIoKV1e6fgOjXKLkxkcOBvIDr6I_LfLs0qMRn1nA0kJKUM1bxVILLn1g-fSIGg23KiZvUzDjYPOTYTiaC7W5tffJOJJ0c139Zp3Z5kCt21ClpSU-YD3xp2D3T7fjamHeHvnkJCL40FIDvr7qJ2ePLb3KyHYIx-Ox9ICE6uf9yp5TXFjD73KfNNrsvWtNQALG6WcitXIWBpMWllxsBBbBKKcWDt_AJddyIJ92Ddchil8mF7uBA2KKaZcvt008hc56df8pOHxtk0YvU261fijm8i0U7EWIUpeJfsnpqDpzPCv80wT8zureWWDA8tXCSrjWb8v1pGvNvLkN-FIEy3Ufo6pzwe727C9xLzrKKh5nE4WXdQsDT7bsxvU0HSE5OIc5szLJ0Pv1QNpGwtGM3dpgeSoqczPQyOyi1zwT4FfVEn2Tjfx4TMswdaVJivgaERFcGCYuurh9WAwxWU3JSQNNK6gSM2ycz7l7hBcRNZ1b8c8nqKKm_tiJL3IroSwJlFWD7QH_s78TpoXzpx6Ei2FFWdN5iJsIl8l4C2rTJ42I9Qgg6ti3VAJzVxEis9TvrlWLLOq2leABzZM8Mjo5uf3_uU1WHCwOdFhCAapqfp6VUKV04SU6-g6lyYPfRnvF4hCCduOQoKdNu_tsrZu2W1QE_92GSc9Hwuw5jxR2D1uKGNMXlnWhOwY5nUpkfdmcSZmCfQXByUVL0ehFZC4Nru1EwPdjHhN9E30qSrfnFQtb12_rIqPELmzIvjwmpukWtliJmsNQ0KlD9z092KGPnruUCFUFK2lAYN1NBKqX0-fc2C8OjQrHc_Y5ncTEd-q_SUmFLnz8hWXe2d6B9MGazDiO0t6EN02PIwBFvy6kL8x8RNfsz4143wxMiXu3yrTrKhsszkpvc2CKJwZ8HWLqH2IeEsXvPh5u1S4A5I1oXVz4P-fuhhVDMDRn1h1Iomxz2FbHFrGdK9I5sEWczZxZCbhpi8rL5ZRPiQ9bo4t0n1NrOsMM4fFXYz6--F5dxZ2Wi2Do2EwT_SsZz64-0suAXgxL2dxe_5Six1Y-N0y1EEg5K-EoWh1qmHl9FuIQJbx3pccM6c72DoBXJSWF777gSzbKMuRXy3FPaHaq6tXsryP7-QCbBMtPcIbs8S8UUPOmwUlnEsSK2E2Wxes5I1ty010sSuVkiwVdcUmY6hIF5ZbkbjlLXMAKXP61Q3eQNJ-3eXVcT8jaNE_FDcLMISy9VBREs3g9glYRARzjt6kfXqXlMjDtFOpLwS6GEojpwEaHGQGFR7_92xFXuWetxpdcNAIw62snOhk7Xm1B24LNkpy1NWoe2OW0VaVlcn8W-iVn6Pvgoll1xwRzHLx6m25ebyVbUaQggEEjwA1BOcphev8e07nP5d6SgXcimGGvnweSGd8ELY2Ez55KZt7eUbvuAvmwQ2etzMGS4QQPd2FLUd7XWtMLQYAWAB&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-5022500717598236&ias_chanId=1&ias_placementId=18137318564&bidurl=https://www.netflu.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j1XKS4hlbH1NGniWjDgdVN&adsafe_url=https%3A%2F%2Fwww.netflu.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.netflu.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:fac213d3-4bf9-6841-c588-84a3c5a76921,c:5IhAdk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-qxcrj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:txm83cr+111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C192%7C1a*.1135760-65089096%7C1a1%7C1a21%7C1b,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:f345eda5-b903-11ed-8a73-2af2049f224f,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 19:26:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
67413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 19:26:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 3F4C 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/65089096/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-BkSysaKR5EoCUJt-LSDpcrgrgw0wZ-nir6OQGLltcg8W8CqBuGE69nllqYuHyLTUKjKtmh1pBkCY63_Smrzs3IsPlcGyj-lLvztfDxXShFig5nkkIPm418wlI6WNBxGiTlmztgY27FW1Y9-Bu2j5Y-BowAhYCXl5VRAZw8V3G9uaRCe6oSqRQAoCZ_4L3GlPlZ1QpSNbhcRJUlYEZb37voeODV6nup95QhgNTH9DsYnxQdTW984Q_Z0Jm2p_fxyi0Ugw07es-telmdekVAQRerpMhGz2NeEImk968lqpgbISa17FhSb6GYU3kijFZ154t-fptvT5ygr6gZWtNnUL6AK8gR8MifoTUfT9g7kHk7SkzkWIUddENbCaAvRq5XKc8Kaervro0mZH27MbttDRf6l3C9TK9EqWs9R3nku2BnMjdjmbGM423W2z6lIg5k71tOixpzaByE8VvY9BTwrKCw3P2PtAPDoLYatnd_fmTBHVBdvMNeLj7gtI86qKUx6xUihSBsFb9daoSoErmqdEJPg_FFKv3kGO8-Phlif_kX2RkrrtQMGqCTmUerhUslVs1gQ0QY_7J7sudXH2gCg8j7BsftvLx0FqlGUaREnqHqRqiQd3qNilx1fOr6F4oUq9fwXkeYi300wnWnbxc-O_kmrRmSXsZiBeXnOARSSS_xu4AAXpbjCLbI6rrFrnjANXNTn_XuYkIi_qd76zSiSsYuJOz38AWwRACFnbSu79cHojJwNN-I41Ju80W25KuSZfoajrT0l5S3VcCtMBxOnFVZBVuhut6fcn_GbElBPzewRp232bOBn8IcrB7CxIqopz5Oqab2ioN3I811vQs8YZskt5GgP_TRej1100m-wjuZb8grYsoIqewtWRhtjvYajFz2CC8otRCYoQcn51diEcHwS_dtCZZ6ex-atd3hCBr-sik-RbSAO59gSVQtFOWCGMwjxe2TOkLsEjjlAnhBFNSYTBUvCnJ3GKrDIrDuME8Q4RfZZmqOMfRFGNIonaPzENbGGzs5lll79_qGi8Mf31_CwTSeCh_7LcxafCzVH6uYLKASTaNLmrIcltzkXl1JGnZSl7RLtt6aMWOTeea2gagyx1cNoU8W6a1tY-yQ37HIV-MuLCIDza4V5n-oV8fhhiYGetqftjZM-l5vW1SvE0K9BP9hFNnMmcUPQeaxGLckKSRQMOQQJTT7FDR6Hh2KBXYCNRIaA3wLLIUH3j5_hMl09u68suXBLh-6xSHQumcoaYRw4mUU6GUssLhn2x7rdczMnmDEVyeAbPFxghB-thisqdkSIskUz63pwVbvVxweoxwbNlqQLP3T5u-E2ZX6gzZrK4AstaM-0BWFWXS1g_ILM8ePAd67o_i4LOUMJFIv7DwDoZxj55I_tGnVrr4HcEWTzbB0r34Wf9vdSq1lWSgzvaMUsurjpgTbUIHfWCGpIhYntsnRNUKceaJDmxIDCCNHKcgIrrc16_qLTmPUvcpov_mQR4S295aPY9BkO3UmS8kJuIyryMpGWADyMjah8_W1lSXREiJQu1_Xk809QWUqnHBb3i-0P_eSF7D42rcRENzVn1zv3N0YLvgpi8gpqXDU2_7FsZ0qp2nI7RJUZO0fmhuvlUI3LLq8rGF4DZbYVZWSR3TC1UdyKR_LRw9nyV4apL_HVKP-uEFsVsWmQPvYxRLVdKA1C0K4lVzRP-cmidoZi1NB-awF5v2fnb6jlbgf-gxzZj7WsT0Cw3_n23UsrdD7udKkYxlgKZeWyGoW_WDSvqY3qteOg7i2DB_vUOJqxE-vrEK8SMzbBdznsGVWPLBMRzp1dyF7_sQWhWCzGdFkRUWccMaLJppdyB1DvbUItNbMIggMEphKtAKPfJoRNBd065-6U0osHucg0E06LSkRwRBY9SM2TLJ3-Chjw0q6b5yeLdh9yHnMjxWDU7JTTXlVFs0F8KnrUDiXIV_z07pDeHrqzoWdPr20p32JKWx_2pUOuL4qPTuZoNZyjf9eMtaw5a9xgSz-JIP6mAjQxloy1tfjZkrIhK7urSoNKRewSvb5blNIzgTCz3BeIn9tK3JZQ0Geq0IOYZxVMO_u9U8J-DvTpcCVgDqe1v1rX4IxCrXNF72TltVzsvbNCA-Sj6rS46KGvTWXNvScYZeArVeG9kysCKm3yqvzXtZF-KYOTBTxho9_ChHMXqw_NqmRelmrhvcaVgYzpkrHmeHfNuiZj-yxIIvjv4H4V_dM7WodrGep2eTYxcyTYWtFxuNGe-01G_qJmWIsD8Hmbk8K_zdIoKV1e6fgOjXKLkxkcOBvIDr6I_LfLs0qMRn1nA0kJKUM1bxVILLn1g-fSIGg23KiZvUzDjYPOTYTiaC7W5tffJOJJ0c139Zp3Z5kCt21ClpSU-YD3xp2D3T7fjamHeHvnkJCL40FIDvr7qJ2ePLb3KyHYIx-Ox9ICE6uf9yp5TXFjD73KfNNrsvWtNQALG6WcitXIWBpMWllxsBBbBKKcWDt_AJddyIJ92Ddchil8mF7uBA2KKaZcvt008hc56df8pOHxtk0YvU261fijm8i0U7EWIUpeJfsnpqDpzPCv80wT8zureWWDA8tXCSrjWb8v1pGvNvLkN-FIEy3Ufo6pzwe727C9xLzrKKh5nE4WXdQsDT7bsxvU0HSE5OIc5szLJ0Pv1QNpGwtGM3dpgeSoqczPQyOyi1zwT4FfVEn2Tjfx4TMswdaVJivgaERFcGCYuurh9WAwxWU3JSQNNK6gSM2ycz7l7hBcRNZ1b8c8nqKKm_tiJL3IroSwJlFWD7QH_s78TpoXzpx6Ei2FFWdN5iJsIl8l4C2rTJ42I9Qgg6ti3VAJzVxEis9TvrlWLLOq2leABzZM8Mjo5uf3_uU1WHCwOdFhCAapqfp6VUKV04SU6-g6lyYPfRnvF4hCCduOQoKdNu_tsrZu2W1QE_92GSc9Hwuw5jxR2D1uKGNMXlnWhOwY5nUpkfdmcSZmCfQXByUVL0ehFZC4Nru1EwPdjHhN9E30qSrfnFQtb12_rIqPELmzIvjwmpukWtliJmsNQ0KlD9z092KGPnruUCFUFK2lAYN1NBKqX0-fc2C8OjQrHc_Y5ncTEd-q_SUmFLnz8hWXe2d6B9MGazDiO0t6EN02PIwBFvy6kL8x8RNfsz4143wxMiXu3yrTrKhsszkpvc2CKJwZ8HWLqH2IeEsXvPh5u1S4A5I1oXVz4P-fuhhVDMDRn1h1Iomxz2FbHFrGdK9I5sEWczZxZCbhpi8rL5ZRPiQ9bo4t0n1NrOsMM4fFXYz6--F5dxZ2Wi2Do2EwT_SsZz64-0suAXgxL2dxe_5Six1Y-N0y1EEg5K-EoWh1qmHl9FuIQJbx3pccM6c72DoBXJSWF777gSzbKMuRXy3FPaHaq6tXsryP7-QCbBMtPcIbs8S8UUPOmwUlnEsSK2E2Wxes5I1ty010sSuVkiwVdcUmY6hIF5ZbkbjlLXMAKXP61Q3eQNJ-3eXVcT8jaNE_FDcLMISy9VBREs3g9glYRARzjt6kfXqXlMjDtFOpLwS6GEojpwEaHGQGFR7_92xFXuWetxpdcNAIw62snOhk7Xm1B24LNkpy1NWoe2OW0VaVlcn8W-iVn6Pvgoll1xwRzHLx6m25ebyVbUaQggEEjwA1BOcphev8e07nP5d6SgXcimGGvnweSGd8ELY2Ez55KZt7eUbvuAvmwQ2etzMGS4QQPd2FLUd7XWtMLQYAWAB&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-5022500717598236&ias_chanId=1&ias_placementId=18137318564&bidurl=https://www.netflu.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j1XKS4hlbH1NGniWjDgdVN&adsafe_url=https%3A%2F%2Fwww.netflu.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.netflu.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:fac213d3-4bf9-6841-c588-84a3c5a76921,c:5IhAdk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-qxcrj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:txm83cr+111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C192%7C1a*.1135760-65089096%7C1a1%7C1a21%7C1b,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:f345eda5-b903-11ed-8a73-2af2049f224f,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 19:26:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
67433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11134
x-xss-protection
0
server
cafe
etag
11889138295710991679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 19:26:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5245
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 14:10:14 GMT
expires
Thu, 02 Mar 2023 14:10:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 14:10:14 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1917 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26920
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 06:41:34 GMT
etag
48472445140208031
expires
Fri, 03 Mar 2023 06:41:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3F4C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e552381c5ba0dd0551718fb2dbb520fe8dbf1e61f1ca7146e3804a57faa96ee2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
1d1f4328-0f60-4323-9e09-7676d8ce9964.jpg
img.onesignal.com/permanent/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/1d1f4328-0f60-4323-9e09-7676d8ce9964.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7566b096820a66669d85c4451083f1a5a1bb513baaa9a8de1af7c05ed9544dfd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Thu, 02 Mar 2023 14:10:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycdugxUNbTEk-ylL-XnLsduCi0a67NHXlqiBSVuJVs8G8brsXkOcaXAJI5ROAhX0pQ5ECxw_7ZkSJM_qEOOMWHlrBoEKTas0A
x-goog-meta-x-goog-source-etag
"880bf387b964af3c58cbd709fc53b81a"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39719
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:10:15 GMT
server
cloudflare
etag
"-CNr4/euElP0CEAE="
vary
Accept-Encoding
x-goog-generation
1676344215698522
content-type
application/octet-stream
x-goog-hash
crc32c=FRP4pQ==, md5=iAvzh7lkrzxYy9cJ/FO4Gg==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
39719
accept-ranges
bytes
cf-ray
7a1a38d5cb799b69-FRA
expires
Sun, 02 Apr 2023 14:10:14 GMT
l
www.google.com/ads/measurement/ Frame DCB0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOWur_GiCVtJVU9kOBA5akGiBFydTIqyNYl0QJo1K22ebJ3SorBW8OUJAextIBYDKdjbynWfe1YS-wNHWGAmRPaIvBtA
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DCB0 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 14:10:14 GMT
CbV_EX90_DE_728x90.json
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/ Frame CFD3 		39 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/CbV_EX90_DE_728x90.json
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/lottie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b591c2bd5beb4d406f3718497c9245a033b8d29f49732d9d0ef5f317584d7ad
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Mar 2023 09:58:57 GMT
age
101477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6203
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 09:58:57 GMT
truncated
/ Frame DCB0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
430e3e9eec71547c03961047d14d6dec0deb0f42450e7e6a4347cf83b316fab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 1917
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMwUpOIbscqIhGilcljx4ug&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMwUpOIbscqIhGilcljx4ug&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b0Y5NjV5Q2ExUHhKRG81&google_gid=CAESEMwUpOIbscqIhGilcljx4ug&google_cver=1&google_push=Aa02lx-gy2RrazbvPKdRICkiVFZHh1dgQWkid_xOZ5uYJUz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b0Y5NjV5Q2ExUHhKRG81&google_gid=CAESEMwUpOIbscqIhGilcljx4ug&google_cver=1&google_push=Aa02lx-gy2RrazbvPKdRICkiVFZHh1dgQWkid_xOZ5uYJUzY9jw77rIE_m5qwf5wGbk7lNUxmMxoIHuw-qK1m_cz1Zqa9HcI3Ljf-g
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 14:10:13 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-0f1140a1efbb82097@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b0Y5NjV5Q2ExUHhKRG81&google_gid=CAESEMwUpOIbscqIhGilcljx4ug&google_cver=1&google_push=Aa02lx-gy2RrazbvPKdRICkiVFZHh1dgQWkid_xOZ5uYJUzY9jw77rIE_m5qwf5wGbk7lNUxmMxoIHuw-qK1m_cz1Zqa9HcI3Ljf-g
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1917
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELKhdjPTlMrdyTDWoAToRVY&google_cver=1&google_push=Aa02lx-vi85nY-vf3W2ouxK1yg6gfejWuZDrK4zoDHgDB1_uuILdnhTs_GoU9J-gyeKJmpFVtzq9SORbgpf45KVEPjxMNQumW6fJ6w
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=385FD20595C241C19601DC5FF944F092&google_push=Aa02lx-vi85nY-vf3W2ouxK1yg6gfejWuZDrK4zoDHgDB1_uuILdnhTs_GoU9J-gyeKJmpFVtzq9SORbgpf45KV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=385FD20595C241C19601DC5FF944F092&google_push=Aa02lx-vi85nY-vf3W2ouxK1yg6gfejWuZDrK4zoDHgDB1_uuILdnhTs_GoU9J-gyeKJmpFVtzq9SORbgpf45KVEPjxMNQumW6fJ6w
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Mar 2023 14:10:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=385FD20595C241C19601DC5FF944F092&google_push=Aa02lx-vi85nY-vf3W2ouxK1yg6gfejWuZDrK4zoDHgDB1_uuILdnhTs_GoU9J-gyeKJmpFVtzq9SORbgpf45KVEPjxMNQumW6fJ6w
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 01 Mar 2023 14:10:14 GMT
google
match.adsrvr.org/track/cmf/ Frame 1917 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBj3QtbuvsEi1F5naLot_UY&google_cver=1&google_push=Aa02lx90-PtRqFzxUp1elg1OmkK3BnDOzdMRyPF0lSyHsIOckzLjQSW6nu_o7PRu6ikOeURKJcLDhvCFx5xEYnaH0MgoYyLqB9jZ
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1917
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAPexGiNXYwF_coe1gcqZss&google_cver=1&google_push=Aa02lx_YkfvcD-o1Yl4z6pesX4PiL-p-H9XX-ifl94TusoELpInkDEzUuhRdYRcQzxGiprUGuY72ZV7rkdZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_YkfvcD-o1Yl4z6pesX4PiL-p-H9XX-ifl94TusoELpInkDEzUuhRdYRcQzxGiprUGuY72ZV7rkdZM8zcbpUYAF8oxWTzM5Q&google_hm=iLYBRylYRPKrSA1174...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_YkfvcD-o1Yl4z6pesX4PiL-p-H9XX-ifl94TusoELpInkDEzUuhRdYRcQzxGiprUGuY72ZV7rkdZM8zcbpUYAF8oxWTzM5Q&google_hm=iLYBRylYRPKrSA1174CrHxU
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_YkfvcD-o1Yl4z6pesX4PiL-p-H9XX-ifl94TusoELpInkDEzUuhRdYRcQzxGiprUGuY72ZV7rkdZM8zcbpUYAF8oxWTzM5Q&google_hm=iLYBRylYRPKrSA1174CrHxU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1917
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOMpWeBhxlCcsMEPZtWuYis&google_cver=1&google_push=Aa02lx-XEm2-_z86-Em26Gmv9uyd86htqZrxYxzEgChHiyUU7KrGX8ZSlKsdYGsv2U4oGnnY4s7HV_FTNLTjb_...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTk1MTAxNTE3OTQ1MDUxNg%3D%3D&google_push=Aa02lx-XEm2-_z86-Em26Gmv9uyd86htqZrxYxzEgChHiyUU7KrGX8ZSlKsdYGsv2U4oGnnY4s7HV_FTNLTjb_B_EM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTk1MTAxNTE3OTQ1MDUxNg%3D%3D&google_push=Aa02lx-XEm2-_z86-Em26Gmv9uyd86htqZrxYxzEgChHiyUU7KrGX8ZSlKsdYGsv2U4oGnnY4s7HV_FTNLTjb_B_EMOKWV9REjAdzw
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTk1MTAxNTE3OTQ1MDUxNg%3D%3D&google_push=Aa02lx-XEm2-_z86-Em26Gmv9uyd86htqZrxYxzEgChHiyUU7KrGX8ZSlKsdYGsv2U4oGnnY4s7HV_FTNLTjb_B_EMOKWV9REjAdzw
Date
Thu, 02 Mar 2023 14:10:14 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 1917
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDLMwmghXNzPNIK2-nE8T6U&google_cver=1&google_push=Aa02lx8Icp5xfPds3lmrAkl-KDhSxkjc7W4RhTKWj50bnq4ZYYHoSZHrC7HRctgpd7jPmVY6DP0hXgg_ZTKM7VQL...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XiCoEyjHTBiYOwa_1cooaw2&google_push=Aa02lx8Icp5xfPds3lmrAkl-KDhSxkjc7W4RhTKWj50bnq4ZYYHoSZHrC7HRctgpd7jPmVY6DP0hXgg_ZTKM7VQLxaWVS6yfyzhPbA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XiCoEyjHTBiYOwa_1cooaw2&google_push=Aa02lx8Icp5xfPds3lmrAkl-KDhSxkjc7W4RhTKWj50bnq4ZYYHoSZHrC7HRctgpd7jPmVY6DP0hXgg_ZTKM7VQLxaWVS6yfyzhPbA
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Mar 2023 14:10:14 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XiCoEyjHTBiYOwa_1cooaw2&google_push=Aa02lx8Icp5xfPds3lmrAkl-KDhSxkjc7W4RhTKWj50bnq4ZYYHoSZHrC7HRctgpd7jPmVY6DP0hXgg_ZTKM7VQLxaWVS6yfyzhPbA
x-host
tde-deliveryengine-production-cdcfc8b9-j5zpc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
onetag-sys.com/match/ Frame 1917
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFFnX9DQ77BwVZHtuYlss7E&google_cver=1&google_push=Aa02lx9yJqv0OWlXvong3kHJOjc7lZm5lbc2g5_UJcjkhvgwooLwMudJZXoPoA71aItEQC4ZzWTM9ruXjbz...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9yJqv0OWlXvong3kHJOjc7lZm5lbc2g5_UJcjkhvgwooLwMudJZXoPoA71aItEQC4ZzWTM9ruXjbzh3O-OcVr3IZgNi0Xuyck
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1917 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0NdeCY1Slo8H9HPQ4H5fwoVsy5fFtHbBI2-1_K0p6L0n2ml_E_s1zY8U2z6RLAeKjsR3nCw
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
pagead2.googlesyndication.com/bg/ Frame CFD3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 12:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
5930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14340
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 12:31:24 GMT
img_0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/img_0.png
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52ea1b48e4258df3377131b9e34ad8689fd020e4db528a1ff46c74d6c569764
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 28 Feb 2023 15:30:34 GMT
x-content-type-options
nosniff
age
167980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2341
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Feb 2024 15:30:34 GMT
seq_0_0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_0.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
815c49bd4755baaedadbd1fe924bc5c973ab6c23377de815dc8ac6d33d83fb86
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 28 Feb 2023 15:30:34 GMT
x-content-type-options
nosniff
age
167980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5691
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Feb 2024 15:30:34 GMT
seq_0_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_1.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bbc83b21bc5cc339469c4be5e78189acbc4c81ea9b3aa3887e068138e8b4e4e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 28 Feb 2023 15:30:34 GMT
x-content-type-options
nosniff
age
167980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5714
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Feb 2024 15:30:34 GMT
seq_0_2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_2.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8eb2d4151ca070f4079a5d3a9a3bb0361972de65baa592c120d485ecebacacf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 09:58:57 GMT
x-content-type-options
nosniff
age
101477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5753
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 09:58:57 GMT
seq_0_3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_3.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eade249c49e3d6b8c7f05883b1dfb3fa0a68b123efa0d67988e91548ac020554
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 09:58:57 GMT
x-content-type-options
nosniff
age
101477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5796
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 09:58:57 GMT
seq_0_4.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_4.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f5806c6b9d3f139cc9677c296dc17b9f31f963e5e7bc6337cfa5a8a4a75fca0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 02 Mar 2023 13:40:31 GMT
x-content-type-options
nosniff
age
1783
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5842
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Mar 2024 13:40:31 GMT
seq_0_5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_5.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e92f4208e2499614e843d4da544f604c6e5c70e71e14d30f1b8e3ff53f13f96
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 28 Feb 2023 15:30:34 GMT
x-content-type-options
nosniff
age
167980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5879
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Feb 2024 15:30:34 GMT
seq_0_6.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_6.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2307527caa75b99a492d7cd4f1aba3ce00f86f35aaf9b3aa4bc7538ffc5098f2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 28 Feb 2023 15:30:34 GMT
x-content-type-options
nosniff
age
167980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5958
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Feb 2024 15:30:34 GMT
seq_0_7.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_7.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b5256b339d5e85f1686570073f66b07584878ca1c3ed852f479d167525aa8ab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 19:56:08 GMT
x-content-type-options
nosniff
age
65646
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6017
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 19:56:08 GMT
seq_0_8.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_8.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a0bec47a530f1732520dcc187f622f369e9499c169b7dcc64883381689b476e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 23 Feb 2023 16:41:30 GMT
x-content-type-options
nosniff
age
595724
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6117
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Feb 2024 16:41:30 GMT
seq_0_9.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_9.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f417e2a44cfb09105ec834fa11dfb7a403d8eb6b76eb7e1a610de7d855e04278
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 24 Feb 2023 07:10:46 GMT
x-content-type-options
nosniff
age
543568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6227
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Feb 2024 07:10:46 GMT
seq_0_10.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_10.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ded8e5efcdb3218505f91f8e2f3b67cd1f0e0144c552d7cdafe1e01b88dd9b7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 24 Feb 2023 07:10:46 GMT
x-content-type-options
nosniff
age
543568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6302
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Feb 2024 07:10:46 GMT
seq_0_11.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_11.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da62f23b675fba5c54572e804e26e556c1402355e7ef31c24fdcfa082ad7f65e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 09:58:57 GMT
x-content-type-options
nosniff
age
101477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6287
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 09:58:57 GMT
seq_0_12.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_12.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6828629c71917fd6a779be9bb55cef9b8d9baaf3214aa437b88ddf17fbe5433d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 02 Mar 2023 13:40:31 GMT
x-content-type-options
nosniff
age
1783
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6319
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Mar 2024 13:40:31 GMT
seq_0_13.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_13.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
552b898f48e2f2b166139414450d8d83aa6de2e968a769ab27e8cf9f2f5cc87f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 09:58:57 GMT
x-content-type-options
nosniff
age
101477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6331
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 09:58:57 GMT
seq_0_14.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_14.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e65fd8f3a62fb7dc9dfe93a384af96b69dec14833f6013cf9cb1635fc3738ae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 24 Feb 2023 07:10:46 GMT
x-content-type-options
nosniff
age
543568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6406
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Feb 2024 07:10:46 GMT
seq_0_15.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_15.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a0dd145aca0d65f73cb2551cae4de75bd171f55c8828d47eda137b03aa4f6d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 28 Feb 2023 15:30:34 GMT
x-content-type-options
nosniff
age
167980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6441
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Feb 2024 15:30:34 GMT
seq_0_16.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_16.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a7822251c53e8e9687547d1c929b6a51ec100d7d9ea72bb47ff72ff7b5b2f77
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 28 Feb 2023 15:30:34 GMT
x-content-type-options
nosniff
age
167980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6248
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Feb 2024 15:30:34 GMT
seq_0_17.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_17.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0c6f572259ba7bc2da499539e16f5f97d49724c09d76b559f0884d8e1eb83b0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 28 Feb 2023 15:30:34 GMT
x-content-type-options
nosniff
age
167980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6058
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Feb 2024 15:30:34 GMT
seq_0_18.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_18.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50ac9bde184967b1ce4aefd380b3c099f91a8e5d25536af5fe6b113ba8d95755
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 23 Feb 2023 16:41:31 GMT
x-content-type-options
nosniff
age
595723
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6025
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Feb 2024 16:41:31 GMT
seq_0_19.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_19.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abbdf3ee06881419a470e5e12f1dca59fbe36d1aa0c277f3667535954a113229
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 19:56:08 GMT
x-content-type-options
nosniff
age
65646
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6057
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 19:56:08 GMT
seq_0_20.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_20.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9a5330c178b89f744e12dc63155031d12fba59afb4f99c17e03c9d6470492b1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 09:58:57 GMT
x-content-type-options
nosniff
age
101477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6019
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 09:58:57 GMT
seq_0_21.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_21.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93c0b75fd3c58ef49f9f2e77ffa74637a383198db28cafcabaab1d16bb139967
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 24 Feb 2023 07:24:37 GMT
x-content-type-options
nosniff
age
542737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7616
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Feb 2024 07:24:37 GMT
seq_0_22.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_22.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf68736507b05fcab44becb4e5d97745f193fd582ddb0f0ce97c4b3d9a56aeac
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 28 Feb 2023 18:04:24 GMT
x-content-type-options
nosniff
age
158750
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7646
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Feb 2024 18:04:24 GMT
seq_0_23.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_23.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c100cae99b32ecea1154e1c3f7a3114598ec902959adbde83399ccb26189a307
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 23 Feb 2023 16:41:31 GMT
x-content-type-options
nosniff
age
595723
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7700
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Feb 2024 16:41:31 GMT
seq_0_24.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_24.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc6c1f70762f2558a6d2ad0036a453bb470e43aeea081060b63919db534dc351
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 19:56:09 GMT
x-content-type-options
nosniff
age
65645
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7792
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 19:56:09 GMT
seq_0_25.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_25.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4578b6eb60d2ee82bbf667e543623ca6858638f4cc0384f15cde09bbadebcf2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 23 Feb 2023 16:41:31 GMT
x-content-type-options
nosniff
age
595723
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7853
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Feb 2024 16:41:31 GMT
seq_0_26.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_26.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8023a98e6787ca767f1cbd822b1f2a6e79847e03f312ff4f9e9aac0d8bfbfbbd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 09:58:57 GMT
x-content-type-options
nosniff
age
101477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7926
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 09:58:57 GMT
seq_0_27.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_27.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52c0b180a246a31ad16492ee571e4bd1429bcbbee7e08a1163d846d58fb575a7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 23 Feb 2023 16:41:31 GMT
x-content-type-options
nosniff
age
595723
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7949
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Feb 2024 16:41:31 GMT
seq_0_28.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_28.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e5d356cd0f1e0f88c73085d009fb0030f14f894865f94c589b4a8c0ebb7e4c6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 28 Feb 2023 15:30:34 GMT
x-content-type-options
nosniff
age
167980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7947
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Feb 2024 15:30:34 GMT
seq_0_29.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_29.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15dbd2853035f312cde65601c8cb77556ec1c4fd5268e8a111a14d08286187f1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 19:56:09 GMT
x-content-type-options
nosniff
age
65645
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7976
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 19:56:09 GMT
seq_0_30.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_30.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e72f2e1d4d6b0e6579e7cd339a8543185b0c9112326b95dc55f1c447caae8ce
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 09:58:57 GMT
x-content-type-options
nosniff
age
101477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7993
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 09:58:57 GMT
seq_0_31.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_31.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e88f0126df37c0a1defd3f13747863042ae98dc108f87e1f0689b8962b52c28
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 09:58:57 GMT
x-content-type-options
nosniff
age
101477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8006
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 09:58:57 GMT
seq_0_32.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_32.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5d22a12dd1780d862cd11c77498c04d6a53d9a85a9e7787c1e52c014878c76e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 24 Feb 2023 09:11:36 GMT
x-content-type-options
nosniff
age
536318
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8064
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Feb 2024 09:11:36 GMT
seq_0_33.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_33.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59f8e4be8f7468ed580fedf96a14da94ad84bf77c270aecbf9aa4e0028f7f732
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 28 Feb 2023 15:30:34 GMT
x-content-type-options
nosniff
age
167980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8142
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Feb 2024 15:30:34 GMT
seq_0_34.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_34.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d7c3674a5cb4242b98b879f6204f508dbecef79993501f128c4b497bb0f3d71
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 24 Feb 2023 09:11:36 GMT
x-content-type-options
nosniff
age
536318
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8187
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Feb 2024 09:11:36 GMT
seq_0_35.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_35.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af986b91b88374e03825cdaec35a6b89bda024ab3b67f95fe216d4ab4913aee
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 19:56:09 GMT
x-content-type-options
nosniff
age
65645
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8181
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 19:56:09 GMT
seq_0_36.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_36.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7247da75888f67a5da64f0565975b818da547063fa7ceea49e606b4c942209b4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 19:56:09 GMT
x-content-type-options
nosniff
age
65645
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8208
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 19:56:09 GMT
seq_0_37.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_37.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54030c63f8bcd5fa8d75e2abc3b7e80004190959f3b5547bdff19e59f070a968
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 24 Feb 2023 14:39:57 GMT
x-content-type-options
nosniff
age
516617
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8206
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Feb 2024 14:39:57 GMT
seq_0_38.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_38.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43caf75433a66cfc45cbaf6b8c9f1cfeb4ccbac3b66de9189ffe4106dcdbd13f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 23 Feb 2023 18:07:13 GMT
x-content-type-options
nosniff
age
590581
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8213
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Feb 2024 18:07:13 GMT
seq_0_39.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_39.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae13104a956e5859857c643ac7c45382338579e4454ff2a4a347eff5029357bb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 09:58:57 GMT
x-content-type-options
nosniff
age
101477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8222
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 09:58:57 GMT
seq_0_40.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_40.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21e529d1f8a28760ded58b1672f0f745cbd3851358cf24c4a83d966d41c13f68
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 24 Feb 2023 07:24:38 GMT
x-content-type-options
nosniff
age
542736
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8277
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Feb 2024 07:24:38 GMT
seq_0_41.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_41.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d6858c27020d50d7980be3815c3ba409c1923ae24ff0fbcad74b32b88ebbbf5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 24 Feb 2023 09:11:36 GMT
x-content-type-options
nosniff
age
536318
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8331
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Feb 2024 09:11:36 GMT
seq_0_42.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_42.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab9d82f0dc887480d105f5a77b4681987586ec9a717b4ec1a6ecd83d27e26e59
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 23 Feb 2023 16:41:31 GMT
x-content-type-options
nosniff
age
595723
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8307
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Feb 2024 16:41:31 GMT
seq_0_43.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_43.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc145705b64db2c106285892c24d6a571cca5c75a7b80003f20c092cc2c8522
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 01 Mar 2023 09:58:57 GMT
x-content-type-options
nosniff
age
101477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8334
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Feb 2024 09:58:57 GMT
seq_0_44.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/ Frame CFD3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11393203926244038689/images/seq_0_44.jpg
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85a551b8751f62846f651970a2815982d155d808aec9c17f3779c39dadb729a5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 24 Feb 2023 14:39:57 GMT
x-content-type-options
nosniff
age
516617
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8323
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 11:50:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Feb 2024 14:39:57 GMT
dt
dt.adsafeprotected.com/ Frame 3F4C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=fac213d3-4bf9-6841-c588-84a3c5a76921&tv=%7Bc:5IhAkV,pingTime:-10,time:490,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xNzcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1677766214201%7C%7Cd98237dd831a39a09484eef3d87697d0%7C%7C15c1c3073e5c3cda0308b87e66c0c1e4%7C%7C16157a3c062181f26b7d36d30b029e0f%7C%7Cb18188f1d0070d8718429a6d8870f925%7C%7Ca744c1c676752ca9a60716cbce7f27a6%7C%7C7007dcb8d595f2cda110c576047a5f55%7C%7Ced815bf0fe97e07539445a4c886d4859%7C%7C1663701684%7D
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:9ba6:2dfb:92f2:ce4e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
index.html
s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/ Frame 2364 		96 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef7eb3381fef9ed7b86ffa769ea4158e7ba09737db1fca02a78db890fd6c4e63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
84192
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
32503
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 14:47:02 GMT
expires
Thu, 29 Feb 2024 14:47:02 GMT
last-modified
Fri, 26 Aug 2022 09:28:49 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3F4C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFhhLDhOeokse5DEPisODvYdULM3X7tbEuMCdxmBrCTTmChQbWeMGdHW2ic1DdN5U7BM_jx9WZ_wFQjiT5Y1Eng0Rl2fzU8M--_Oeoo-eg_HouUdWf7vXf3M3e7I0ZHxyTqLN2m9Llz98QeWT55QeLi_r1ST3eb39fh6P71ZKoFgeiG8edj2QLwyNaJhTascH90bwqyRXCnVUGPw&sai=AMfl-YQEK6UAgmYiB0QvjQ4jf6GakdwK3KWFkgp8y0z_GHUFghcKDzYS2qitZN4qSwpO168o-kzMXDsNfgfmH5uXA8J45gAzsZR5IU0htkxULvEVMTpgae8fTizEa3-hN9iL1LqghrEXR7SslGtyhO4sRsvqHas&sig=Cg0ArKJSzCyUzbhHfAsiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=239&cbvp=1&cstd=236&cisv=r20230227.31603&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Mar 2023 14:10:14 GMT
dt
dt.adsafeprotected.com/ Frame 3F4C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=fac213d3-4bf9-6841-c588-84a3c5a76921&tv=%7Bc:5IhAlU,time:551,type:e,im:%7Bpci:%7Btdr:505%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:551,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B543~0%5D,as:%5B543~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:444,fm:txm83cr+111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C192%7C1a*.1135760-65089096%7C1a1%7C1a21%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:20,sis:264%7D&br=c
Requested by
Host: c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:9ba6:2dfb:92f2:ce4e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
LogoLockup_Horz_RGB_white_190103.svg.js
s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/ Frame 2364 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/LogoLockup_Horz_RGB_white_190103.svg.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b816382266e2b466c5b024c651cc3fc8dd1c5c08e913ad064cb32707bbda3893
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3037
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 09:28:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Feb 2024 08:20:14 GMT
cta_German.svg.js
s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/ Frame 2364 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/cta_German.svg.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b47113c11f50ddd29c8d635ecdad9ca369691f9b8e94a02746b7b567a5eae837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1423
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 09:28:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Feb 2024 08:20:14 GMT
truncated
/ Frame 2364 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
186c6a8f5db1d9bc19132abdbfd2f4d655289254b890ce8a688353243fcffc38

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
font/woff;charset=utf-8
truncated
/ Frame 2364 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
246c92390c1fd796ca44b9a199c303edc4d0541388de50295243234a274c349c

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
font/woff;charset=utf-8
view
googleads4.g.doubleclick.net/pcs/ Frame 3F4C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFhhLDhOeokse5DEPisODvYdULM3X7tbEuMCdxmBrCTTmChQbWeMGdHW2ic1DdN5U7BM_jx9WZ_wFQjiT5Y1Eng0Rl2fzU8M--_Oeoo-eg_HouUdWf7vXf3M3e7I0ZHxyTqLN2m9Llz98QeWT55QeLi_r1ST3eb39fh6P71ZKoFgeiG8edj2QLwyNaJhTascH90bwqyRXCnVUGPw&sai=AMfl-YQEK6UAgmYiB0QvjQ4jf6GakdwK3KWFkgp8y0z_GHUFghcKDzYS2qitZN4qSwpO168o-kzMXDsNfgfmH5uXA8J45gAzsZR5IU0htkxULvEVMTpgae8fTizEa3-hN9iL1LqghrEXR7SslGtyhO4sRsvqHas&sig=Cg0ArKJSzCyUzbhHfAsiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=407&vt=11&dtpt=168&dett=3&cstd=236&cisv=r20230227.31603&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Mar 2023 14:10:14 GMT
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.netflu.com.br
URL: https://www.netflu.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:16:23 GMT
content-encoding
gzip
age
53631
x-guploader-uploadid
ADPycduwEeuu0OKKyxM48LX_1hTpgBsLPEoPaDHYCeUMyjWl3hKnLZHE_wdsT042OMKMW1I8Lw9oj5JbmVZ5T4USERY9PgolSOtR
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6114
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"1f6a2c178b385e908b632664e93aed26"
vary
X-Goog-Allowed-Resources
x-goog-hash
crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation
1663611635525811
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
expires
Thu, 02 Mar 2023 23:16:23 GMT
js
www.googletagmanager.com/gtag/ 		178 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-931232517
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a52f0baad27d3a937a9cac160c46ed8567dba6348e6ef9b669328f97b6ce6d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66128
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 14:10:14 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-814785950
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bede11b81bb7b9435d8a7b8c6b70a373d48b3e3c20bdd1d4b4092c0a59552372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70312
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 14:10:14 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-863330933
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3bc317d4ed7d549e6307a2d1d21812dfdcec5cc873725caf467853fad5b0f6b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70368
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 14:10:14 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801247112
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82fb644e62966dde4576d1f6fa22c4fc7f29cc52e1838ee7c37f83229e82371f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70519
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 14:10:14 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-863330933
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6c87ae830b3a92ab31a30cfd8d697b9c5326728ac4a30547965c7926a48fcb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70278
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 14:10:14 GMT
js
www.googletagmanager.com/gtag/ 		130 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-863330933
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e7075698f1ae7ef94a2d7ae732ed306814c85158987dc9cb50d040cdc7fce57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51370
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 14:10:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e67a56e2b1638bf63662e97590276d692f825df8f9544c9c039049d14729b9db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11352
x-xss-protection
0
ingest.php
events.newsroom.bi/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1268
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.159.24 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy02.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.netflu.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.netflu.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
Sustainability_Animated-Banner_Mtn.jpg
s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/ Frame 2364 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/Sustainability_Animated-Banner_Mtn.jpg?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c19430dec5a95c300db95804be68eb95fe97842044be813d012e4e8f249306f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:20:14 GMT
x-content-type-options
nosniff
age
280200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32696
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 09:28:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Feb 2024 08:20:14 GMT
Sustainability_Animated-Banner_Building.jpg
s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/ Frame 2364 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/Sustainability_Animated-Banner_Building.jpg?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
932a7c23b068db53a7e415a957229b44a523a46ff2faaeafcca6ea6b7a4b1dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 14:47:02 GMT
x-content-type-options
nosniff
age
84192
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52937
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 09:28:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Feb 2024 14:47:02 GMT
truncated
/ Frame 2364 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
952ab746efdbdc1bfca11953740e9f91b53fef4f7e63ac9be66efc18c7326017

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 3B67 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIh0HBrscN7-GOJVt_3_MTvvsPVy8vd-GBBjN_bpqN_oKcmFRJn6FzcSK6HAkOrdSocyTbidv5wiMiiUudmFrYlTmS&sig=Cg0ArKJSzOGDBoko8nM7EAE&id=lidar2&mcvt=1016&p=1199,436,1289,1164&mtos=820,954,1016,1070,1119&tos=820,134,62,54,49&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2062749448&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677766213027&rpt=266&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 20:22:20 GMT
content-encoding
gzip
age
64074
x-guploader-uploadid
ADPycdtgtieqFLEMXnZianMZ9VHqMNAgnfrM7nBe6qFTX3JVbGTmNCmE_bjwwykiMBdGPcSUNHzcvClZmhI4huIu7Lbx9A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8332
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"e3068e8113c8f02d9b9a31f913c7a062"
x-goog-hash
crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation
1663611635449519
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
expires
Thu, 02 Mar 2023 20:22:20 GMT
trk
tt-9964-3.seg.t.tailtarget.com/ 		70 B
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1677766214&tM=direct&tL=direct&tN=direct&tY=3&tZ=347254125
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
trk
tt-12765-5.seg.t.tailtarget.com/ 		70 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-12765-5.seg.t.tailtarget.com/trk?tA=TT-12765-5&tJ=_channel:sdt-netflu:1&tK=1677766214&tM=direct&tL=direct&tN=direct&tY=3&tZ=624239754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
u
b.t.tailtarget.com/ 		54 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
4792930c163541d9f79be55d698a5126f4ed2917817d5550573472180d132448

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
u
b.t.tailtarget.com/ 		75 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttq_tt_seedtag
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
716855a5e635b2cb79cfd65dd9fd45f1ba3a57441efb30d8f64125dee9531460

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Sustainability_Animated-Banner_Mtn.jpg
s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/ Frame 2364 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/Sustainability_Animated-Banner_Mtn.jpg?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c19430dec5a95c300db95804be68eb95fe97842044be813d012e4e8f249306f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:20:14 GMT
x-content-type-options
nosniff
age
280200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32696
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 09:28:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Feb 2024 08:20:14 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1677766214536&cv=11&fst=1677766214536&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&auid=1584816808.1677766211&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34609d4a2116693ca826dd48cb21e799c3286ddd0e89fe565b54744198addae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1270
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 14:10:14 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1677766214553&cv=11&fst=1677766214553&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&auid=1584816808.1677766211&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d46a3d130efe67dda9884e1ed6f54bd33be3cd09a74ff90eb91746fe8bfc873
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1267
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Sustainability_Animated-Banner_Building.jpg
s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/ Frame 2364 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/Sustainability_Animated-Banner_Building.jpg?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
932a7c23b068db53a7e415a957229b44a523a46ff2faaeafcca6ea6b7a4b1dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6835855717317525788/DE-DEU_IA-12_0_300x600_BAN-A_HTML5_TOFU-no-B2P-Mountain-CIO-Networking-Collab_voroth026873_5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 14:47:02 GMT
x-content-type-options
nosniff
age
84192
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52937
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 09:28:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Feb 2024 14:47:02 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1677766214569&cv=11&fst=1677766214569&bg=ffffff&guid=ON&async=1&gtm=45be3310h2&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&auid=1584816808.1677766211&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801247112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74523865e55cfbf795e783ee036da1b39d8ae9bb467e5d611765a16a6a6b0a26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inference.js
ssl.p.jwpcdn.com/player/plugins/inference/v/0.7.1/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/plugins/inference/v/0.7.1/inference.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3b17f9af560b005fba3b568590792d952f2bd4a9e5cfe0357b0ecdd545ca16c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 varnish
age
7300219
x-cache
HIT
content-length
5464
x-served-by
cache-hhn-etou8220079-HHN
last-modified
Mon, 04 Oct 2021 07:39:43 GMT
server
AmazonS3
x-timer
S1677766215.673792,VS0,VE0
etag
"a777fcd9584e62f04dc53d548d8adb31"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
accept-ranges
bytes
x-cache-hits
138240
googima.js
ssl.p.jwpcdn.com/player/v/8.26.7/ 		72 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.7/googima.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
430e4597ebba5140dfadf5963eb0bcfcf7ff71badbad4126d0e3a9043b7388b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 varnish
age
75752
x-cache
HIT
content-length
21630
x-served-by
cache-hhn-etou8220079-HHN
last-modified
Wed, 01 Feb 2023 22:12:09 GMT
server
AmazonS3
x-timer
S1677766215.673521,VS0,VE0
etag
"99503cad4b0021a97aab5ae4eb6ad5d3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
23232
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.26.7/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.7/jwpsrv.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5e929fe786cb273ae24885e53cf4599ca16884943ff512cbec16d3cfb1a3742

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 varnish
age
454
x-cache
HIT
content-length
19075
x-served-by
cache-hhn-etou8220079-HHN
last-modified
Thu, 16 Feb 2023 15:12:25 GMT
server
AmazonS3
x-timer
S1677766215.673792,VS0,VE0
etag
"e28011008bd6bf017e5113f2a521730b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
619
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.26.7/ 		314 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.7/jwplayer.core.controls.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8dcdb97b936e83cd384481d7e7ffba55be3e82a5430bad91db42875df89442c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 varnish
age
2408561
x-cache
HIT
content-length
84256
x-served-by
cache-hhn-etou8220079-HHN
last-modified
Wed, 01 Feb 2023 22:12:03 GMT
server
AmazonS3
x-timer
S1677766215.673419,VS0,VE0
etag
"e832152b2c4c605778600b8f6e92708b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
328822
pt.json
ssl.p.jwpcdn.com/player/v/8.26.7/translations/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.7/translations/pt.json
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e131cde2cb0c7a07be92160d5080716139f800636d471cd2c0a5e3c1310cf4f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 varnish
age
1961649
x-cache
HIT
content-length
1449
x-served-by
cache-hhn-etou8220069-HHN
last-modified
Wed, 01 Feb 2023 22:12:14 GMT
server
AmazonS3
x-timer
S1677766215.672753,VS0,VE0
etag
"d38ea3780a421961071427e9dd1f73a3"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
111
batch
www.google-analytics.com/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/batch
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.netflu.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.netflu.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
fluminensefc.png
dugout.com/images/publishers/logos/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dugout.com/images/publishers/logos/fluminensefc.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-26.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a2c1cec0cc914945a04fd49efca205cdf943b50db6b20cc6616445d18e2d735

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
05QYAtM4oALe21WJgOQRWiuy5bY0VXuA
date
Thu, 02 Mar 2023 06:23:43 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Thu, 23 Dec 2021 16:04:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
28298
etag
"f9dc44378a754befca785fc87a09458a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9779
x-amz-cf-id
Mlxda0TNMMJ6gKYp9F2ZiYnrOrvSXl4UKfuzWnv6DTQBjmYPmoP43w==
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.26.7/ 		384 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.7/provider.hlsjs.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a89111fc96f8f2517eb088dd43dacc9befd4b4ca2aef8efbcacd864ed219d7c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 varnish
age
2408531
x-cache
HIT
content-length
114181
x-served-by
cache-hhn-etou8220079-HHN
last-modified
Wed, 01 Feb 2023 22:12:06 GMT
server
AmazonS3
x-timer
S1677766215.673249,VS0,VE0
etag
"6e5de24a8a5486514f62e7f4a1909c22"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
230871
fluminensefc-400.jpg
embed.dugout.com/assets/bumpers/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.dugout.com/assets/bumpers/fluminensefc-400.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1e00:8:ced9:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
/
www.google.com/pagead/1p-user-list/AW-931232517/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1677766214536&cv=11&fst=1677765600000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4121140760&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/AW-931232517/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1677766214536&cv=11&fst=1677765600000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4121140760&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/814785950/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/814785950/?random=1677766214553&cv=11&fst=1677765600000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=595267032&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/814785950/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/814785950/?random=1677766214553&cv=11&fst=1677765600000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=595267032&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A32 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.netflu.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30627
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 05:39:47 GMT
expires
Fri, 01 Mar 2024 05:39:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0508 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b7943edab00a3bb40fab9ae0ee9f94f8711fc5ac93b5cc237797de0e7bd5e06
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C45M7VVlXAh38fjvVhOyQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.netflu.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-C45M7VVlXAh38fjvVhOyQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 14:10:14 GMT
expires
Thu, 02 Mar 2023 14:10:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.google.com/pagead/1p-user-list/801247112/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/801247112/?random=1677766214569&cv=11&fst=1677765600000&bg=ffffff&guid=ON&async=1&gtm=45be3310h2&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1271761070&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/801247112/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/801247112/?random=1677766214569&cv=11&fst=1677765600000&bg=ffffff&guid=ON&async=1&gtm=45be3310h2&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.netflu.com.br%2F&tiba=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1271761070&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
pagead2.googlesyndication.com/bg/ Frame 5A32 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 12:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
5930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14340
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 12:31:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0508 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022801&jk=4084414213667510&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
b
b.t.tailtarget.com/ 		92 B
542 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=3&tU=0100007F46AE00644C072A2E023C0703&tX=b.52&tZ=392304485
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
6a1ae61f6453993d57966a1b729dee2d9a4d0795bebb42e4600ca6401e1ec5f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
b
b.t.tailtarget.com/ 		134 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-12765-5&tY=1&tS=3&tU=0100007F46AE00644A07C72B022C0703&tX=b.52&tZ=81682842&env=_ttq_tt_seedtag
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
d8b022cd5f13558d5d29feac8a4b53690907332a3b5454983a72f19b3421e40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
R6zixFK+Eei17gpVuA4vVw.json
entitlements.jwplayer.com/ 		69 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/R6zixFK+Eei17gpVuA4vVw.json
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6767) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
last-modified
Thu, 02 Mar 2023 11:30:09 GMT
server
ECAcc (frb/6767)
age
9605
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=10740
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		362 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32da02f599892468c7a58fe88da372b97c0fccdce8f2dba4877eed604ea3d0ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124064
x-xss-protection
0
expires
Thu, 02 Mar 2023 14:10:14 GMT
vWsikaHo-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/vWsikaHo-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/vWsikaHo-120.vtt
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/vWsikaHo-120.vtt
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c83d3318ce9122faa58c01dd9aa3b0849459b699291cf2d77ab52278e12b4f40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
920
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
914
x-served-by
cache-iad-kiad7000067-IAD, cache-hhn-etou8220069-HHN
last-modified
Thu, 02 Mar 2023 02:34:44 GMT
server
nginx
x-timer
S1677766215.867212,VS0,VE0
etag
"564523181b46a9816b06b1ed5b41a34b"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
10, 3

Redirect headers

date
Thu, 02 Mar 2023 14:08:32 GMT
via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA2-C2
age
102
x-cache
Hit from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/vWsikaHo-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
euwfvjHrTyhhN8oz7mxWgZluSqQxIxSVME9ZdH5L61FBvI7-Mh8l2Q==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.26.7/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.7/provider.cast.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e93504ee318829c063364b97032cf44a4f056d33b3a0a8bec0588eebe0c6fbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 varnish
age
2408529
x-cache
HIT
content-length
9825
x-served-by
cache-hhn-etou8220079-HHN
last-modified
Wed, 01 Feb 2023 22:12:06 GMT
server
AmazonS3
x-timer
S1677766215.836995,VS0,VE0
etag
"7e728588ac6da81379bf66097d2fdc82"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
109722
related.js
ssl.p.jwpcdn.com/player/v/8.26.7/ 		102 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.7/related.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f968c0c82cd9ce6c05e3e381b54f010d5cf69067c4b09d17ec4ae95ade01f5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
via
1.1 varnish
age
2408528
x-cache
HIT
content-length
24950
x-served-by
cache-hhn-etou8220079-HHN
last-modified
Wed, 01 Feb 2023 22:12:07 GMT
server
AmazonS3
x-timer
S1677766215.837003,VS0,VE0
etag
"d121da9c00573a7d1035df51ef5d8e29"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
273624
fluminensefc.png
dugout.com/images/publishers/logos/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dugout.com/images/publishers/logos/fluminensefc.png
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-26.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a2c1cec0cc914945a04fd49efca205cdf943b50db6b20cc6616445d18e2d735

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
05QYAtM4oALe21WJgOQRWiuy5bY0VXuA
date
Thu, 02 Mar 2023 06:23:43 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Thu, 23 Dec 2021 16:04:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
28298
etag
"f9dc44378a754befca785fc87a09458a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9779
x-amz-cf-id
369DDvtO0Jua3UHfX_sqQyKvSz55b9I2mmtGhCrmh-SE5O98oHjYjw==
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1619981217&e=e&n=7222204206342879&abc=0&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=1o25n9s10lia&i=0&id=vWsikaHo&lid=13tnjizwe9dr&lsa=set&mt=1&pbd=1&pbr=1&pgi=7kp6s71ce355&ph=1&pid=yvulrUV8&pii=0&pl=182&plc=30&pli=1jrmbr47dz0y&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=NETFLU%20-%20Fluminense%3A%20%C3%9Altimas%20not%C3%ADcias%2C%20v%C3%ADdeos%2C%20onde%20assistir%20e%20pr%C3%B3ximos%20jogos&pu=https%3A%2F%2Fwww.netflu.com.br%2F&pv=8.26.7&pyc=0&s=0&sdk=0&stc=1&stpe=1&t=Gabriel%20Pirani%20revela%20expectativas%20no%20Fluminense%20e%20de%20voltar%20a%20trabalhar%20com%20Diniz&tv=3.42.0&vb=0&vi=0&vl=0&wd=324&ab=1&cae=0&cb=1&cdid=player-1&cme=0&dd=1&fed=ATrJGUcF&flc=0&fv=&ga=0&ipv=0.7.1&lng=pt-BR&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FvWsikaHo.m3u8&pbc=1&pd=2&pdr=&plng=pt-BR&plt=4100&pni=1&po=0&pogt=NETFLU&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22iconsActive%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23FFFFFF%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22textActive%22%3A%22%23FFFFFF%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23F2F2F2%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23000000%22%7D%7D&sp=0&st=230&sa=1677766214831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220079-HHN
date
Thu, 02 Mar 2023 14:10:14 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/netflu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 14:10:15 GMT
generate_204
tpc.googlesyndication.com/ Frame 5A32 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VXYeVQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bridge3.558.0_pt.html
imasdk.googleapis.com/js/core/ Frame D3D5 		695 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.558.0_pt.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94f553a8c0e1e12bc99da7a2b116d57bc0bf5212ad90e5391b22d2f5d1481db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.netflu.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
566232
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227512
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Feb 2023 00:53:02 GMT
expires
Sat, 24 Feb 2024 00:53:02 GMT
last-modified
Thu, 23 Feb 2023 23:56:11 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Mar 2023 14:10:14 GMT
ca
tt-9964-3.seg.t.tailtarget.com/ 		75 B
112 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=541665947
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
00eea5918b4bdd209f12ee940800d98a78ccde4983ee6859a03d4fd854c286e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:15 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ca
tt-12765-5.seg.t.tailtarget.com/ 		82 B
120 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-12765-5.seg.t.tailtarget.com/ca?tZ=503626058&env=_ttq_tt_seedtag
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
b864e926fba5325d01f0c8ca9215fe0b2fe920ec8a11d77bb9863bbd437a135a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:15 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Thu, 02 Mar 2023 14:10:15 GMT
cast_sender.js
www.gstatic.com/eureka/clank/110/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/110/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14851
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 16:13:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 03 Mar 2023 11:05:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DCB0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1O-9saIWbq-ay81dY8rBOSHqzUfnPBfilCIAWsPt5WGm3MhlRdDdAt5Fqq6wGul7ypo9i4vJXPquWNy8UkW2P0t5RsyZ65bjv0zy_RjbUGXt2vicHxNVY6LK_EaFoZlLhkVrpUU0C-HD9aaIGGpIW0t6IjlcSrGAn&sai=AMfl-YRo2My1nkycI9QJnHYU4jbXJ4qsth3htsM38EhW1NGWQF6YZzNFMU4xS1nYwyBo2U6FPSTVdnTccok1fc5aA0B_mxQjQ5iFWwnNTYRgzGIdzhy-LQn7m_kif2Y&sig=Cg0ArKJSzLLG1jJLDgr2EAE&cid=CAQSOwDUE5ympOTGKrb3BbbdeKzAUrZX0yUWPl8aoJzSbMIlfkaixEU0_2QS0pswTLY76cLnHrqHwyAQy579GAE&id=lidar2&mcvt=1002&p=241,436,331,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=4089589787&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677766213851&rpt=253&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tr
www.facebook.com/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 02 Mar 2023 14:10:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
doubleclick
cm.t.tailtarget.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMHYskt7zighEODd6Y5mHn4&google_cver=1&google_ula=862479430,0
70 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMHYskt7zighEODd6Y5mHn4&google_cver=1&google_ula=862479430,0
Protocol
H2
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:15 GMT
via
1.1 google
server
nginx/1.17.8
content-type
image/png
cache-control
no-cache
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMHYskt7zighEODd6Y5mHn4&google_cver=1&google_ula=862479430,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__tt.gif
t.tailtarget.com/ 		43 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=___de_1677766214797_3648182805&tJ=CA15795,CA15771&tQ=r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007F46AE00644C072A2E023C0703&tX=b.52&tY=1&tZ=548066816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:15 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
__tt.gif
t.tailtarget.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-12765-5&tE=1&tF=&tI=___de_1677766214797_3648182805&tJ=&tQ=sdt-netflu&tU=0100007F46AE00644A07C72B022C0703&tX=b.52&tY=1&tZ=715196831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:15 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
NJerEC45-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/MdTp8Bi4/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/NJerEC45-120.jpg
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/NJerEC45-120.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3908fb9a2df6c4d6c4981af9cf6aacbb2792a94bd97db15edb182ff14fb8df39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:10:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
174
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
7176
x-served-by
cache-iad-kiad7000024-IAD, cache-hhn-etou8220079-HHN
last-modified
Tue, 28 Feb 2023 16:53:33 GMT
server
nginx
x-timer
S1677766216.557404,VS0,VE95
etag
"edcc13aa2847a78354b7fec569789594"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3, 1

Redirect headers

date
Thu, 02 Mar 2023 14:10:15 GMT
via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA2-C2
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/NJerEC45-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Wp9uMEf40RbfQOPlMy4tEOjBVUuIXpvHcGyJBLfOY7RqK43jh1B8Xw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F4C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2875969394208&version=m202301230201&ct=76&x=1&cor=17358801527394425000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 14:10:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022801&jk=4084414213667510&bg=!5eal5rLNAAbK-VRH6vk7ADkAdvg8WuvN5BYKxyBy9Ge9IcIkntzry_7Bw83DDOQ3IQBX9THsHJmHqlXrwEyb6ZBvsYKZJOEXInwCAAAAyFIAAAACaAEHCgBmkY9Ia56dmVmjKArb72QCMJCEraXU8Wy8UUgKPLLX9eaI27Foc8UIIuqp81CPJ247QXTTeK1UYnJUs1ipHOuPjNbwqBMFSxIFGqCPXRXVcAZPNdrCNxK8576xuKH2IVMW4uMrRMidmQKodIkSeJvfxWUUB2Y5cRqoVrDZm6jfGOaQfw2A-Zp9CtKALLLX6OgSKQF1fRfeeinAveOji8M3m5xPgNmPYXN816bJuj4wLP2sqhX_wRwD1Ue5Paxi0byK2Lb7sCOLNZc3sVOhbl1isXyjDjMT0PxxV1EjoXVx3b6lvTtUiG9r-v4Dc36wYPma9KfNw14dp8dEtGdfx7FnNOFfjJ8jRvAG530q3H6vR207Opcc3BC5laiK1wxw_3xBREPFqOYulGicT87GUklDf6Elm9GwP1k2ZzCOLfDYRXrtf1AXSVlIHwgoTUy0Wk5MiMEqfS8vsB03JoNTq13Kf_-74bKOBmVTZAVsyAlYW4TVNK6jXUwNcJgtdFYKE4DF-xUNOo5r9k53PyBn6Sei1hXAM0v5r1rKP2_dCRSFiNXYX-UnYy-SC8XYxaJcxHaXDqcLS_r7B-JKgBCOdORqjncBWy3kdl4cs3nvMQ9MxqPtl0LmmdLnO2_l8yZbiGIlJU_MA3sbrJZb_k_yKbcBk-o1sWyzHTT3Odz7BPz0PZNyOO0uXR8NeAfpUPvpurMhRXypKzmhRTVGviDJOO4mln4V6reV5iAyK6ho63toSbTQi4Ah1YsG9TZs4feVX0_8ipI75fhQ1SLn0dFzF0_HDVv7K-D1gEiipUFMBNl-KMFzwgLyn_JQvmaoRrXwkYW7SesQGTw1uIv4Tr5rki1qFEeI7RXQZc5ORIOCxnJKMntXDoqzBA4z447RDZgL_6Nxf8AwXwpfny8sC2jaiH2TjoLQG1UYfME1VVZhmhBoSC9LjqI5BpoHfzJVrj-mgjO5IUBzRGKLEixDlJPhmon9QS-agnlB46975pEf3C5pztbC-W0RG4HSF0N2sVigvs3fSu9KZQol4_eqfMscVK023gA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netflu.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
ev
s.seedtag.com/e/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.2198981f6aeb1efb456f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.netflu.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Mar 2023 14:10:17 GMT
via
1.1 google
server
nginx
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://www.netflu.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

329 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 boolean| credentialless object| marfeel object| mrf object| _wpemojiSettings undefined| $ function| jQuery object| seoAutomatedLinkBuilding function| documentInitOneSignal function| OneSignal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| td_ad_background_click_link string| td_ad_background_click_target string| GoogleAnalyticsObject function| ga object| googletag function| gtag object| dataLayer function| e function| t object| _comscore string| zoneid_desktop string| zoneid_mobile number| limit_width number| limit_height string| zoneid_selected boolean| cto_isOnMobile number| externalBottomMargin number| externalLeftMargin number| externalRightMargin number| internalTopMargin number| internalBottomMargin number| internalLeftMargin number| internalRightMargin number| red number| green number| blue number| bgOpacity number| widthOfBorder number| borderRed number| borderGreen number| borderBlue number| closePosition string| closeCrossColor string| closeMessage number| closeRed number| closeGreen number| closeBlue boolean| appearingAnimationEffect boolean| disappearingAnimationEffect number| animationTime function| setInOutAnimation function| removeInOutAnimation function| ctoClose function| ctoInitialize object| block_td_uid_2_6400adfbdcfc2 object| block_td_uid_3_6400adfc1f0fe object| store function| setIconActive object| mini object| expand object| miniList object| fullList object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass object| COMSCORE function| udm_ object| ns_p function| onYouTubeIframeAPIReady object| twemoji object| wp object| AMP object| __springserveSyncScript string| dugout_country_code string| dugout_url_sig number| dugout_url_exp function| clearImmediate function| setImmediate object| regeneratorRuntime number| of_alpha string| dugout_imp function| Dugout function| parcelRequireda84 function| dugout_stop_floating function| dugout_start_floating object| webpackChunkjwplayer function| jwplayer object| dugout number| dugout_init_count function| dugout_init object| float string| app_bundle string| app_name string| app_url string| app_ifa string| app_gdpr string| path object| block_td_uid_5_6400adfc6f75f object| ggeac object| google_js_reporting_queue object| _taboola boolean| mrf_resized function| td_smooth_scroll object| tdDetect object| tdViewport object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height object| tdLoadingBox object| td_ajax_search string| tdModalImageLastEl function| tdModalImage object| tdBlocks object| td_mod_pattern_email function| handle_login_for_modal_window function| handle_register_for_modal_window function| handle_forgot_password_for_modal_window function| show_hide_content_modala function| modala_swich_tabs function| modala_add_remove_class function| td_modala_empty_err_div function| td_modala_write_err_div function| td_modala_empty_all_fields function| td_modala_call_ajax object| td_current_panel_stat object| tdTrendingNowObject object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayer object| tdVimeoPlaylistObj object| tdPlaylistGeneralFunctions function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite object| $ULs function| $f object| addComment function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| retornoLahar function| fetcher function| documentReady undefined| myScript undefined| body string| RT_CAMPAIGNS_URL function| _0x5954 boolean| force boolean| debug function| _0x11ce object| _seedtagq object| webpackJsonp1677760171157 object| autozep number| x undefined| google_measure_js_timing number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 function| requestAnimationFrame1 function| cancelAnimationFrame1 boolean| _seedtagLoaded object| _seedtag object| TTTagManager function| TTTagManagerError object| _ttq object| bciaConfig object| bcia function| autozep_init function| autozep_clear object| hkn string| type string| adunit string| sel object| sz number| mp number| of number| iLength object| filteredArray object| transposedArray object| divToInsert object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| regionIndex object| _ttq_tt_seedtag object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager string| n string| nq object| cmds object| _ttconversion object| ttcNamespace object| _tt_seedtag string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder object| GoogleGcLKhOms object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| closure_lm_265619 object| closure_lm_186696 object| cast object| google_image_requests

73 Cookies

Domain/Path Name / Value
.netflu.com.br/ Name: _gcl_au
Value: 1.1.1584816808.1677766211
.netflu.com.br/ Name: _gid
Value: GA1.3.432516788.1677766211
.netflu.com.br/ Name: _gat
Value: 1
.netflu.com.br/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1677766211%2C%22currentVisitStarted%22%3A1677766211%2C%22sessionId%22%3A%229afb42be-0bac-45a2-a7d6-4f4e8db0646f%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.netflu.com.br/%22%2C%22referrer%22%3A%22%22%7D
.netflu.com.br/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1677766211%2C%22userId%22%3A%224b350171-7211-4a31-8efb-72ade34f787c%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1677766211%2C%22timesVisited%22%3A1%7D
.netflu.com.br/ Name: compass_uid
Value: 4b350171-7211-4a31-8efb-72ade34f787c
.netflu.com.br/ Name: _ga_JXN5WJ3NNM
Value: GS1.1.1677766211.1.0.1677766211.0.0.0
.netflu.com.br/ Name: _ga
Value: GA1.1.1112351711.1677766211
events.newsroom.bi/ Name: 1268_u
Value: 4b350171-7211-4a31-8efb-72ade34f787c
events.newsroom.bi/ Name: 1268_s
Value: 9afb42be-0bac-45a2-a7d6-4f4e8db0646f
events.newsroom.bi/ Name: 1268_lv
Value: null
events.newsroom.bi/ Name: 1268_ut
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUniEMy80-HstesR2XIjmE57ld4vqErICFYBuJehnziqY4y7N8PmE3sYJOUE
.adnxs.com/ Name: uuid2
Value: 1656581579555146187
.casalemedia.com/ Name: CMID
Value: ZACuQ0pg9LL.x0NqimZP2gAA
.casalemedia.com/ Name: CMPS
Value: 1171
.casalemedia.com/ Name: CMPRO
Value: 1171
.advertising.com/ Name: A3
Value: d=AQABBEOuAGQCEIeJnkbUp7Km5IVrGOBcfHMFEgEBAQH_AWQKZAAAAAAA_eMAAA&S=AQAAAqhkAEEUGifCb-kbyQNm7GI
.spotxchange.com/ Name: audience
Value: f23334e9-b903-11ed-a446-14604df00306
www.netflu.com.br/ Name: _ia_loc_c
Value: DE
www.netflu.com.br/ Name: _ia_loc_r
Value: TH
www.netflu.com.br/ Name: bc_int_ads
Value: %7B%22v%22%3A1%2C%22r%22%3A%22DE%22%2C%22sportsbook%22%3A%5B%5D%7D
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 87c4e814ed689c3e
.sxp.smartclip.net/ Name: uuid
Value: 07d6406a-43ae-0064-4cb8-400c46cb4e63
.sxp.smartclip.net/ Name: psyn
Value:
.tremorhub.com/ Name: tvid
Value: 431d75e9ed324baf9a3322c8958b1d2b
.go.sonobi.com/ Name: HAPLB8S
Value: s85180|ZACuR
.quantserve.com/ Name: mc
Value: 6400ae44-49450-21db4-a08fd
.netflu.com.br/ Name: __qca
Value: P0-1003655661-1677766212145
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adfarm1.adition.com/ Name: UserID1
Value: 7205951015179450516
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%225E20A813-28C7-4C18-983B-06BFD5CA286B%22%7D
.simpli.fi/ Name: suid
Value: 385FD20595C241C19601DC5FF944F092
.yahoo.com/ Name: A3
Value: d=AQABBEWuAGQCENdg59n2LxLzBrj8-ZSQDQcFEgEBAQH_AWQKZAAAAAAA_eMAAA&S=AQAAAlWOfZqpLcCGfVc28_pd0DI
.mathtag.com/ Name: uuid
Value: 6a166400-ae45-4f00-abf1-51d3017b3d00
.mathtag.com/ Name: mt_mop
Value: 4:1677766213
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb<_m7@_!1yIE`fS1ueD1W-044)d+]UfUGkvN=rm^#k?6Oq^W8s]Ap6(DS.eV)OikQI9P(hw9P-HC_#tt?-)t+gm
.tribalfusion.com/ Name: ANON_ID
Value: aPnseFwZcF1foXarpfrw4uJMVPLwgZaYfiQkIGtmGVkZc7eFFSg4ARF2eWrnRfnR8jvNMXaggRVQ5NPnpK1UaSB
.netflu.com.br/ Name: __gads
Value: ID=64cdeea6cef07e50:T=1677766211:S=ALNI_MZzeNp7VEE8VRsUxjEcIJZjgHLjiA
.netflu.com.br/ Name: __gpi
Value: UID=00000bbd9e6901f4:T=1677766211:RT=1677766211:S=ALNI_MaLIORDBVN6i7xJvLb27Xl_zpvmqQ
.awin1.com/ Name: awpv20044
Value: 412871|1677766213|f363d540-b903-11ed-9881-2239064e14e3
.awin1.com/ Name: awpv11354
Value: 412871|1677766213|f36ada20-b903-11ed-b520-223763a3e4ca
.awin1.com/ Name: AWSESS
Value: 377129:2470185
www.conrad.de/ Name: HTLP_timestamp
Value: 1677766213944
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: nJBHZBX9DSXUU2tS5dP63tZCKqwioEtL13EhS5nzbco-1677766213-0-AdXAIRzg+cDMKKBrkPzRr+U80NXfGlwCpgdG4Zi27M+SB11/36XbUscmFFUdYD1TVdq31ucyK6FbyQWfZObIEq4=
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%225E20A813-28C7-4C18-983B-06BFD5CA286B%22%7D
.ctnsnet.com/ Name: cid_88b60147295844f2ab480d75ef80ab1f
Value: 1
.ctnsnet.com/ Name: gid_CAESEAPexGiNXYwF_coe1gcqZss
Value: 1
.w55c.net/ Name: wfivefivec
Value: oF965yCa1PxJDo5
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3Nzc2NjIxNHZsZWExZGUyMDIzMDMwMjE1MTAxNDgyMjg5NTIwNjM5WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWQ5a01hTWZtZnhFMWhLSEJIMnQ3dHJyOVU5U21UenptU3JiQlhvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023030215101482289520639X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3Nzc2NjIxNHZsZWExZGUyMDIzMDMwMjE1MTAxNDgyMjg5NTIwNjM5WDExNzY3OVYxMjI2MTMyNzAyT
.w55c.net/ Name: matchgoogle
Value: 5
www.netflu.com.br/ Name: tt_c_vmt
Value: 1677766214
www.netflu.com.br/ Name: tt_c_c
Value: direct
www.netflu.com.br/ Name: tt_c_s
Value: direct
www.netflu.com.br/ Name: tt_c_m
Value: direct
www.netflu.com.br/ Name: _ttuu.s
Value: 1677766214482
.t.tailtarget.com/ Name: _ssc
Value: y
www.netflu.com.br/ Name: tt.u
Value: 0100007F46AE00644C072A2E023C0703
.tt-9964-3.seg.t.tailtarget.com/ Name: trk
Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyJCFEXKr5BGaJPlWnIus77A=
.tt-12765-5.seg.t.tailtarget.com/ Name: trk
Value: 6K3l2vEIWXYS3/7RS+rJsA==
.t.tailtarget.com/ Name: u
Value: fwAAAWQArkZRxgbEGz4YAgB=
.t.tailtarget.com/ Name: ttbprf
Value: ___de_1677766214797_3648182805
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
www.netflu.com.br/ Name: tt.nprf
Value:
.tt-12765-5.seg.t.tailtarget.com/ Name: ttca
Value: _1677766215
.tt-9964-3.seg.t.tailtarget.com/ Name: ttca
Value: CA15795,CA15771_1677766215
.t.tailtarget.com/ Name: tp1
Value: CAESEMHYskt7zighEODd6Y5mHn4
.t.tailtarget.com/ Name: dc
Value: 1
.t.tailtarget.com/ Name: n
Value: 1677766215

11 Console Messages

Source Level URL
Text
security warning URL: https://www.netflu.com.br/
Message:
Mixed Content: The page at 'https://www.netflu.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.netflu.com.br/wp-content/uploads/2018/11/novalogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.netflu.com.br/
Message:
Mixed Content: The page at 'https://www.netflu.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.netflu.com.br/wp-content/uploads/2018/11/novalogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.netflu.com.br/
Message:
Mixed Content: The page at 'https://www.netflu.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.netflu.com.br/wp-content/uploads/2018/11/novalogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.netflu.com.br/(Line 931)
Message:
Mixed Content: The page at 'https://www.netflu.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.netflu.com.br/wp-content/uploads/2018/11/novalogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.netflu.com.br/(Line 931)
Message:
Mixed Content: The page at 'https://www.netflu.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.netflu.com.br/wp-content/uploads/2018/11/novalogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.netflu.com.br/(Line 2522)
Message:
Mixed Content: The page at 'https://www.netflu.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.netflu.com.br/wp-content/uploads/2018/11/novalogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://www.netflu.com.br/apostas/rt.php
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/11393203926244038689/index.html".
network error URL: https://embed.dugout.com/assets/bumpers/fluminensefc-400.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://embed.dugout.com/v3.1/netflu.js(Line 54)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 467)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-fds.youborafds01.com
a.tribalfusion.com
ad.doubleclick.net
ad4m.at
ads.pubmatic.com
ads.travelaudience.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
as.ad4m.at
assets-jpcust.jwpsrv.com
assets.ad4m.at
autozep.adzep.com.br
b.t.tailtarget.com
bh.contextweb.com
bid.g.doubleclick.net
c0e594f569562fb8cbdc3f921f31d257.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.jwplayer.com
cdn.onesignal.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.t.tailtarget.com
d.tailtarget.com
d335luupugsy2.cloudfront.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dugout.com
eb2.3lift.com
embed.dugout.com
entitlements.jwplayer.com
events.newsroom.bi
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img.onesignal.com
intersc.igaming-service.io
ip-api.igaming-service.io
js.adscale.de
live.mrf.io
match.adsrvr.org
match.sharethrough.com
netflu.com.br
netflu.onesignal.com
netflu.os.tc
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pbs.publishers.tremorhub.com
pixel.advertising.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prod-rtb.ad4mat.net
region1.google-analytics.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssl.p.jwpcdn.com
ssum.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.springserve.com
sync.sxp.smartclip.net
t.seedtag.com
t.tailtarget.com
tag.hariken.co
tags.t.tailtarget.com
tpc.googlesyndication.com
tt-12765-5.seg.t.tailtarget.com
tt-9964-3.seg.t.tailtarget.com
tv.springserve.com
um.simpli.fi
ups.analytics.yahoo.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.netflu.com.br
www.telefonica-partner.de
x.bidswitch.net
104.18.133.145
104.18.24.185
104.96.132.42
13.225.78.39
13.32.99.26
142.250.186.34
142.250.27.157
142.251.208.102
142.251.39.34
151.101.2.207
151.101.66.207
152.199.22.243
167.233.13.224
172.217.16.194
18.157.107.92
185.29.134.248
185.64.190.78
185.80.39.216
185.86.139.93
185.89.210.122
185.94.180.125
195.201.159.24
198.148.27.140
198.47.127.18
2001:1af8:4700:b214::101
2001:4860:4802:32::36
213.19.147.44
23.203.124.192
2600:1901:0:76b9::
2600:1f18:1aca:4281:9ba6:2dfb:92f2:ce4e
2600:1f18:612b:4280:1fbc:eb5:e253:bacb
2600:9000:20eb:1c00:6:44e3:f8c0:93a1
2600:9000:20eb:1e00:8:ced9:d0c0:93a1
2600:9000:21f3:d400:1:a3fa:7cc0:93a1
2600:9000:223d:6c00:17:1c9a:3a40:93a1
2600:9000:223f:200:f:4f64:8940:93a1
2600:9000:223f:aa00:8:48e:53c0:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:3032::6815:38c8
2606:4700:3033::ac43:9fa2
2606:4700::6810:8f17
2606:4700::6811:190e
2606:4700::6812:19ad
2606:4700::6812:7e05
2606:4700::6812:d63b
2606:4700::6812:d73b
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:400c:c09::9a
2a00:1450:400d:802::2003
2a00:1450:400d:803::2004
2a00:1450:400d:803::2006
2a00:1450:400d:807::2001
2a00:1450:400d:808::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::2001
2a00:1450:400d:80c::2003
2a00:1450:400d:80e::2002
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::626
2a05:d018:d29:3605:cbf7:2d7b:a2a1:22ee
3.10.72.72
3.123.222.140
3.75.62.37
34.102.185.99
34.149.50.64
34.251.156.6
35.186.193.173
35.186.194.101
35.190.0.66
35.201.123.184
35.204.74.118
35.227.252.103
35.71.131.137
44.207.189.182
51.38.120.206
52.17.250.193
52.203.161.183
52.222.250.175
54.171.14.116
54.75.223.203
54.76.136.30
54.93.33.250
69.166.1.12
76.223.111.18
84.200.5.215
85.114.159.118
00eea5918b4bdd209f12ee940800d98a78ccde4983ee6859a03d4fd854c286e4
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02ef63b1ce61513fda2e1e244e0145eea17dba72cd12de4ec079375a1cca9a53
02f53a9dfffbdd30e9507786515c408dbfa32bd23338fb5d5bcf769620a30353
03294355e8b1f4ade2579edf5d4c59a4cb6a62b1af82b8b12360737ee33e75bb
0396ab8504cd6f62973980510e7921ca2c4e768e62dc13086b8cd560cac6c76d
04365a5f7f58164a78bf9559bddea95e542a5b3519a17d768171f7d7b66a6406
0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
060d53c5830750d5c4211d637be7c22ae55b9b7310aae674e9435ed67f4f5162
06dcde7e94c477e60a75fcdc0d1ac20dce7698617feed8541252dd134e439ed3
0765779057557a3aad6c0a6d0323c51ca33f8f0f5e498509fde04f336b8febcf
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0849099cbf02eac6a5c3123108a83d8320470e86643a861c38343b1103b5c6a1
09b1690a74ecff077522c6b5daa12b94f8b2b37394c4801de976343e85c0b318
0b5256b339d5e85f1686570073f66b07584878ca1c3ed852f479d167525aa8ab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca020440d315ff46bdfd2802f602f82d14134c101cb1b337737b37af2373c09
0deabf5dae586b60215500eeacb2f86771104e567302accb6aafc2c042781f33
0e7075698f1ae7ef94a2d7ae732ed306814c85158987dc9cb50d040cdc7fce57
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1545e430380b71b38a512b6d5e3294f3f95e06db39b51eeef220fb47855cb521
15dbd2853035f312cde65601c8cb77556ec1c4fd5268e8a111a14d08286187f1
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
16cdb207a2070fb7eb76737f8a71663835fd383cf029f0471d28bc24e4ae76de
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186c6a8f5db1d9bc19132abdbfd2f4d655289254b890ce8a688353243fcffc38
1b5b5e037d19833a9ed58a5e87755f04b270d0fee6539beb3da629c62c29b9d2
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d6858c27020d50d7980be3815c3ba409c1923ae24ff0fbcad74b32b88ebbbf5
21e529d1f8a28760ded58b1672f0f745cbd3851358cf24c4a83d966d41c13f68
2307527caa75b99a492d7cd4f1aba3ce00f86f35aaf9b3aa4bc7538ffc5098f2
233a9209c444376564cf5b7217f9e52c82c4133ee2a5691474337a2226bcc6bf
246c92390c1fd796ca44b9a199c303edc4d0541388de50295243234a274c349c
264a3189845f6bf08cee138091e035ac0508fc9412917b935eab3b59c0f8ae85
29f2ff2fdeffb247163ad858eeeeb0565d4928cf951fda677cb83a2a3517902e
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2aaf0b9f43f75589a82e7dc8066a60c364900e24678ceea3f51bc269cbd00175
2aba885e1b936359de1508205089090da4b6c1d687066d837473b392a2149cb4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e27b9cf011c3d5b006906bed6b2b64fbf0b82b2d4821f21dfdf00291c8c07be
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e42fe3e5d8155824c2ef0cc57907e42d9a5af796f20da6c9d11f07f058eba6
32da02f599892468c7a58fe88da372b97c0fccdce8f2dba4877eed604ea3d0ad
3337576b01b47831121d2692c99c4f4a471fed2a92a6cf9e1bda082440119ee9
33fa986d768705d4ff2d14a66ca676c3b1fa5175f517c706ada1ce596ab089e9
3449b2fdc99f9a0c2701a28cbbdadb515b05af4819f95bd6009f62ea3f070bbd
34609d4a2116693ca826dd48cb21e799c3286ddd0e89fe565b54744198addae1
35dae3e6ab79df765c47114987e2554087caf8ae5ee7cefd0323a4c750130c51
3784648f1018b4e483722f177bcd6dfa6fe99ce54f18016a4da3b36621792e4c
38418db13b2a5bb9de1e695a7764553a0a7e3093f3926097bf7c447de91225d3
386ad7b1d39959a71443dea78288e51d450cc9b22fdad4ed7de574253b9f2bab
3908fb9a2df6c4d6c4981af9cf6aacbb2792a94bd97db15edb182ff14fb8df39
397e60a319234c1c4671833988b7efd653f08cb96853f83bff20a4900b66b13e
39e463680d09f6a4bbe3e0eeabf536cbad73e07e028d51a1b7584cdce47f5d7f
3a8566c410bdc9c4b1a222d4e198c179255893accb662ed34ac308c39fc01bac
3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9
3b591c2bd5beb4d406f3718497c9245a033b8d29f49732d9d0ef5f317584d7ad
3bc317d4ed7d549e6307a2d1d21812dfdcec5cc873725caf467853fad5b0f6b3
3c3af293c92bffe2f5f6f31753be6de274bf677ee5c4de05428cf394d63d4941
3d46a3d130efe67dda9884e1ed6f54bd33be3cd09a74ff90eb91746fe8bfc873
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
3e88f0126df37c0a1defd3f13747863042ae98dc108f87e1f0689b8962b52c28
3e92f4208e2499614e843d4da544f604c6e5c70e71e14d30f1b8e3ff53f13f96
3f5806c6b9d3f139cc9677c296dc17b9f31f963e5e7bc6337cfa5a8a4a75fca0
3fbe4a5714b18e80893787efcd995eb77f21858a9fe2dcafcc947a0734374a1e
40b0e3f35da3d109cb629ad1ca8ddf69efdd4a469c60de8e6f78795a16324d81
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
430e3e9eec71547c03961047d14d6dec0deb0f42450e7e6a4347cf83b316fab8
430e4597ebba5140dfadf5963eb0bcfcf7ff71badbad4126d0e3a9043b7388b1
4311c1c3fa05b43379c0ca3c97b9e7f2672487040eff78fbfc6044117e4e524d
432c0da404eca5c07da8c90bdf265fd6f41228dfd7c49ad277a6eb527b5d4ff3
43caf75433a66cfc45cbaf6b8c9f1cfeb4ccbac3b66de9189ffe4106dcdbd13f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4792930c163541d9f79be55d698a5126f4ed2917817d5550573472180d132448
47d65d45be487c554f6fbcd236cf43e255824a7cfa50059aa8d35d0a4daffebb
4a7822251c53e8e9687547d1c929b6a51ec100d7d9ea72bb47ff72ff7b5b2f77
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7943edab00a3bb40fab9ae0ee9f94f8711fc5ac93b5cc237797de0e7bd5e06
4c4c829af973d83739e9158770fd649a4d6fb59939083fdb7534a4622bbe0f04
4c6c7e075758bdd53b08a0983024ff09b8226e8b317467536814b98a805da6d9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5d356cd0f1e0f88c73085d009fb0030f14f894865f94c589b4a8c0ebb7e4c6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ac9bde184967b1ce4aefd380b3c099f91a8e5d25536af5fe6b113ba8d95755
52c0b180a246a31ad16492ee571e4bd1429bcbbee7e08a1163d846d58fb575a7
52e98c12aa5083add7bbb076cb7744a6b46541d559e16b97c188d2782a1e9b0a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54030c63f8bcd5fa8d75e2abc3b7e80004190959f3b5547bdff19e59f070a968
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
5431c5724e6a1087883b41e20ce1cee0b6cdf3c271797670e06334ba4de63cd5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
552b898f48e2f2b166139414450d8d83aa6de2e968a769ab27e8cf9f2f5cc87f
55350e318a83be1be76588f5f3879559b8569580e19c05e0392d78bd7a8066fd
555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58ec5c9b8082fcdef3cae41dcfbf91e5a1bd909bc49ac81bea28747b356b7224
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59f8e4be8f7468ed580fedf96a14da94ad84bf77c270aecbf9aa4e0028f7f732
5a2c1cec0cc914945a04fd49efca205cdf943b50db6b20cc6616445d18e2d735
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5ded8e5efcdb3218505f91f8e2f3b67cd1f0e0144c552d7cdafe1e01b88dd9b7
5ec715198b4409012020f481ddd566ed3881d5a1e881240729ac98989c4376e1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624cd8a961cf8c6a3d44410fc739beae6fc91bb0926ef752d541803bc19cb372
6586d422ecbf32568a6e2248f541f6b6bbd216797b84c8e90a3891cf22a32bd1
67f91e33374ee1809e741a8cde5fd171a4eaa8b599bada4d6a97b9293da307a4
6828629c71917fd6a779be9bb55cef9b8d9baaf3214aa437b88ddf17fbe5433d
6a0bec47a530f1732520dcc187f622f369e9499c169b7dcc64883381689b476e
6a1ae61f6453993d57966a1b729dee2d9a4d0795bebb42e4600ca6401e1ec5f1
6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e
6a52f0baad27d3a937a9cac160c46ed8567dba6348e6ef9b669328f97b6ce6d7
6bbcd73b38e3df3f89fc360f94a4d37bb01185a668eced02866ff3663e8e4a6f
6c0411f1017b80f831ce929090ed55b5649a857b6774ddb2fcc6a43dac7ce649
6c154faf7ff6d2339a9cdc019bfbd8873892a5a5c6e9704bb6f2a3280f164083
6d338ae13bbac9a620bd69097e84e956f44708d8812eca86fce10ac83c6d8ca3
6d7c3674a5cb4242b98b879f6204f508dbecef79993501f128c4b497bb0f3d71
6e72f2e1d4d6b0e6579e7cd339a8543185b0c9112326b95dc55f1c447caae8ce
6e81de8016a317c5483e4a74f0e10dda568c79ae059f77024d839281e46f7925
6f01a8de7dd38ab8ce455980f7d6bc04149982ae3a9d6a9feef9900628a6532d
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6f968c0c82cd9ce6c05e3e381b54f010d5cf69067c4b09d17ec4ae95ade01f5f
70dc1988dc071287e1b9b8f97121bccf9fc220e3bc797b96a0f6830e7e8ebfba
716855a5e635b2cb79cfd65dd9fd45f1ba3a57441efb30d8f64125dee9531460
716d051a9d408e616477e1e26ea9eb08a61b19e7303c444f1ec0704eb9294e5d
7247da75888f67a5da64f0565975b818da547063fa7ceea49e606b4c942209b4
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
74523865e55cfbf795e783ee036da1b39d8ae9bb467e5d611765a16a6a6b0a26
74b03851b17506833b0506eb8292bd9842e5b32aaaccb1b5553fa967b65db792
74ee2c231b1f4742bb370658d019cf013f33f842858a3998198ca02dc4de517e
752cd9f8ec05748b2266bfdef91134a41f5f4bd65eeaf91031dbd1d58b23c0cb
7566b096820a66669d85c4451083f1a5a1bb513baaa9a8de1af7c05ed9544dfd
75d21f8b6729b7182c639b60c4335ca2372ad1023a289e24552ea2638320fe76
79b87df922384438d3c4a7e6f3b2ebaef856e7b2ddc5f15e279dc7167c33553c
7bbc83b21bc5cc339469c4be5e78189acbc4c81ea9b3aa3887e068138e8b4e4e
7c39f1e259655b162987d69c2c28f501142a34a2208a44d954030628c401f7ad
7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73
7e65fd8f3a62fb7dc9dfe93a384af96b69dec14833f6013cf9cb1635fc3738ae
8023a98e6787ca767f1cbd822b1f2a6e79847e03f312ff4f9e9aac0d8bfbfbbd
815c49bd4755baaedadbd1fe924bc5c973ab6c23377de815dc8ac6d33d83fb86
81f03cc39c2ec2a17a1b365d08704a62c9073079783d1a66087fc1c46a262e8d
8210cdf77643d308b044f4cf38787ba71d671e8490b083ebac37913d8830bb18
82fb644e62966dde4576d1f6fa22c4fc7f29cc52e1838ee7c37f83229e82371f
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854501c099e62606d3644e3dfaded70fa22f6a544211c93afa8be94ff1afd859
854cf52b60b1274ca9fe53e04cb875e6c8d5e4671d47594c3d80dbb6176a399f
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
85a551b8751f62846f651970a2815982d155d808aec9c17f3779c39dadb729a5
866bdf3e5f0f342e234155d88f148b2f49982412e32f9955f75c8e429a271b7b
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8af986b91b88374e03825cdaec35a6b89bda024ab3b67f95fe216d4ab4913aee
8b480d72fda5593368c517773b775e20e416461b9e446f730c0ba715fc215206
8bc145705b64db2c106285892c24d6a571cca5c75a7b80003f20c092cc2c8522
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40
8f517fb84e0461bf59d148d2cf42b9bdfd8cbee080020b56fc208f581ba556fb
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
932a7c23b068db53a7e415a957229b44a523a46ff2faaeafcca6ea6b7a4b1dcb
93c0b75fd3c58ef49f9f2e77ffa74637a383198db28cafcabaab1d16bb139967
94f553a8c0e1e12bc99da7a2b116d57bc0bf5212ad90e5391b22d2f5d1481db9
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde
9518cad0cb9b991cf7cbcf4cc2bc537f78ab2db57f57c68a834d5b7e3be3a24a
952ab746efdbdc1bfca11953740e9f91b53fef4f7e63ac9be66efc18c7326017
9627511fc05770f9ce620477fc9d35ea9e81395aafec6cd856cae2890a568600
96e36765064c199b32cd6f08900de889f4f5c7617f44b0101836e6c9f97ae617
97844d9c35450fd5aa5c6cfe6d3c698a8f976d6bcb09e310389cb5069d62f897
97c7d262744f55a38cc0f135f6f47f8876581ea219a32e59132673c8576d46a9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a0dd145aca0d65f73cb2551cae4de75bd171f55c8828d47eda137b03aa4f6d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a38ab89c216c2f20943cfbc80294add8d861d20de963fe501e6d6431baac1008
a4578b6eb60d2ee82bbf667e543623ca6858638f4cc0384f15cde09bbadebcf2
a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51391abc85480e9e19b43b5ebd907d3ea6ce53fa8fa08c42d8f56d7b00fe307
a5d22a12dd1780d862cd11c77498c04d6a53d9a85a9e7787c1e52c014878c76e
a5f583b2486d14d53ed27282df186413f4b0264a0f5bbe2566815dca378d56fd
a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a866552c42bdce11aef776877ea3d085df60f5c2495e9eb842c751f4b9f76e0f
a89111fc96f8f2517eb088dd43dacc9befd4b4ca2aef8efbcacd864ed219d7c4
a8bf83f4dd5e4d4496d1fac4688570a89efb83591d43312a7e6554b89c7f127e
a973aebf0d10840e4f029b6374fcbd096d0420f340e6cea38ae4c006a9d95922
a9aa9ec7ef3ec92e7eb52220a9f0cb578ff2ba0a71cb3e9c1a0b828857529fcc
ab9d82f0dc887480d105f5a77b4681987586ec9a717b4ec1a6ecd83d27e26e59
aba55d83602476cb099be3edff5d2264d00081c45f69e5ecef881a1cb8fbb6bd
abbdf3ee06881419a470e5e12f1dca59fbe36d1aa0c277f3667535954a113229
ad97c59fa1224d843c70c57e93b42b1cb776e4a36239fe0704d837503e7e87c9
ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725
ae13104a956e5859857c643ac7c45382338579e4454ff2a4a347eff5029357bb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af0e571dbd261b8fbcad8d6bea3be238508706f3c8d5619286a48e1364136e3f
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3565ea346e63fda91cc67ba8fc11e95b7482d5873a4f4c6a47c4185b772d9a1
b456ef7253d066c94d871de14eba9ae95664101fe56b15d3953db13160e8e111
b47113c11f50ddd29c8d635ecdad9ca369691f9b8e94a02746b7b567a5eae837
b52ea1b48e4258df3377131b9e34ad8689fd020e4db528a1ff46c74d6c569764
b68186dd7d88775d294413cad33c89ba431c2319ce8da8cbeb8e45369f8164ab
b816382266e2b466c5b024c651cc3fc8dd1c5c08e913ad064cb32707bbda3893
b847bd3787cf04c4e33fff5c2f82a1e0c99cefaaa26d8e4de9676735ba1232ea
b864e926fba5325d01f0c8ca9215fe0b2fe920ec8a11d77bb9863bbd437a135a
b974c77e1cb9d144501afd0f8df482126fd29af2fa3aac5ac33c6cbb57fcb0c6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc0290178fbce5943e9e2bc169e6828d4781ad0c1e7cb1cbb7eb714a0c1091af
bc6c1f70762f2558a6d2ad0036a453bb470e43aeea081060b63919db534dc351
bceabf4c867de89d980dbff8207092106441b69cc16ab6767d8641f6c5e21382
bd7f439de7d4f8a5df97569998c72de112d9d94880d06cbd35088678e7666d3a
bede11b81bb7b9435d8a7b8c6b70a373d48b3e3c20bdd1d4b4092c0a59552372
bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2
c100cae99b32ecea1154e1c3f7a3114598ec902959adbde83399ccb26189a307
c10543283f39d9f76050642a0a11f00ce0d4b334ed91f8e095ff48ccaf4ccc98
c19430dec5a95c300db95804be68eb95fe97842044be813d012e4e8f249306f9
c1c151703179e283f29833ca6d39f0e16e6f383e8397593475cdf10a49f14b4f
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c36dade944caab9913437bbbb8d4b6745a819591b9348890dd10bd91efb62b4b
c5069d5859762e144dd21e117ecb7f9534041b8ade694d370196ef824b825683
c83d3318ce9122faa58c01dd9aa3b0849459b699291cf2d77ab52278e12b4f40
c85412361c28fa60f6a99ec244d29e03cfd0818b167afb96c5f464464439c86c
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
ccd9121a14b7d9a66e942de02634cb4058f3b8faa32ae268a14fb6a8fe301d4e
ce767ed3c7dd3906efaf0658c9ee9160f2cd9152d57f47179f123046cbab8899
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf68736507b05fcab44becb4e5d97745f193fd582ddb0f0ce97c4b3d9a56aeac
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62
d1bdb6b123bc53b7dfd43678ebe5b10df4f7c556d62220bc533c08223f8c83e1
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1
d7116885368f49b92d5c8d93831f9a82a68a437410f33a961e1634b786eccf62
d7f935ad520078c34a72d8fed93c16fd35d69a99404e2913a476e28a14ed8572
d83cd58015b20ef4b84818d4ccf4e448a2f8ae206b44ee49deddc9e9fc31d308
d84f85dd897bd82753ed9407e1cc3ba97f2e945755659749482b7e84ff8ce406
d8b022cd5f13558d5d29feac8a4b53690907332a3b5454983a72f19b3421e40e
d9a5330c178b89f744e12dc63155031d12fba59afb4f99c17e03c9d6470492b1
da62f23b675fba5c54572e804e26e556c1402355e7ef31c24fdcfa082ad7f65e
dad5a9c36600a9539952b3a8ea19679223c22c3c0e28207f00a6d06eb6f930b6
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd03d6417d3b1b99d8293267f3f42baeec380fb0e8b29459750e1fc8d8273a94
de5d24f2310f924261eada7a7ccaca9f118d27641f89289ac82bd75ad9204736
df34ccd80a1d2262c4a1f316bfe36f87be4de1fabd02e025144ed071fce2274e
e131cde2cb0c7a07be92160d5080716139f800636d471cd2c0a5e3c1310cf4f5
e1388ee0da5c9c61b244abcbacb6b4097642836b0e91ddd5c4ec125aafea1e6a
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1d8079027ee5f2eef4dba4ac845546016037e56e23e16c740dc9789b46d5007
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e552381c5ba0dd0551718fb2dbb520fe8dbf1e61f1ca7146e3804a57faa96ee2
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e67a56e2b1638bf63662e97590276d692f825df8f9544c9c039049d14729b9db
e87d58debb87f6cb1031d4cc64738fb9e866af0bf67b3bf399904a9f708849aa
e8eb2d4151ca070f4079a5d3a9a3bb0361972de65baa592c120d485ecebacacf
e93504ee318829c063364b97032cf44a4f056d33b3a0a8bec0588eebe0c6fbd7
e9748d6bba29e81c4c484e5698c9e09603f2b689f6d6ce23f2931951645c70e1
eade249c49e3d6b8c7f05883b1dfb3fa0a68b123efa0d67988e91548ac020554
ec2a3ef74af3f799d1d3827960edaf8d12943cf06ccd8e3c6e51721c737eb647
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7eb3381fef9ed7b86ffa769ea4158e7ba09737db1fca02a78db890fd6c4e63
f0c6f572259ba7bc2da499539e16f5f97d49724c09d76b559f0884d8e1eb83b0
f13756a398e1fc71738053edd79240d485bbd02db4fc4fd2d60c53f84299efea
f3b17f9af560b005fba3b568590792d952f2bd4a9e5cfe0357b0ecdd545ca16c
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f417e2a44cfb09105ec834fa11dfb7a403d8eb6b76eb7e1a610de7d855e04278
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
f5428d1ef9d83754dce94a68d89cfd445ee439f51872b5c6d687b646e40c6f58
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5e929fe786cb273ae24885e53cf4599ca16884943ff512cbec16d3cfb1a3742
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c87ae830b3a92ab31a30cfd8d697b9c5326728ac4a30547965c7926a48fcb1
f726f16e77faaa4a9a57064ba1dec683dc703ee9eeaa55257ffb7ac8156e4447
f7d469442d58a5098703ab1a8521cbd368b05f837864cb50d7c447e04e858949
f8dcdb97b936e83cd384481d7e7ffba55be3e82a5430bad91db42875df89442c
fa7d55d27ec619928ad9acf30788d1e64cc18247cc1746e89722260c6a8c5ae8
fc961dd9968e4fe675480ff46e9d538471f54575b7d3594c7321d4a34bfd73f2
fd69a7986deb8054e40038791bfcdd8ce3bfe3006949bb27677a00e9effaad66
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
fee8830cb0fb2a9ee5a9fb774e292d3e9f25b7381fa93de19eb71500af26389d
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2