celpe2via.net Open in urlscan Pro
78.46.80.122 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://celpe2via.net/
Submission: On January 13 via api (January 13th 2024, 5:24:51 am UTC) from US — Scanned from US

Summary HTTP 143 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 16 domains to perform 143 HTTP transactions. The main IP is 78.46.80.122, located in Germany and belongs to HETZNER-AS, DE. The main domain is celpe2via.net.
TLS certificate: Issued by R3 on January 9th 2024. Valid for: 3 months.

This is the only time celpe2via.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	78.46.80.122 78.46.80.122	24940 (HETZNER-AS) (HETZNER-AS)
6	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:e20... 2a02:6ea0:e200::2	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
2 21	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
1	18.160.41.49 18.160.41.49	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c06::64	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c19::65	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
2	99.84.191.77 99.84.191.77	16509 (AMAZON-02) (AMAZON-02)
3 5	2607:f8b0:400... 2607:f8b0:4004:c07::63	15169 (GOOGLE) (GOOGLE)
2	2600:1408:7::... 2600:1408:7::170f:92b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c08::64	15169 (GOOGLE) (GOOGLE)
2	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
2	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
4	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
1	2600:9000:201... 2600:9000:2015:aa00:8:455e:4a00:93a1	16509 (AMAZON-02) (AMAZON-02)
143	23

33 78.46.80.122 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi.brworks.com.br

celpe2via.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:e200::2 (Ashburn, United States)

ASN60068 (CDN77 ^_^, GB)

cdn.sendpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web.webpushs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4004:c08::9a (Ashburn, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-49.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::64 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c19::65 (Washington, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.191.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-77.iad89.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c07::63 (Washington, United States) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:7::170f:92b (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c08::64 (Ashburn, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2015:aa00:8:455e:4a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.besafe.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	498 KB
33	celpe2via.net celpe2via.net	830 KB
19	google.com 3 redirects analytics.google.com — Cisco Umbrella Rank: 154 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	71 KB
19	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	158 KB
11	gstatic.com fonts.gstatic.com p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com www.gstatic.com	185 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	12 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	259 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 604 rtb0.doubleverify.com — Cisco Umbrella Rank: 944 rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 2544	22 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 681 script.hotjar.com — Cisco Umbrella Rank: 996	61 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	160 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	88 KB
1	webpushs.com web.webpushs.com — Cisco Umbrella Rank: 64501	12 KB
1	besafe.global cdn.besafe.global — Cisco Umbrella Rank: 248198	14 KB
1	sendpulse.com cdn.sendpulse.com — Cisco Umbrella Rank: 53278	37 KB
143	16

	Domain	Requested by
33	celpe2via.net	celpe2via.net cdn.sendpulse.com
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net celpe2via.net
14	pagead2.googlesyndication.com	celpe2via.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
6	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	3 redirects celpe2via.net tpc.googlesyndication.com
5	fonts.googleapis.com	celpe2via.net ajax.googleapis.com googleads.g.doubleclick.net
4	www.googleadservices.com	celpe2via.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	analytics.google.com	www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com celpe2via.net
2	p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com
2	cdn.doubleverify.com	googleads.g.doubleclick.net cdn.doubleverify.com
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	celpe2via.net www.googletagmanager.com
2	connect.facebook.net	celpe2via.net connect.facebook.net
1	web.webpushs.com	cdn.sendpulse.com
1	cdn.besafe.global	googleads.g.doubleclick.net
1	rtbc-ue1.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	static.hotjar.com	www.googletagmanager.com
1	ajax.googleapis.com	celpe2via.net
1	cdn.sendpulse.com	celpe2via.net
143	26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com

Subject Issuer	Validity	Valid
celpe2via.net R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
1603358863.rsc.cdn77.org R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-22` - `2024-01-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cdn.besafe.global Amazon RSA 2048 M01	`2023-04-26` - `2024-05-24`	a year	crt.sh
web.webpushs.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-16`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://celpe2via.net/
Frame ID: 12A0C2933769B3F25168CADB36BEF870
Requests: 76 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 597931F0D3B189E401B091806ECE88A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&adk=1812271804&adf=3025194257&lmt=1705108718&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x540_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123484995&bpp=15&bdt=448&idt=276&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3893859689308&frm=20&pv=2&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=304
Frame ID: 0077DA6855AC47F4A94B03ACFF7A7313
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=250&slotname=7022970042&adk=3363434266&adf=1998498621&pi=t.ma~as.7022970042&w=322&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=322x250&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485010&bpp=2&bdt=463&idt=317&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=323
Frame ID: 30A074BA59106C860AB9BE38FDE24282
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=280&slotname=3810521335&adk=1385190195&adf=465879092&pi=t.ma~as.3810521335&w=805&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=805x280&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485012&bpp=1&bdt=466&idt=339&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C322x250&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=570&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=343
Frame ID: D2915DEB937DC98F94954539D391CD4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=280&slotname=6949203453&adk=3304509598&adf=2597518099&pi=t.ma~as.6949203453&w=805&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=805x280&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485013&bpp=1&bdt=466&idt=395&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C322x250%2C805x280&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=570&ady=657&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=399
Frame ID: 8FC7EF357AA3E78D7CEDB16267A357E0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=280&slotname=6949203453&adk=1126151494&adf=1293857151&pi=t.ma~as.6949203453&w=805&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=805x280&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485013&bpp=1&bdt=466&idt=424&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C322x250%2C805x280%2C805x280&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=570&ady=1051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=436
Frame ID: 78C3A87DCE9CAE77105FCA0843E7D7DD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dvbs_src.js?ctx=11800497&cmp=31108115&plc=383364412&sid=5760734&dvregion=0&unit=300x250
Frame ID: F154C7F8D8084DBFBFE60FA6CB8EC055
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 94B48BA77A3D23FC2D01E354529EFC01
Requests: 2 HTTP requests in this frame

Frame: https://p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 394F64964ED9897AB75255C734B6E915
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A067FC7ACE0BA54BCBBF8CD323F2EEFE
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B185027FA9EA9850203DCA02FBD31BFA
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Frame ID: 948F911B21F984C063247B8686092A57
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 04EBF529809A2DFACF14AD5F9625AC8F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8157F8D02CBAC6A3BBF764DB77D4BDAA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 29F0E8C7E68EC236D5067261C71CA143
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Frame ID: 3A9AEB6B79E8C02C5EB56D040AADC50A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Frame ID: 5C3E0FF3322DF79CC882E4684074A0DB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E58AD17D920563CB5B34B229A897D18B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89309E28A5707C5BCC4D2777905EC2D2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CELPE 2ª VIA: Tirar Segunda Via Celpe Serviços Débitos Conta atrasada

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

143
Requests

99 %
HTTPS

73 %
IPv6

16
Domains

26
Subdomains

23
IPs

2
Countries

2429 kB
Transfer

6073 kB
Size

15
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fcelpe2via.net&t=CELPE%202%20VIA

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=CELPE%202%20VIA&url=https%3A%2F%2Fcelpe2via.net

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fcelpe2via.net&t=CELPE%202%20VIA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 89

https://googleads.g.doubleclick.net/pagead/adview?ai=CEM9unR6iZb_NG9SextYPoZeLuAvn0qb2dNaJv97-EbCQHxABINq9mHtgye6Oi8CkjBCgAffim7QoyAECqAMByAPJBKoEzQFP0H90c7Kk0cmJ-_wyPdEycd2T8wFXkfMJC92pDojXH3Q7q4zlNsVRmi7FKqXBeUc_E9nM723g_lM5gFm-xKTkepMq5pgHvzW-yzDGGrAWiOh4rUfW5dRedaQ43gA5E_C7pp9JMIA-XDnWEZ-oDtL-ZBvU7zPxB5EeB7I5zWj_XeE50_-Oqn6Is1wr4rk5UK1D-QroAUAsFC7-TQB0K8WEVooVR7lQJ0LNNBJu_IswgrlrtJqhi3SLvdavKfd2UKchUqWMzh0eaQxL-XWhwATh9_fhgQSIBZeb65FDkgUECAQYAZIFBAgFGASgBgKAB_ea7JMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQlvYS0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljY25f9z9mDA5oJRGh0dHBzOi8vZnJlZS53ZWJjb21wYW5pb24uY29tL21pbmltZS8_YnRuPXN0YXJ0JmNhbXBhaWduPTE4MDIyNTgzNzAzgAoByAsB2gwQCgoQwK2VvK3ktKYzEgIBA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi02NDA5Njg4NDU0NzEzMDIyGAA&sigh=7Kg-Ibk51fk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_7HKbuBxWraqfkGI9K2zRWy5TWdgV_bP7qsOdmwvY0YruL1-9-m2KI-viGn70nwTfslOIzQNJHScFtd4jL-9MWkWxUQ6-abMBp0cYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa83b45dd53422630000000000000000%22,%222%22:%220x69eb635b09a623090000000000000000%22,%223%22:%220x5a9ac54f2cda562d0000000000000000%22,%224%22:%220xd19ac04b67368edf0000000000000000%22,%225%22:%220xa74594e982c862860000000000000000%22},%22debug_key%22:%228291409772019069329%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223232220335785821937%22}&andc=true

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 113

https://googleads.g.doubleclick.net/pagead/adview?ai=CRF7inR6iZe_qFK6ExtYPzJeLiAn89JKCcO6O5Z2mDsCNtwEQASDavZh7YMnujovApIwQoAGqg-maA8gBAakC3Chs6sSliz6oAwHIA8MEqgS-AU_Q7ZCoM4wC3eRXph65HsxRPNiZYcAE-D6CplyBu-zbzDxvioe7zWGX-nwAFdBk0Rak35xSiTfpHE_q5QvEnIDF_RQPw8-uK5KIH1p29FDT6mojTJ7DX6hBQtnDGTbVFeKm6dynE0TZ7pTnV10Lf4NAGW4HpFDeDKyu1nv3OARZPmdBW4WFX4u_ekh-EEVjaZx-l1O2kVMU-_u6tPTND1YlmF-1UIFkp0y38L8Zld0Fd2ZdsR9cUXB-WDbtnmXABLCuzfvtA4gFvK3PqzaSBQQIBBgBkgUECAUYBKAGZoAHvvyWZagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJDeA9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpY6-qQ_c_ZgwOaCTdodHRwczovL2FndWFzY2xhcmFzZW5nZW5oYXJpYS5jb20uYnIvcGFpbmVsLWVsZXRyaWNvLTMvgAoByAsBogwIKgYKBKy6sQLaDBEKCxCwnOSDo4Se2-UBEgIBA9gTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02NDA5Njg4NDU0NzEzMDIyGAA&sigh=q9nwoNM83LA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_S6fdz1PGFZlXBdeYsJykaFDzyze08iTJ3nlnE85wKDDj9ya3XebpxgvDE07bb9K1kzG9yS7L3D7MvDwsZ5GyTvEeMa1GHUj51sEYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xae917969be53c2590000000000000000%22,%222%22:%220xdb35473528ae3c930000000000000000%22,%223%22:%220x19e160429511038c0000000000000000%22,%224%22:%220x8a2338421b36fbbb0000000000000000%22,%225%22:%220x8a87496251b1b7380000000000000000%22},%22debug_key%22:%229820846099840707062%22,%22debug_reporting%22:true,%22destination%22:%22https://aguasclarasengenharia.com.br%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22861553066%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226919263834019994609%22}&andc=true

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

143 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
celpe2via.net/ 102 KB
24 KB 543ms
236ms Document
text/html 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: ed1c972209a66e1dc05b8478123417829a9ded44f03de5e0f4c5e4e402bbe0b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-length: 24751
content-type: text/html; charset=UTF-8
date: Sat, 13 Jan 2024 05:24:44 GMT
last-modified: Sat, 13 Jan 2024 01:18:38 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 11 KB
2 KB 112ms
42ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700&display=swap

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b3915528adf7fa37e092c38ffc6d93f4be2a7f083f616d7259a78d09b11df59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 03:27:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 05:24:44 GMT

GET
H2 200 style.min.css
celpe2via.net/wp-includes/css/dist/block-library/ 93 KB
11 KB 121ms
116ms Stylesheet
text/css 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-includes/css/dist/block-library/style.min.css?ver=6.1.4
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Sat, 20 May 2023 13:16:17 GMT
server: LiteSpeed
etag: "1732d-6468c821-c658ec;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 11447
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 classic-themes.min.css
celpe2via.net/wp-includes/css/ 217 B
280 B 121ms
117ms Stylesheet
text/css 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2022 18:59:25 GMT
server: LiteSpeed
etag: "d9-63a0b48d-a81f34;gz"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 styles.css
celpe2via.net/wp-content/plugins/contact-form-7/includes/css/ 3 KB
965 B 121ms
118ms Stylesheet
text/css 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Fri, 02 Jun 2023 08:51:34 GMT
server: LiteSpeed
etag: "b2b-6479ad96-ca2c9c;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 878
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 kk-star-ratings.min.css
celpe2via.net/wp-content/plugins/kk-star-ratings/src/core/public/css/ 2 KB
594 B 121ms
118ms Stylesheet
text/css 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.6
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Thu, 26 Oct 2023 06:15:45 GMT
server: LiteSpeed
etag: "8d3-653a0411-9631e5;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 504
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 simple-gdpr-cookie-compliance-public.css
celpe2via.net/wp-content/plugins/simple-gdpr-cookie-compliance/public/assets/build/css/ 4 KB
1 KB 122ms
119ms Stylesheet
text/css 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/simple-gdpr-cookie-compliance/public/assets/build/css/simple-gdpr-cookie-compliance-public.css?ver=1.1.0
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 0de759f860ac15a57501171175c2d2324fd1884aadbfd16dd1a47fd40a8c9997

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Wed, 19 Oct 2022 14:37:20 GMT
server: LiteSpeed
etag: "f6a-63500ba0-16a18ba;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 942
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 style.css
celpe2via.net/wp-content/plugins/monarch/css/ 113 KB
12 KB 122ms
120ms Stylesheet
text/css 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/monarch/css/style.css?ver=1.3.25
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Fri, 16 Feb 2018 09:18:44 GMT
server: LiteSpeed
etag: "1c56d-5a86a1f4-12a4127;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 11700
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 celpe2via.net.css
celpe2via.net/wp-content/uploads/us-assets/ 277 KB
44 KB 122ms
120ms Stylesheet
text/css 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/uploads/us-assets/celpe2via.net.css?ver=4.10.1
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: c4ea7fbddaefb67d759248a58b9deb694d3f8769e30f6643a09c710afc84d332

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Wed, 15 May 2019 18:45:57 GMT
server: LiteSpeed
etag: "452ea-5cdc5e65-ae54ce;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 45081
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 style.css
celpe2via.net/wp-content/themes/Zephyr-child/ 314 B
285 B 236ms
234ms Stylesheet
text/css 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/themes/Zephyr-child/style.css?ver=4.10.1.1516730352
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 6055181b43097ac10ab9b916d1f9fcdc9dbd1e92c45fbf6a8b5dde56f291d18a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Tue, 23 Jan 2018 14:59:12 GMT
server: LiteSpeed
etag: "13a-5a674dc0-9a2d62;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 195
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 Defaults.css
celpe2via.net/wp-content/uploads/smile_fonts/Defaults/ 27 KB
4 KB 237ms
235ms Stylesheet
text/css 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.1.4
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Tue, 23 Jan 2018 09:26:26 GMT
server: LiteSpeed
etag: "6bf7-5a66ffc2-b81e19;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4441
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 124ms
58ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6409688454713022

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcc9d7aad04ec1a5dc4b07292c18a285b07f9fb32371d3968cc96e6532fca8f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
Origin: https://celpe2via.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51691
x-xss-protection: 0
server: cafe
etag: 18101273645652639872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:24:44 GMT

GET
H2 200 2a6abe23f4c6139cfb410bff3b535ab8_1.js Show response
cdn.sendpulse.com/js/push/ 119 KB
37 KB 425ms
62ms Script
application/javascript 2a02:6ea0:e200::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sendpulse.com/js/push/2a6abe23f4c6139cfb410bff3b535ab8_1.js

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

7d1b412a5bb24e0a3d341257656d7f462095573f9c6acf6fe261fefe96e29a85

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 wss://ws.binotel.com:9002 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng sendpul.se .sendpul.se trckln.com .loginsrc.com .routee.net .routee.net:444 .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com revisionme.pages.dev .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com s3.eu-central-1.amazonaws.com .googleoptimize.com .privatbank.ua .cardinalcommerce.com viacep.com.br .wdgtsrc.com 1860267202.rsc.cdn77.org 1443908614.rsc.cdn77.org 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: ashburnUSVA
date: Sat, 13 Jan 2024 05:24:45 GMT
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 1860267202.rsc.cdn77.org 1443908614.rsc.cdn77.org 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options: nosniff
content-encoding: gzip
x-77-cache: HIT
x-accel-date: 1704642110
x-xss-protection: 1; mode=block
x-77-nzt: EggBJRPOBAFBDAG5O98UAddfWAcA
x-accel-expires: @1705246910
x-77-age: 481375
x-cache-lb: MISS
x-sp-ma: sp-ma-0
last-modified: Wed, 22 Nov 2023 20:36:59 GMT
server: CDN77-Turbo
etag: W/"1db77-60ac3ae49a390"
x-77-nzt-ray: 8e305f1c62e7c0d89d1ea265a6a3010b
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
x-sp-pr: lpr-05
cache-control: max-age=604800
expires: Sun, 14 Jan 2024 15:41:50 GMT

GET
H2 200 celpe-2-via-logo-1-1.png
celpe2via.net/wp-content/uploads/2018/01/ 6 KB
6 KB 237ms
236ms Image
image/png 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celpe2via.net/wp-content/uploads/2018/01/celpe-2-via-logo-1-1.png
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: bf12402e4527bf26c5398bacb6cca80c076ab31c9351e9c7fdaa8c613c09acc3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
last-modified: Tue, 23 Jan 2018 09:24:40 GMT
server: LiteSpeed
etag: "190b-5a66ff58-b6277e;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6411
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 CELPE-CALCULADORA-ENERGIA-CONSUMO-1.jpg
celpe2via.net/wp-content/uploads/2022/12/ 27 KB
27 KB 238ms
237ms Image
image/jpeg 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celpe2via.net/wp-content/uploads/2022/12/CELPE-CALCULADORA-ENERGIA-CONSUMO-1.jpg
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 69a534becfcd98657bc8182639ed409115bae704945f4ea3405335aab17eb827

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
last-modified: Mon, 19 Dec 2022 14:41:20 GMT
server: LiteSpeed
etag: "6d19-63a07810-c44508;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 27929
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 celpe-2-via-conta-contrato.png
celpe2via.net/wp-content/uploads/2018/02/ 95 KB
95 KB 124ms
123ms Image
image/png 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celpe2via.net/wp-content/uploads/2018/02/celpe-2-via-conta-contrato.png
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 576b94fca42e09dee2410b332a20be762afe70379f079db0e7798315f8d8f33d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
last-modified: Thu, 08 Feb 2018 11:45:20 GMT
server: LiteSpeed
etag: "17c3f-5a7c3850-b6268e;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 97343
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 servi%C3%A7os-celpe-768x277.png
celpe2via.net/wp-content/uploads/2018/02/ 214 KB
214 KB 494ms
492ms Image
image/png 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celpe2via.net/wp-content/uploads/2018/02/servi%C3%A7os-celpe-768x277.png
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 602920a4534b76728bea9be2fd4f2ecf80b92505f4d3287e0822e909b3fc85fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
last-modified: Fri, 23 Mar 2018 16:39:12 GMT
server: LiteSpeed
etag: "35723-5ab52db0-b626a1;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 218915
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
3 KB 102ms
34ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e944b6f3fe7ae059be4a24c9a301021ea8aac5fefe6832b5b9170e74eca22711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://celpe2via.net/
Origin: https://celpe2via.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Jan 2024 05:24:44 GMT
content-md5: dIKCQ04HZfXYL7jL89fpxg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: FjoMRBredHXo/UEBb9J857jUwHv8UCnzqvI4X0TndA3Yv/3zpOMt3VORlrZ1LZp7V3A7sx08dI7WaR6YvKHVAQ==
x-fb-content-md5: 803ad9fc68532b121c01798c9ce5704b
cross-origin-opener-policy: same-origin-allow-popups
etag: "17c904e05a4008562856aceef422df3f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:29:21 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 44ms
37ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 04:35:16 GMT

GET
H3 200 dashicons.min.css
celpe2via.net/wp-includes/css/ 58 KB
34 KB 144ms
139ms Stylesheet
text/css 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-includes/css/dashicons.min.css?ver=6.1.4
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 23:22:48 GMT
server: LiteSpeed
etag: "e688-60b029c8-a81f36;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 35099
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 thickbox.css
celpe2via.net/wp-includes/js/thickbox/ 3 KB
870 B 425ms
421ms Stylesheet
text/css 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-includes/js/thickbox/thickbox.css?ver=6.1.4
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 23:22:48 GMT
server: LiteSpeed
etag: "a63-60b029c8-f81399;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 826
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 index.js Show response
celpe2via.net/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 425ms
421ms Script
application/x-javascript 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Fri, 02 Jun 2023 08:51:34 GMT
server: LiteSpeed
etag: "2801-6479ad96-ca2c98;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2884
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 index.js Show response
celpe2via.net/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 428ms
424ms Script
application/x-javascript 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Fri, 02 Jun 2023 08:51:34 GMT
server: LiteSpeed
etag: "328f-6479ad96-bc0436;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3914
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 kk-star-ratings.min.js Show response
celpe2via.net/wp-content/plugins/kk-star-ratings/src/core/public/js/ 1 KB
699 B 430ms
426ms Script
application/x-javascript 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.4.6
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Thu, 26 Oct 2023 06:15:45 GMT
server: LiteSpeed
etag: "54f-653a0411-9631df;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 632
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 jquery.min.js Show response
celpe2via.net/wp-includes/js/jquery/ 88 KB
30 KB 432ms
428ms Script
application/x-javascript 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Mon, 19 Dec 2022 18:59:25 GMT
server: LiteSpeed
etag: "15e54-63a0b48d-f01e1a;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 30176
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 simple-gdpr-cookie-compliance-public.js Show response
celpe2via.net/wp-content/plugins/simple-gdpr-cookie-compliance/public/assets/build/js/ 1 KB
544 B 461ms
457ms Script
application/x-javascript 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/simple-gdpr-cookie-compliance/public/assets/build/js/simple-gdpr-cookie-compliance-public.js?ver=1.1.0
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: b319ec0a8927f1063f8023ef37c90eab8335344709c4adeddd498cbb6983f1a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Wed, 19 Oct 2022 14:37:20 GMT
server: LiteSpeed
etag: "422-63500ba0-16a18b8;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 477
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 idle-timer.min.js Show response
celpe2via.net/wp-content/plugins/monarch/js/ 2 KB
964 B 461ms
457ms Script
application/x-javascript 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.3.25
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Fri, 16 Feb 2018 09:18:44 GMT
server: LiteSpeed
etag: "9d6-5a86a1f4-f8135d;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 897
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 custom.js Show response
celpe2via.net/wp-content/plugins/monarch/js/ 26 KB
5 KB 461ms
457ms Script
application/x-javascript 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/monarch/js/custom.js?ver=1.3.25
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Fri, 16 Feb 2018 09:18:44 GMT
server: LiteSpeed
etag: "6703-5a86a1f4-f8135f;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5084
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 us.core.min.js Show response
celpe2via.net/wp-content/themes/Zephyr/framework/js/ 108 KB
24 KB 464ms
460ms Script
application/x-javascript 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/themes/Zephyr/framework/js/us.core.min.js?ver=4.10.1
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: ec3c1f8801ad0e47683749ee40d8cade3708b6440d9c08118d05437fe954a552

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2018 17:51:42 GMT
server: LiteSpeed
etag: "1b16a-5a6624ae-bc339e;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 24040
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 common.js Show response
celpe2via.net/wp-content/plugins/monarch/core/admin/js/ 1 KB
496 B 486ms
482ms Script
application/x-javascript 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/monarch/core/admin/js/common.js?ver=3.0.101
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: e04ba77c47bc3a299b8dc20a36b3c3bc5f64d629bb43e39ced7eef17dc9b19f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Fri, 16 Feb 2018 09:18:44 GMT
server: LiteSpeed
etag: "4c4-5a86a1f4-11e22c4;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 452
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 thickbox.js Show response
celpe2via.net/wp-includes/js/thickbox/ 13 KB
4 KB 486ms
483ms Script
application/x-javascript 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: c0e09e793fb79507dc97ed702a4c2c9c00ab4d1677bd45bcd112e203c96dd661

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Mon, 19 Dec 2022 18:59:25 GMT
server: LiteSpeed
etag: "33ba-63a0b48d-f81398;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3974
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 lazyload.min.js Show response
celpe2via.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 628ms
626ms Script
application/x-javascript 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
last-modified: Mon, 17 Apr 2023 09:22:27 GMT
server: LiteSpeed
etag: "22bc-643d0fd3-16a0e6e;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2894
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
70 KB 134ms
57ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M8N7SNM

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8762752dbaddc15281f6837e12f584651d9324d92d0944c4b3ebff4d98979e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70850
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jan 2024 05:24:44 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 93ms
31ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://celpe2via.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:57:20 GMT
x-content-type-options: nosniff
age: 296844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 18:57:20 GMT

GET
H2 200 2fcrYFNaTjcS6g4U3t-Y5ZjZjT5FdEJ140U2DJYC3mY.woff2
fonts.gstatic.com/s/materialicons/v22/ 47 KB
47 KB 137ms
77ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v22/2fcrYFNaTjcS6g4U3t-Y5ZjZjT5FdEJ140U2DJYC3mY.woff2

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/wp-content/uploads/us-assets/celpe2via.net.css?ver=4.10.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2fd3c02a805d633344434c58be4083ad644da7d4de4324fab729c396dfa4b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
Origin: https://celpe2via.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 17:35:38 GMT
x-content-type-options: nosniff
age: 128946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47620
x-xss-protection: 0
last-modified: Tue, 18 Apr 2017 20:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:35:38 GMT

GET
H3 200 BANNER-3-ENERGISA-WIDGET-CALCULADORA-CONSUMO-ENERGIA.png
celpe2via.net/wp-content/uploads/2022/12/ 116 KB
117 KB 589ms
587ms Image
image/png 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celpe2via.net/wp-content/uploads/2022/12/BANNER-3-ENERGISA-WIDGET-CALCULADORA-CONSUMO-ENERGIA.png
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: d943e6c12adbe61a99030502337c487340326a59a4f92b785df8df23b27fe05d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
last-modified: Tue, 20 Dec 2022 17:02:47 GMT
server: LiteSpeed
etag: "1d174-63a1eab7-c444e3;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 119156
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 monarch.ttf
celpe2via.net/wp-content/plugins/monarch/css/fonts/ 15 KB
15 KB 175ms
174ms Font
application/x-font-ttf 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/wp-content/plugins/monarch/css/style.css?ver=1.3.25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f

Request headers

Referer: https://celpe2via.net/wp-content/plugins/monarch/css/style.css?ver=1.3.25
Origin: https://celpe2via.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
last-modified: Fri, 16 Feb 2018 09:18:44 GMT
server: LiteSpeed
etag: "3af8-5a86a1f4-12c47db;;;"
content-type: application/x-font-ttf
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 15096
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 fontawesome-webfont.woff2
celpe2via.net/wp-content/themes/Zephyr/framework/fonts/ 75 KB
76 KB 186ms
186ms Font
font/woff2 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/wp-content/themes/Zephyr/framework/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/wp-content/uploads/us-assets/celpe2via.net.css?ver=4.10.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://celpe2via.net/wp-content/uploads/us-assets/celpe2via.net.css?ver=4.10.1
Origin: https://celpe2via.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
last-modified: Mon, 22 Jan 2018 17:51:42 GMT
server: LiteSpeed
etag: "12d68-5a6624ae-b4252a;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 77160
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H3 200 debito.png
celpe2via.net/wp-content/uploads/2018/02/ 57 KB
57 KB 570ms
569ms Image
image/png 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celpe2via.net/wp-content/uploads/2018/02/debito.png
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: a9456eabca6233ae722f480424ee89c21524b008a06d96d54749b1301baa3f98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:44 GMT
last-modified: Thu, 08 Feb 2018 11:48:38 GMT
server: LiteSpeed
etag: "e264-5a7c3916-b626dc;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 57956
expires: Sat, 20 Jan 2024 05:24:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
2 KB 46ms
45ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1eda5a22ae0ee3edb6d629fa72ff806cbd1e54de7bafa122cd26ace6ee69679d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 05:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 05:24:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 05:24:44 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 297 KB
85 KB 38ms
33ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=3f440a2d11d2a2451f9f067125e564dc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67f73dddf03396bef5059e937729e5fe6272ff2bc662c5627f414b830114ebdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://celpe2via.net/
Origin: https://celpe2via.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Jan 2024 05:24:44 GMT
content-md5: iAxaAud1HSWDZzXcwYZkZg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86978
reporting-endpoints
x-fb-debug: i5wLDAN4gHGcdyn+azILM+h27p80DznljRsNuwMwmvfRKfQ4/8PWsEAThlca7u1wfF78F5ecjSlwYsU7lps/KQ==
x-fb-content-md5: 2c13ecf48b817ac079c4e652ee56e4ca
cross-origin-opener-policy: same-origin-allow-popups
etag: "2c7d695a523106bb98aa125e45d714d6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 12 Jan 2025 04:04:09 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 73ms
72ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://celpe2via.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:57:20 GMT
x-content-type-options: nosniff
age: 296844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 18:57:20 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
136 KB 159ms
97ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6409688454713022

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245b858326cc1410d5489ee0507762b6bac8a3aa9a8d6ff57741e21be3039d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139352
x-xss-protection: 0
server: cafe
etag: 9939691344434740193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:24:45 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 5979 9 KB
4 KB 106ms
36ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6409688454713022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 22703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 23:06:22 GMT
etag: 9219409622527106327
expires: Fri, 26 Jan 2024 23:06:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
90 KB 60ms
59ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K221T23EZ8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8N7SNM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c53260c9d70f7a3a4be6a30ac3bf11afe095d1f8634af66889853a351334297e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Jan 2024 05:24:45 GMT

GET
H2 200 hotjar-2883053.js Show response
static.hotjar.com/c/ 9 KB
4 KB 199ms
106ms Script
application/javascript 18.160.41.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2883053.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8N7SNM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-49.iad55.r.cloudfront.net

Software

Resource Hash

6104ac0deebbb68d8703021064453c5fc9f35ad236ab849986bca57df2be99e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8332ab8bd32a6ba696984216199de564.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
etag: W/58529879fd4b6dc75f0a63f35c322955
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: IRRgwHDBvoS6M7zR3Ti1DceaVPiC_3Q-KC2s_C6KJNcrul9NUfch_w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 96ms
31ms Script
text/javascript 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8N7SNM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Jan 2024 04:44:22 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2423
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 13 Jan 2024 06:44:22 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
252 B 106ms
38ms Ping
text/plain 2607:f8b0:4004:c19::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K221T23EZ8&gtm=45je41a0v883530039z8860882490&_p=1705123484802&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=96834338.1705123485&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1705123485&sct=1&seg=0&dl=https%3A%2F%2Fcelpe2via.net%2F&dt=CELPE%202%C2%AA%20VIA%3A%20Tirar%20Segunda%20Via%20Celpe%20Servi%C3%A7os%20D%C3%A9bitos%20Conta%20atrasada&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1240
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K221T23EZ8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 05:24:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://celpe2via.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 108ms
40ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K221T23EZ8&cid=96834338.1705123485&gtm=45je41a0v883530039z8860882490&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K221T23EZ8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 05:24:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://celpe2via.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0077 359 KB
84 KB 355ms
353ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&adk=1812271804&adf=3025194257&lmt=1705108718&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x540_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123484995&bpp=15&bdt=448&idt=276&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3893859689308&frm=20&pv=2&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=304

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c68d00bbb7ff67dd41ac89e4da28a08082100731d1bdf7ddc8e8b46f46f20f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 85885
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:45 GMT
expires: Sat, 13 Jan 2024 05:24:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
46ms Image
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=l-header%20pos_fixed%20bg_solid%20shadow_thin&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 05:24:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 40ms
39ms XHR
text/plain 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=248074409&t=pageview&_s=1&dl=https%3A%2F%2Fcelpe2via.net%2F&ul=en-us&de=UTF-8&dt=CELPE%202%C2%AA%20VIA%3A%20Tirar%20Segunda%20Via%20Celpe%20Servi%C3%A7os%20D%C3%A9bitos%20Conta%20atrasada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1434720086&gjid=1427000173&cid=96834338.1705123485&tid=UA-112930509-1&_gid=961962459.1705123485&_r=1&_slc=1&gtm=45He41a0n81M8N7SNMv860882490&gcd=11l1l1l1l1&dma=0&z=1298791016

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://celpe2via.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 05:24:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://celpe2via.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 30A0 62 KB
21 KB 387ms
387ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=250&slotname=7022970042&adk=3363434266&adf=1998498621&pi=t.ma~as.7022970042&w=322&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=322x250&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485010&bpp=2&bdt=463&idt=317&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=323

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c928411ea4802253dd0c874e106ad77cbbee991364e6f87920a170a674cb7aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 21158
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:45 GMT
expires: Sat, 13 Jan 2024 05:24:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D291 722 B
533 B 386ms
386ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=280&slotname=3810521335&adk=1385190195&adf=465879092&pi=t.ma~as.3810521335&w=805&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=805x280&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485012&bpp=1&bdt=466&idt=339&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C322x250&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=570&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=343

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a25fa80de0f73db48a60517bc3437bdfc370b56f52179ae0a42d20e4019534e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 361
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:45 GMT
expires: Sat, 13 Jan 2024 05:24:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FC7 104 KB
38 KB 338ms
337ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=280&slotname=6949203453&adk=3304509598&adf=2597518099&pi=t.ma~as.6949203453&w=805&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=805x280&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485013&bpp=1&bdt=466&idt=395&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C322x250%2C805x280&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=570&ady=657&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=399

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f79d1616a9353872a9712f463e35dd4ca3589ea4a8cf0770d34b2f0b4fc23a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39339
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:45 GMT
expires: Sat, 13 Jan 2024 05:24:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 40ms
39ms XHR
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-112930509-1&cid=96834338.1705123485&jid=1434720086&gjid=1427000173&_gid=961962459.1705123485&_u=YADAAEAAAAAAACAAI~&z=1767571155

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://celpe2via.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 13 Jan 2024 05:24:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://celpe2via.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.01a61edd76e9459a4476.js Show response
script.hotjar.com/ 219 KB
55 KB 118ms
36ms Script
application/javascript 99.84.191.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.01a61edd76e9459a4476.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2883053.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-77.iad89.r.cloudfront.net

Software

Resource Hash

1fe0a1d0440db1d043d00405be45a6494bef459ddabc0649fcefe29741978345

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 08:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 aa0ac259128059e949248e63a3b6767e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 75218
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55621
last-modified: Fri, 12 Jan 2024 08:30:49 GMT
etag: "c6b381ec2a77add5ff4703aac0792891"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: uD4yq1_huD_NdZYe57-zVk42wjRVF94bmJsx1MwQncLUt44UvJn__g==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 78C3 722 B
385 B 255ms
253ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=280&slotname=6949203453&adk=1126151494&adf=1293857151&pi=t.ma~as.6949203453&w=805&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=805x280&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485013&bpp=1&bdt=466&idt=424&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C322x250%2C805x280%2C805x280&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=570&ady=1051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=436

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83b6709ca18a23e86f7f45cafcde10258359aba10991956aeab3e9188e1aec51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 361
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:45 GMT
expires: Sat, 13 Jan 2024 05:24:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 loadingAnimation.gif
celpe2via.net/wp-includes/js/thickbox/ 15 KB
15 KB 119ms
118ms Image
image/gif 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celpe2via.net/wp-includes/js/thickbox/loadingAnimation.gif
Requested by: Host: celpe2via.net
URL: https://celpe2via.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:45 GMT
last-modified: Fri, 19 Jan 2018 16:49:26 GMT
server: LiteSpeed
etag: "3b86-5a622196-f8139a;;;"
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 15238
expires: Sat, 20 Jan 2024 05:24:45 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 106ms
42ms Image
image/gif 2607:f8b0:4004:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-112930509-1&cid=96834338.1705123485&jid=1434720086&_u=YADAAEAAAAAAACAAI~&z=455779407

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 05:24:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 browser-perf.28a8c6b22b3c0474c577.js Show response
script.hotjar.com/ 4 KB
2 KB 32ms
31ms Script
application/javascript 99.84.191.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.28a8c6b22b3c0474c577.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.01a61edd76e9459a4476.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-77.iad89.r.cloudfront.net

Software

Resource Hash

f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 aa0ac259128059e949248e63a3b6767e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 6116438
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1589
last-modified: Fri, 03 Nov 2023 10:23:46 GMT
etag: "d065ec1659ab8dbb93042fdf9a225634"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 7Qy5jMrbn21FZNJlOYmihvC9M8KDLneuSHIFvOhi-IKd2ZLp4fr-Kw==

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame F154 2 KB
1 KB 133ms
36ms Script
application/javascript 2600:1408:7::170f:92b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11800497&cmp=31108115&plc=383364412&sid=5760734&dvregion=0&unit=300x250
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=250&slotname=7022970042&adk=3363434266&adf=1998498621&pi=t.ma~as.7022970042&w=322&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=322x250&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485010&bpp=2&bdt=463&idt=317&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=323
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:7::170f:92b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 05:24:45 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Dec 2023 15:12:34 GMT
Server: UploadServer
ETag: "a8006a511aee2e57196f5e8bee81dde8"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Sun, 14 Jan 2024 05:24:45 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame F154 36 KB
14 KB 107ms
41ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=250&slotname=7022970042&adk=3363434266&adf=1998498621&pi=t.ma~as.7022970042&w=322&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=322x250&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485010&bpp=2&bdt=463&idt=317&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=323

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a16dfe9e92661a05f6798c8520a71e2f68c4675ffd6428d60e9d4fc71744dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:20:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14392
x-xss-protection: 0
server: cafe
etag: 5705098247650313184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:20:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame F154 3 KB
1 KB 157ms
91ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:33:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame F154 20 KB
9 KB 97ms
31ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:33:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F154 205 KB
65 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:24:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame F154 23 KB
9 KB 157ms
92ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:20:43 GMT

GET
H2 200 11778604948800383788
tpc.googlesyndication.com/simgad/ Frame 8FC7 13 KB
14 KB 121ms
66ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11778604948800383788?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkAaLVHOOPz_bastxbvDcE70OBe7Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=280&slotname=6949203453&adk=3304509598&adf=2597518099&pi=t.ma~as.6949203453&w=805&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=805x280&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485013&bpp=1&bdt=466&idt=395&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C322x250%2C805x280&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=570&ady=657&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2ec1c907004fb1a0d9ade9e9f5d3b19efb55a0319dbaadaea734d86cb5e4c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:02:31 GMT
x-content-type-options: nosniff
age: 1334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13781
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 13:09:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Jan 2025 05:02:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 8FC7 23 KB
9 KB 129ms
74ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:20:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8FC7 3 KB
1 KB 107ms
81ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:33:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8FC7 20 KB
8 KB 90ms
35ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:33:44 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FC7 205 KB
65 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:24:45 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8FC7 36 KB
15 KB 108ms
82ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14790
x-xss-protection: 0
server: cafe
etag: 14910708302111541132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:25:45 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 162 KB
55 KB 58ms
58ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae7d0099df1b3b0efb31eefedcc68038edc790ac12d1149c7bfbcabb1d548c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56383
x-xss-protection: 0
server: cafe
etag: 13528421433335860971
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:24:45 GMT

GET
H2 200 ca-pub-6409688454713022 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 131ms
64ms Script
application/javascript 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6409688454713022?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de62b25be1996b765fd579f55d9a90e5faa0c784b9a81908563dda6a4ddc882c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ilNZDf5-rKJx00jhKMmNQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ilNZDf5-rKJx00jhKMmNQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 94B4 143 B
166 B 34ms
33ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=280&slotname=6949203453&adk=3304509598&adf=2597518099&pi=t.ma~as.6949203453&w=805&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=805x280&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485013&bpp=1&bdt=466&idt=395&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C322x250%2C805x280&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=570&ady=657&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=399
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:01:45 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 394F 247 B
868 B 108ms
34ms Document
text/html 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

148c06baa222e1cba0ee2462e088d847688b643f0f94f1e1da29dcfbb385588a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-xejxuJhIsAndIjWKPD-2Hw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 94B4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
42ms

Document
text/html

2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:45 GMT
expires: Sat, 13 Jan 2024 05:24:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8FC7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6ac431e01bdb435329fac052fb3362001d049705defb4c987aada15973c64f5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvbs_src_internal125.js Show response
cdn.doubleverify.com/ Frame F154 60 KB
20 KB 36ms
36ms Script
application/javascript 2600:1408:7::170f:92b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11800497&cmp=31108115&plc=383364412&sid=5760734&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:7::170f:92b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 05:24:45 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Dec 2023 15:12:36 GMT
Server: UploadServer
ETag: "8188d451e0a669939fa9ed400c00d127"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19695
Expires: Sun, 12 Jan 2025 05:24:45 GMT

GET
H2 200 iframe.html Show response
p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 394F 5 KB
2 KB 34ms
33ms Document
text/html 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

3971281769d8032002d45b38aad164255f397bdeb0e230ff41803ad8425bc059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-4sYyTHkcB4g8Yxc3HIVDTA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame A067 9 KB
4 KB 32ms
32ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:35:28 GMT
etag: 9219409622527106327
expires: Sat, 27 Jan 2024 04:35:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame B185 9 KB
4 KB 32ms
31ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:35:28 GMT
etag: 9219409622527106327
expires: Sat, 27 Jan 2024 04:35:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxV9AKTYBzxTNTJJnrqgBN_PvqT29ajLCsF7BOhUvC_K0WR3O0ez_NDlYef24E2r2Sje-TWkRX4896-5_y9ZKmVqemkdw1_XtFQxFsTbvo25UstW7_GTnAXflhFSUFmRJ2xpBtDY4w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 64ms
63ms Script
application/javascript 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV9AKTYBzxTNTJJnrqgBN_PvqT29ajLCsF7BOhUvC_K0WR3O0ez_NDlYef24E2r2Sje-TWkRX4896-5_y9ZKmVqemkdw1_XtFQxFsTbvo25UstW7_GTnAXflhFSUFmRJ2xpBtDY4w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MTIzNDg2LDU1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2NlbHBlMnZpYS5uZXQvIixudWxsLFtbOCwiMTVtTHB6cndMckEiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

598ad6704b8519c3e640d8df586352a55e152b992d439fa86ca2d30e099cd692

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oz1kTfGd0otokiC27A2_MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-oz1kTfGd0otokiC27A2_MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame F154 656 B
699 B 423ms
52ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_434831848000&jsTagObjCallback=__tagObject_callback_434831848000&num=6&ctx=11800497&cmp=31108115&plc=383364412&sid=5760734&advid=&adsrv=&unit=300x250&isdvvid=&uid=434831848000&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.80&dvpx_strhd=0.80&brid=3&brver=120&bridua=3&dup=null&chro=1&hist=2&winh=250&winw=322&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=13&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=172&eparams=DC4FC%3Dl9EEADTbpTauTau46%3DA6aG%3A2%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau46%3DA6aG%3A2%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=8.70&callbackName=__verify_callback_434831848000
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 6744101887333151b899a244c1f2326f07da9be106e795779e74987dc3610471

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jan 2024 05:24:46 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 01/12/2024 05:24:46

GET
H3 200 css2
fonts.googleapis.com/ Frame A067 4 KB
671 B 43ms
42ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 05:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 03:28:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 05:24:46 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A067 205 B
519 B 138ms
66ms Image
image/png 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:37:17 GMT
x-content-type-options: nosniff
age: 20849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 23:37:17 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A067 604 B
695 B 139ms
67ms Image
image/png 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 00:27:42 GMT
x-content-type-options: nosniff
age: 17824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 12 Jan 2025 00:27:42 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame A067 16 KB
7 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:36:17 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame A067 22 KB
9 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:33:03 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8FC7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CEM9unR6iZb_NG9SextYPoZeLuAvn0qb2dNaJv97-EbCQHxABINq9mHtgye6Oi8CkjBCgAffim7QoyAECqAMByAPJBKoEzQFP0H90c7Kk0cmJ-_wyPdEycd2T8wFXkfMJC92pDojXH3Q7q4z...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa83b45dd53422630000000000000000%22,%222%22:%220x69eb635b09a623090000000000000000%22,%223%22:%220x5a9ac54...

0
0

114ms
47ms

Fetch
text/css

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa83b45dd53422630000000000000000%22,%222%22:%220x69eb635b09a623090000000000000000%22,%223%22:%220x5a9ac54f2cda562d0000000000000000%22,%224%22:%220xd19ac04b67368edf0000000000000000%22,%225%22:%220xa74594e982c862860000000000000000%22},%22debug_key%22:%228291409772019069329%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223232220335785821937%22}&andc=true

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa83b45dd53422630000000000000000","2":"0x69eb635b09a623090000000000000000","3":"0x5a9ac54f2cda562d0000000000000000","4":"0xd19ac04b67368edf0000000000000000","5":"0xa74594e982c862860000000000000000"},"debug_key":"8291409772019069329","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"3232220335785821937"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Jan 2024 05:24:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 Jan 2024 05:24:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa83b45dd53422630000000000000000","2":"0x69eb635b09a623090000000000000000","3":"0x5a9ac54f2cda562d0000000000000000","4":"0xd19ac04b67368edf0000000000000000","5":"0xa74594e982c862860000000000000000"},"debug_key":"8291409772019069329","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"3232220335785821937"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame B185 9 KB
4 KB 85ms
35ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 06:45:22 GMT

GET
H2 200 67b2cf2770e31c0fa9735c0b8b540980.js Show response
www.gstatic.com/mysidia/ Frame B185 11 KB
5 KB 105ms
55ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 14:58:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 14:58:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B185 14 KB
1 KB 46ms
44ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 05:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 03:29:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 05:24:46 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B185 2 KB
902 B 39ms
36ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:53:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:53:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame B185 23 KB
9 KB 35ms
33ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:20:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B185 3 KB
1 KB 38ms
36ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:33:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B185 20 KB
8 KB 33ms
31ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:33:44 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B185 205 KB
65 KB 36ms
34ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:24:46 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame B185 37 KB
15 KB 82ms
36ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 Apr 2024 08:23:43 GMT

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 948F 50 KB
19 KB 42ms
41ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:36:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 04:36:05 GMT

GET
H3 200 AGSKWxWKP5rGiYytCoJffOdFq04AYgk9Gbu0fELmbimt7odJXgWqkbF4MtDhfqPMaYEYDzKVetnBi2JjpMtQaPLS1b9--R2EmsS9y5pLJMbzNqPUnxrz0eq7V9lYIKzOcYLP4vckoFig5Q== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 80ms
80ms Script
application/javascript 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWKP5rGiYytCoJffOdFq04AYgk9Gbu0fELmbimt7odJXgWqkbF4MtDhfqPMaYEYDzKVetnBi2JjpMtQaPLS1b9--R2EmsS9y5pLJMbzNqPUnxrz0eq7V9lYIKzOcYLP4vckoFig5Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MTIzNDg2LDEyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vY2VscGUydmlhLm5ldC8iLG51bGwsW1s4LCIxNW1McHpyd0xyQSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50f9006b1192f510235fdeacffa6e067fc0701f5c59be93b1d1e3560c4a112b4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MPcAc_nzYp1DFCZZ_gtKJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-MPcAc_nzYp1DFCZZ_gtKJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 04EB 14 KB
1 KB 43ms
42ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 05:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 03:27:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 05:24:46 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 04EB 2 KB
856 B 43ms
33ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:53:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:53:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 04EB 23 KB
9 KB 42ms
35ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:20:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8157 143 B
166 B 37ms
33ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:01:45 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 04EB 3 KB
1 KB 41ms
34ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:33:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 04EB 20 KB
8 KB 37ms
30ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:33:44 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04EB 205 KB
65 KB 35ms
32ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:24:46 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 04EB 37 KB
15 KB 74ms
67ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 Apr 2024 08:23:43 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 115ms
46ms Preflight
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 13 Jan 2024 05:24:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8157
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
46ms

Document
text/html

2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:46 GMT
expires: Sat, 13 Jan 2024 05:24:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 47ms
46ms Ping
text/plain 2607:f8b0:4004:c19::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K221T23EZ8&gtm=45je41a0v883530039&_p=1705123484802&gcd=11l1l1l1l1&dma=0&cid=96834338.1705123485&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&sid=1705123485&sct=1&seg=0&dl=https%3A%2F%2Fcelpe2via.net%2F&dt=CELPE%202%C2%AA%20VIA%3A%20Tirar%20Segunda%20Via%20Celpe%20Servi%C3%A7os%20D%C3%A9bitos%20Conta%20atrasada&en=ad_impression&ep.query_id=CP-PmP3P2YMDFVSP0QQdocsCtw&_et=729&tfd=2281
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K221T23EZ8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 05:24:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://celpe2via.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 29F0 143 B
166 B 33ms
32ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:01:45 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B185
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CRF7inR6iZe_qFK6ExtYPzJeLiAn89JKCcO6O5Z2mDsCNtwEQASDavZh7YMnujovApIwQoAGqg-maA8gBAakC3Chs6sSliz6oAwHIA8MEqgS-AU_Q7ZCoM4wC3eRXph65HsxRPNiZYcAE-D6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xae917969be53c2590000000000000000%22,%222%22:%220xdb35473528ae3c930000000000000000%22,%223%22:%220x19e160...

0
0

47ms
46ms

Fetch
text/css

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xae917969be53c2590000000000000000%22,%222%22:%220xdb35473528ae3c930000000000000000%22,%223%22:%220x19e160429511038c0000000000000000%22,%224%22:%220x8a2338421b36fbbb0000000000000000%22,%225%22:%220x8a87496251b1b7380000000000000000%22},%22debug_key%22:%229820846099840707062%22,%22debug_reporting%22:true,%22destination%22:%22https://aguasclarasengenharia.com.br%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22861553066%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226919263834019994609%22}&andc=true

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xae917969be53c2590000000000000000","2":"0xdb35473528ae3c930000000000000000","3":"0x19e160429511038c0000000000000000","4":"0x8a2338421b36fbbb0000000000000000","5":"0x8a87496251b1b7380000000000000000"},"debug_key":"9820846099840707062","debug_reporting":true,"destination":"https://aguasclarasengenharia.com.br","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["861553066"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"6919263834019994609"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Jan 2024 05:24:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 Jan 2024 05:24:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xae917969be53c2590000000000000000","2":"0xdb35473528ae3c930000000000000000","3":"0x19e160429511038c0000000000000000","4":"0x8a2338421b36fbbb0000000000000000","5":"0x8a87496251b1b7380000000000000000"},"debug_key":"9820846099840707062","debug_reporting":true,"destination":"https://aguasclarasengenharia.com.br","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["861553066"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"6919263834019994609"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 29F0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
40ms

Document
text/html

2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:46 GMT
expires: Sat, 13 Jan 2024 05:24:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A9A 50 KB
19 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:36:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 04:36:05 GMT

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C3E 50 KB
19 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:36:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 04:36:05 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 48ms
47ms Preflight
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 13 Jan 2024 05:24:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content bsevent.gif
rtbc-ue1.doubleverify.com/ Frame F154 0
308 B 101ms
44ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=24955eda1a3f41d48b2038b0e87fcf3a&vfdur=423&cbust=1705123486511868
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Sat, 13 Jan 2024 05:24:46 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2024-01-12T05:24:46

GET
H2 200 globalpassback_300x250.gif
cdn.besafe.global/ Frame F154 13 KB
14 KB 593ms
31ms Image
image/gif 2600:9000:2015:aa00:8:455e:4a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.besafe.global/globalpassback_300x250.gif
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=250&slotname=7022970042&adk=3363434266&adf=1998498621&pi=t.ma~as.7022970042&w=322&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=322x250&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485010&bpp=2&bdt=463&idt=317&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2015:aa00:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36819ca2340b20813e1d2eecff934810e65167f054d1f62cdbaf774f0136bfb4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:52:45 GMT
via: 1.1 38dd8070a251309a7a889ed78686bb50.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 20:03:12 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C1
age: 70323
etag: "d52875943b6fe3d6acebdddae888df6c"
x-amz-meta-sha256: 36819ca2340b20813e1d2eecff934810e65167f054d1f62cdbaf774f0136bfb4
content-type: image/gif
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 13504
x-amz-cf-id: nv4G34q0EG5_gHKxsgVgc0qRXbst-0mPYvh2inHlyVgDB30KQuM8KA==
x-amz-meta-s3b-last-modified: 20190925T154054Z

GET
DATA 200
OK truncated
/ Frame F154 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8650678fcb8e7f5be0d43a6f6b3b876656062ad58e47ccb973cbc82e9179baef

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 video-ads-player. Show response
fundingchoicesmessages.google.com/f/AGSKWxXxnC6DYhzKt7U05M5yvDLvW7Q05hC3ZdQeAd6AIWTNlVNrZ87cJqrt_d7udttT_AfvNdK5EAJZ9m3CDmFGVWT8OwY0tPwVFJTKhpZaLVVZiL6IWqHi0cbrVXfIjFumHYfu28KoWfOrgoSalY-PMgn8PNJrD... 54 B
109 B 53ms
52ms Script
application/javascript 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXxnC6DYhzKt7U05M5yvDLvW7Q05hC3ZdQeAd6AIWTNlVNrZ87cJqrt_d7udttT_AfvNdK5EAJZ9m3CDmFGVWT8OwY0tPwVFJTKhpZaLVVZiL6IWqHi0cbrVXfIjFumHYfu28KoWfOrgoSalY-PMgn8PNJrDLtkGL1c5hkkTaCzK8DE8RFyc3sQjM6J/_/somaadscaleskyscraperscript./ad/serve._ad4._adtech_/video-ads-player.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwp5gd9Fr7u9Krm0QbCjoSe6xM-qw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c4a93cd876e01d088e43644644a31c506a62d75f48cc1d46887f033e9181d75

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XfIR2Zv3dgNvkC4CNVLnzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XfIR2Zv3dgNvkC4CNVLnzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 65 KB
24 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24615
x-xss-protection: 0
server: cafe
etag: 10902498161188913397
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:52:03 GMT

POST
H3 204 AGSKWxVyiSrekVTRDQkImJAh8zxeF89IvQHQM8CmlNv_KWaQLVwos3aOZ4XkLWj9eBANrPjEJHMSIyNoD51Z8VWj1QyovyOo5Cruzfo5e-NuKZK9cfwrSLB-cXkllOZQqv-y3ePdeTnf1g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 115ms
52ms XHR
text/html 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVyiSrekVTRDQkImJAh8zxeF89IvQHQM8CmlNv_KWaQLVwos3aOZ4XkLWj9eBANrPjEJHMSIyNoD51Z8VWj1QyovyOo5Cruzfo5e-NuKZK9cfwrSLB-cXkllOZQqv-y3ePdeTnf1g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-O6iGAhdzBz1LALKE8rEknQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jan 2024 05:24:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-O6iGAhdzBz1LALKE8rEknQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://celpe2via.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVyiSrekVTRDQkImJAh8zxeF89IvQHQM8CmlNv_KWaQLVwos3aOZ4XkLWj9eBANrPjEJHMSIyNoD51Z8VWj1QyovyOo5Cruzfo5e-NuKZK9cfwrSLB-cXkllOZQqv-y3ePdeTnf1g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
47ms XHR
text/html 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVyiSrekVTRDQkImJAh8zxeF89IvQHQM8CmlNv_KWaQLVwos3aOZ4XkLWj9eBANrPjEJHMSIyNoD51Z8VWj1QyovyOo5Cruzfo5e-NuKZK9cfwrSLB-cXkllOZQqv-y3ePdeTnf1g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nufGOhfmCH2_b1uI-5EhIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jan 2024 05:24:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nufGOhfmCH2_b1uI-5EhIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://celpe2via.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVyiSrekVTRDQkImJAh8zxeF89IvQHQM8CmlNv_KWaQLVwos3aOZ4XkLWj9eBANrPjEJHMSIyNoD51Z8VWj1QyovyOo5Cruzfo5e-NuKZK9cfwrSLB-cXkllOZQqv-y3ePdeTnf1g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 60ms
50ms XHR
text/html 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVyiSrekVTRDQkImJAh8zxeF89IvQHQM8CmlNv_KWaQLVwos3aOZ4XkLWj9eBANrPjEJHMSIyNoD51Z8VWj1QyovyOo5Cruzfo5e-NuKZK9cfwrSLB-cXkllOZQqv-y3ePdeTnf1g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mffdsx-4Buoaom-VDml4zQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jan 2024 05:24:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mffdsx-4Buoaom-VDml4zQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://celpe2via.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVyiSrekVTRDQkImJAh8zxeF89IvQHQM8CmlNv_KWaQLVwos3aOZ4XkLWj9eBANrPjEJHMSIyNoD51Z8VWj1QyovyOo5Cruzfo5e-NuKZK9cfwrSLB-cXkllOZQqv-y3ePdeTnf1g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 58ms
50ms XHR
text/html 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVyiSrekVTRDQkImJAh8zxeF89IvQHQM8CmlNv_KWaQLVwos3aOZ4XkLWj9eBANrPjEJHMSIyNoD51Z8VWj1QyovyOo5Cruzfo5e-NuKZK9cfwrSLB-cXkllOZQqv-y3ePdeTnf1g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-meU1r_4Z_U32J4J7dqSYiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jan 2024 05:24:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-meU1r_4Z_U32J4J7dqSYiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://celpe2via.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXshAsGxGCdjaHbG4ort5yZAIseevl_VymCKyuq0hO-XtFeunipe0oYLzKA0nqwLaIuTzX3znFjalwZFL-q9pGgW_T9Zfb6PKtiJMmCALN3BkAEBsgfbaKbkODFCQ094LLwTYRreA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 67ms
66ms Script
application/javascript 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXshAsGxGCdjaHbG4ort5yZAIseevl_VymCKyuq0hO-XtFeunipe0oYLzKA0nqwLaIuTzX3znFjalwZFL-q9pGgW_T9Zfb6PKtiJMmCALN3BkAEBsgfbaKbkODFCQ094LLwTYRreA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MTIzNDg2LDk1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9jZWxwZTJ2aWEubmV0LyIsbnVsbCxbWzgsIjE1bUxwenJ3THJBIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7771ce514bdcb6abf66f5297d83b29151643758c96d1805d3c7b862829cc90ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rZOE2SIRx4VHh9TzEWLW6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-rZOE2SIRx4VHh9TzEWLW6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8FC7 42 B
174 B 49ms
48ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugGhQXhM5KKD5TQmS7jzkvnX4hWCsKSr_ymQXnV90WwgCYbLzcabh5bhOppvIoecJtpAaGUd1cLkQQBz8lFg0wmyIeVU-ofai0mRA--HfCIv78dj5nL_enNowWs4UqPQyLFU0v0LaX8WM5fSjsAamHvfsi&sai=AMfl-YQ6JUCpjAl6A3f5aRImQRibYcj1rjs2Ovm9WVU9s5mbJKh1Q_AWCkEK8R5PZkX0HIVWXY2iswQK2ovE7jEXAsYUmN5lgRxE8A-ft3ja5xC7phbnmqAMnrF9nJrkOHSf6UzG9stFO3o2IhU01MHI6A&sig=Cg0ArKJSzKW-bayj1hx6EAE&cid=CAQSTwAvHhf_7HKbuBxWraqfkGI9K2zRWy5TWdgV_bP7qsOdmwvY0YruL1-9-m2KI-viGn70nwTfslOIzQNJHScFtd4jL-9MWkWxUQ6-abMBp0cYAQ&id=lidar2&mcvt=1000&p=0,0,207,805&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3304509598&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705123485413&rpt=549&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 05:24:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVrcdI5jZ3go-r57CuXLNlmeUp6Dlw-Y6WTB7FEe7UbCl7tLlOj9VpXesqrz7FR8TgFrizlTGW9BzzbYuCm7tn1R6Mn73HW45vTpv-nHylKj85e04FGaHy4f5Vah4CbvpWfdx8AyA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
53ms XHR
text/html 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVrcdI5jZ3go-r57CuXLNlmeUp6Dlw-Y6WTB7FEe7UbCl7tLlOj9VpXesqrz7FR8TgFrizlTGW9BzzbYuCm7tn1R6Mn73HW45vTpv-nHylKj85e04FGaHy4f5Vah4CbvpWfdx8AyA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-I5yHhFhbHz9iGoWUb5mzDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jan 2024 05:24:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-I5yHhFhbHz9iGoWUb5mzDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://celpe2via.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVyiSrekVTRDQkImJAh8zxeF89IvQHQM8CmlNv_KWaQLVwos3aOZ4XkLWj9eBANrPjEJHMSIyNoD51Z8VWj1QyovyOo5Cruzfo5e-NuKZK9cfwrSLB-cXkllOZQqv-y3ePdeTnf1g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
53ms XHR
text/html 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVyiSrekVTRDQkImJAh8zxeF89IvQHQM8CmlNv_KWaQLVwos3aOZ4XkLWj9eBANrPjEJHMSIyNoD51Z8VWj1QyovyOo5Cruzfo5e-NuKZK9cfwrSLB-cXkllOZQqv-y3ePdeTnf1g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XLCf9LHvvsOxi-tU590QhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jan 2024 05:24:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-XLCf9LHvvsOxi-tU590QhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://celpe2via.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F154 0
0 54ms
53ms Fetch
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNrC7nR6iZZzTFqzFxtYP_peRqAuj56Gndb3-koqKEqv0m6iyOBABINq9mHtgye6Oi8CkjBCgAdme864CyAEJqAMByAMCqgTGAU_Qp9S4r6NfYxMZMOM5OQoV2XYlXHURmSUO6JQSYcBo7hZEjLZiS33gSvQL-NmnZsdkSkBfQkTEHgNBu8_3L0PrrxIk7YY4Udpzn6GBZNUx7_UJP-sEH8KJk0MMYl-fCfGf7SPqxFCUiGVC_8FVJlNtQB6ku7SftR1biB6v5UvwU7EnavEnQb4STPqAGUGF85ND3t6pV-bmFAIed7Chm7QbCkppOKIno-MqqZPPeHYTCO0qOrl2es9lO_fUQAiryTtWj2isqsAEioDj-swEiAWFiL3jTaAGEYAHj-GM0QGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDqwhnSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKvjkv3P2YMDgAoByAsBogwIKgYKBKy6sQLaDBEKCxDQwK2m7IeK04MBEgIBA9gTA9AVAYAXAbIXHAoaCAASFHB1Yi02NDA5Njg4NDU0NzEzMDIyGAA&sigh=H6Cx8qTyE9c&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_2XhaQkE1ME5RhjZ3Ux_xSkxqfkxVEI7-BVUfFkYrZkenbbhu6kV7wi5DqPHLp0f-uBRz6IgPz-h2ZBtOBcrfgZsMc1BtF8m2jBgB&cbvp=2&vis=1

Requested by

Host: celpe2via.net
URL: https://celpe2via.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6409688454713022&output=html&h=250&slotname=7022970042&adk=3363434266&adf=1998498621&pi=t.ma~as.7022970042&w=322&fwrn=4&fwrnh=100&lmt=1705108718&rafmt=1&format=322x250&url=https%3A%2F%2Fcelpe2via.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705123485010&bpp=2&bdt=463&idt=317&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3893859689308&frm=20&pv=1&ga_vid=96834338.1705123485&ga_sid=1705123485&ga_hid=248074409&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927&oid=2&pvsid=1775002953206403&tmod=1086604623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=323
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 Jan 2024 05:24:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 54ms
54ms XHR
application/json 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c158cc3d629f2f4638d74146ccc19952cc87d37c3ff8960eb2ab946c8739a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12271
x-xss-protection: 0

GET
H3 200 sp-push-worker-fb.js Show response
celpe2via.net/ 65 B
176 B 119ms
118ms XHR
application/x-javascript 78.46.80.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://celpe2via.net/sp-push-worker-fb.js
Requested by: Host: cdn.sendpulse.com
URL: https://cdn.sendpulse.com/js/push/2a6abe23f4c6139cfb410bff3b535ab8_1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 78.46.80.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi.brworks.com.br
Software: LiteSpeed /
Resource Hash: 2a810283ef3a450039039318677538039c2adadfe2703a12f98b07735ba15290

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:47 GMT
last-modified: Fri, 18 Mar 2022 18:08:08 GMT
server: LiteSpeed
etag: "41-6234ca88-8440b4;;;"
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 65
expires: Sat, 20 Jan 2024 05:24:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 05:24:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E58A 13 KB
5 KB 32ms
32ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celpe2via.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 3831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:20:56 GMT
expires: Sun, 12 Jan 2025 04:20:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8930 829 B
560 B 45ms
45ms Document
text/html 2607:f8b0:4004:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

035328ceef02ce19096c11101d0d82d2dea647151ecc9aae4ba318ab41bbd2fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wB2mDzTNi4Xi9JTfqFlf4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://celpe2via.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wB2mDzTNi4Xi9JTfqFlf4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 05:24:47 GMT
expires: Sat, 13 Jan 2024 05:24:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame E58A 39 KB
15 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 04:52:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8930 0
0 48ms
48ms Image
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=1775002953206403&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E58A 0
10 B 32ms
31ms Image
text/plain 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eRdjbA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 05:24:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
91ms Image
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=1775002953206403&bg=!AwClAE_NAAaumcC-jpk7ADQBe5WfOP-M4eYq6Gg3VZMv-08TCdZESbNMk1ij8PEkJiFu4Vziaoh3IsRO7KaCtWpRVfGVAgAAAFJSAAAAA2gBBwoAsy7XiwGUzJzg5-O-6rInq-i9Er_PZcPyNT1Wc5sPTY4-ryqUOF7vC-NhiY9769TOYZfLtKtvia2pIdhb3rFItqT2GIPwu8H7K0RdDxTdTlkB7mu2WxkijNKixIRXQS6CIcBkRP3fwLkuC7dVu1dubHzb4mgDOP3GAqEWfIOOvoDz2qaLq2BHGIetNvIA70rkQAc60uZCs0boYX2qgav4Dv1Z0OEVjX4mymebojr6qbCFVKm5mQLD6Wxu8Br3H5BzHPk_oyfNWwe5eIiD4VkVXTZrpfGApk36gVBi5lgrGK1o6V8IE_Hf-13Xwll8FQ5UvbsgjjsEvt1VqlOkhqP7eP4vAWfnShvsJ8r-upqWsYjxEXFdFnJU-E5pJ4YIz4ZVYQ_ReyK1fJdyYf8SN5NcBxzLIV4JapfogP7zLQVdRAHUj3jfrXBz-C63sBf1ThIg633vGa5xA78MwThyHLvoB-KY3oSSQyZYZfiPmFUmQp97SWHyC_RjS8YGBlKL75Rv0t-JU5dsbgNucaaIzCFLktTX5GrmuHfGeIzkCHWBLgZTlikjhwFuyieXilorzCNHFF_oHo2axBhWRZOzJi2HA94CQcazE7eSjdGJzF012SgGkH2bWc35py7Yur0XHXbOdYD2Gzxe0iRdaMkDu5lvwV6oI5ylS4fPYfBCoHRcZu4CVRJYi2oPV4affR8GayFuOxtc0gy7ukd2BCNrIB8_FtBrcgTYYJ-ux5oCbVxGHaKiijMahRozKNsmESOJP5jlesuNvcTMDBF--5gguniwkG__MfsTMhg3ktpvNcAYIv6ysTDkZb-529gjulIyh3Vk4gnjtDP74FRyMjQarnVBTvbuVQCSzv_tmY9_P1eLD3A53KFe7_ac7GVhaxYg2AQS-8UTO6No2Y2Q_PVd_eLXPJOnZV3amngG8BS6GHxolifxnQlgn4orsZEwltfDGsKGwxiW0rt-2P3l3zExHNmzK7blYn5osSmtYzP4gs0vYNdvDtYXP6p5GQUAxLmfkp6R4MHHTUbE9c0QXPBA_Jcb1RMUP2skYX8mkOxRAzRCPAVLB2SgQfhJyMPvAHNU7j0BQ6PEx3Xv6cUR669i4_h8v6sdi069dgkoz4wGGIpBGl1BM1oeq9tRXxCunXc2Ib_OZNGBbmWezA-730FSZfyNJcvVluVEwVoaEHU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F154 42 B
64 B 49ms
48ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFs6lul4qDRgxFc2b4Tf7Xnfls5YKl_Dlvzu7xg27CA5hVLc1KF5XOyRQdCje5ztjPU5w77k0iSEHXof9uPLqet_3ct5bVaSq7gV9rd_38-ZH44cdsbOLOAByMOgxvifU8pDg4GMzHtOYE2vUuxkwHoG4JmVcCCHDC15QsjbPOuW1bhY6zwiLIEztyeCTNZTXrC-LET4qHNAdGb_U0bEpuNgfdMou6sRuH7V9kwbiANkciErRlelfqx2cAAAH9vB53qh7IgNGt91Jn6RpdUVt5G5pAWNJLef8BCArAo0O5z9fNKa-XVzXEYdi1Ef4b7BN5Y2vXPrW8TXsQVlafKL7EEUZODHk2fC-r7ypmKepuq3uJjTcYvezOtnrNfHIyf_KfZIUL_kU9SvctJIuThoRUAtopbVIeWpdIC56_atSzqQENb1e82SsRPZ8nG9_F7uanxw1Mm9Lmzx9o9PP2ojKyoIM1fg7oLL3NK7YLi_HIb0vLrWCcD5BfeUmYNpaAliDd7N6naDwOKDZIdUT4u-dur_FRDiAffOEmwkH4sFVqKJL0XmeSxuVBPSJnkOhBQm1DJ4cfCj32bCFq9AlDUtchf31rpE7hxkF9WOoj3OZpKhCrgIwcm-qxRynJLQ54VtG8GDC1zzxXPniJUT43GN7TYxHH3HPncQgSbuLOFJzlMAyKg4PO54qf4LrQYaZPMZmWlyXTPCh4FZrMHSnJ8Bo4Vh2gVsO6L-lE1N-1CICMVPQ8MRf6zXdTUpAmp3I_-8u4ZjKFzHGi9H8K04gVNkpkWlWHwnMKFUuWsoOm7-haklrv7iJIQsR2yzIu-U2LvRAI3XzX5BnPuiIoP9QFKieeOr2QRsEoEAXOIUCt_YMnOu5OWVvlFOMj9rt-p9i3EXIzOou2XhsfT5Ryc01b1vFq7yEdkiUraloRkdrlb5FvnCPKAlO5NiMPC5PqzyaovXshtr94EvNqHyFum3tXja_oD3Sj6f1GiGfPQ5NAEsb6y8Wb9LBysObBAYEcOptA8OTrRiTtFo7l-kQ&sai=AMfl-YSzGzhWOdXufoFafVRPRE-3aKmgHDMc0Jv2ZI_YNWC14wTAY23gD-bOsGNeHXc6pjNGKTmmw6eYv5-xl1Cpmlkg7kkIYA5hczWqf7AtVIRyDxZxnSsa0q1mZueOBlf2uFVTEh9bj4eaggoXef7ywgXcwqVGqxfsYGE0ag&sig=Cg0ArKJSzEYxUCoJqOLcEAE&cid=CAQSTgAvHhf_2XhaQkE1ME5RhjZ3Ux_xSkxqfkxVEI7-BVUfFkYrZkenbbhu6kV7wi5DqPHLp0f-uBRz6IgPz-h2ZBtOBcrfgZsMc1BtF8m2jBgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3363434266&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705123485772&rpt=1338&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 05:24:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sendpulse-prompt.min.css
web.webpushs.com/dist/css/push/ 49 KB
12 KB 692ms
41ms Stylesheet
text/css 2a02:6ea0:e200::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/dist/css/push/sendpulse-prompt.min.css?v=121707732000000

Requested by

Host: cdn.sendpulse.com
URL: https://cdn.sendpulse.com/js/push/2a6abe23f4c6139cfb410bff3b535ab8_1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

fa6b5aa02c581a81789cb3796ce444b4a1da56ec27fbb5a71855ed16a857c80e

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 wss://ws.binotel.com:9002 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng sendpul.se .sendpul.se trckln.com .loginsrc.com .routee.net .routee.net:444 .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com revisionme.pages.dev .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com s3.eu-central-1.amazonaws.com .googleoptimize.com .privatbank.ua .cardinalcommerce.com viacep.com.br .wdgtsrc.com 1860267202.rsc.cdn77.org 1443908614.rsc.cdn77.org 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://celpe2via.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: ashburnUSVA
date: Sat, 13 Jan 2024 05:24:49 GMT
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 1860267202.rsc.cdn77.org 1443908614.rsc.cdn77.org 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options: nosniff
content-encoding: gzip
x-age-lb: 34721
x-77-cache: HIT
x-accel-date: 1705088768
x-xss-protection: 1; mode=block
x-77-nzt: EgwBJRPOBAH3oYcAAAwBnJI76AH3uXoAAA
x-accel-expires: @1706094151
x-77-age: 66138
x-cache-lb: HIT
x-sp-ma: sp-ma-2
last-modified: Tue, 26 Dec 2023 13:45:48 GMT
server: CDN77-Turbo
etag: W/"c2bf-60d69e6692ab7"
x-77-nzt-ray: 8e305f1cc8d59923a11ea26537ce6736
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
x-sp-pr: lpr-06

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5daa91a81734f9df8e725f502513bfbff7cd2432a439e19a033d7e2426706d1a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 39ms
39ms Ping
text/plain 2607:f8b0:4004:c19::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K221T23EZ8&gtm=45je41a0v883530039&_p=1705123484802&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=96834338.1705123485&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&sid=1705123485&sct=1&seg=0&dl=https%3A%2F%2Fcelpe2via.net%2F&dt=CELPE%202%C2%AA%20VIA%3A%20Tirar%20Segunda%20Via%20Celpe%20Servi%C3%A7os%20D%C3%A9bitos%20Conta%20atrasada&_s=3&tfd=7282
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K221T23EZ8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c19::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celpe2via.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 05:24:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://celpe2via.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.celpe2via.net/	1970-01-21 03:14:43	Name: _ga Value: GA1.2.96834338.1705123485
.celpe2via.net/	1970-01-20 17:40:09	Name: _gid Value: GA1.2.961962459.1705123485
.celpe2via.net/	1970-01-20 17:38:43	Name: _gat_UA-112930509-1 Value: 1
.celpe2via.net/	1970-01-21 02:24:19	Name: _hjSessionUser_2883053 Value: eyJpZCI6ImM3NDVhNDI1LWRjN2YtNTdkMS05OGJlLWJhYjBjNzZmMGI0MSIsImNyZWF0ZWQiOjE3MDUxMjM0ODU2MjEsImV4aXN0aW5nIjpmYWxzZX0=
.celpe2via.net/	1970-01-20 17:38:45	Name: _hjFirstSeen Value: 1
.celpe2via.net/	1970-01-20 17:38:45	Name: _hjIncludedInSessionSample_2883053 Value: 0
.celpe2via.net/	1970-01-20 17:38:45	Name: _hjSession_2883053 Value: eyJpZCI6IjhhYzVkYWI5LWZkYmUtNDgwOC1iNWM3LTcwM2UwMDBlODBhYSIsImMiOjE3MDUxMjM0ODU2MjIsInMiOjAsInIiOjAsInNiIjoxfQ==
.celpe2via.net/	1970-01-20 17:38:45	Name: _hjAbsoluteSessionInProgress Value: 0
.celpe2via.net/	1970-01-21 03:00:19	Name: __gads Value: ID=44de0f1bcf072808:T=1705123485:RT=1705123485:S=ALNI_MZUnLwIGEQ1XWoLBalcVHM2ZbgpiA
.celpe2via.net/	1970-01-21 03:00:19	Name: __gpi Value: UID=00000db6d68658ea:T=1705123485:RT=1705123485:S=ALNI_MYFudg9w7ujDN024hpErLx4d0_h8w
.doubleclick.net/	1970-01-20 17:38:47	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:14:43	Name: IDE Value: AHWqTUnkwmBBC-wbadybboFn5CJQoullP2m5rTH8C41Q-mOS6xXlYPkRgu48fMxvxyI
.googleadservices.com/	1970-01-20 19:48:19	Name: ar_debug Value: 1
.celpe2via.net/	1970-01-21 03:14:43	Name: _ga_K221T23EZ8 Value: GS1.1.1705123485.1.0.1705123486.59.0.0
.celpe2via.net/	1970-01-21 02:24:19	Name: FCNEC Value: %5B%5B%22AKsRol_Vm-AFlqWsAEMnYcMkPCJO0erxbBNQTqvqdlYqFpBP8DK_j-D6VNxH3E2vc4oMtHdxUMKsfQxQ7DzoVRmjuOvErmsFJeQmzk1qeYXaCY_ZwXmyoncZLf0edX5kqHa06_9wSqq4zYGbM-QyrWhr-cWmSW9OuA%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
cdn.besafe.global
cdn.doubleverify.com
cdn.sendpulse.com
celpe2via.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
p4-gldaoaic2raku-gso56pwr7xk4tfzh-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
web.webpushs.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.251.163.94
172.253.62.157
18.160.41.49
2600:1408:7::170f:92b
2600:9000:2015:aa00:8:455e:4a00:93a1
2607:f8b0:4004:c06::64
2607:f8b0:4004:c06::9b
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c07::63
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::64
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::61
2607:f8b0:4004:c09::84
2607:f8b0:4004:c19::65
2607:f8b0:4004:c1d::5e
2a02:6ea0:e200::2
2a03:2880:f003:c0e:face:b00c:0:3
34.117.228.201
78.46.80.122
99.84.191.77
035328ceef02ce19096c11101d0d82d2dea647151ecc9aae4ba318ab41bbd2fe
0de759f860ac15a57501171175c2d2324fd1884aadbfd16dd1a47fd40a8c9997
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
148c06baa222e1cba0ee2462e088d847688b643f0f94f1e1da29dcfbb385588a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230
1eda5a22ae0ee3edb6d629fa72ff806cbd1e54de7bafa122cd26ace6ee69679d
1fe0a1d0440db1d043d00405be45a6494bef459ddabc0649fcefe29741978345
245b858326cc1410d5489ee0507762b6bac8a3aa9a8d6ff57741e21be3039d77
2a810283ef3a450039039318677538039c2adadfe2703a12f98b07735ba15290
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c4a93cd876e01d088e43644644a31c506a62d75f48cc1d46887f033e9181d75
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36819ca2340b20813e1d2eecff934810e65167f054d1f62cdbaf774f0136bfb4
3971281769d8032002d45b38aad164255f397bdeb0e230ff41803ad8425bc059
3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f79d1616a9353872a9712f463e35dd4ca3589ea4a8cf0770d34b2f0b4fc23a8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50f9006b1192f510235fdeacffa6e067fc0701f5c59be93b1d1e3560c4a112b4
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
576b94fca42e09dee2410b332a20be762afe70379f079db0e7798315f8d8f33d
598ad6704b8519c3e640d8df586352a55e152b992d439fa86ca2d30e099cd692
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5daa91a81734f9df8e725f502513bfbff7cd2432a439e19a033d7e2426706d1a
602920a4534b76728bea9be2fd4f2ecf80b92505f4d3287e0822e909b3fc85fa
6055181b43097ac10ab9b916d1f9fcdc9dbd1e92c45fbf6a8b5dde56f291d18a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6104ac0deebbb68d8703021064453c5fc9f35ad236ab849986bca57df2be99e0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6744101887333151b899a244c1f2326f07da9be106e795779e74987dc3610471
67f73dddf03396bef5059e937729e5fe6272ff2bc662c5627f414b830114ebdf
69a534becfcd98657bc8182639ed409115bae704945f4ea3405335aab17eb827
6a16dfe9e92661a05f6798c8520a71e2f68c4675ffd6428d60e9d4fc71744dc7
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6b3915528adf7fa37e092c38ffc6d93f4be2a7f083f616d7259a78d09b11df59
6c68d00bbb7ff67dd41ac89e4da28a08082100731d1bdf7ddc8e8b46f46f20f9
7771ce514bdcb6abf66f5297d83b29151643758c96d1805d3c7b862829cc90ba
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7d1b412a5bb24e0a3d341257656d7f462095573f9c6acf6fe261fefe96e29a85
7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
83b6709ca18a23e86f7f45cafcde10258359aba10991956aeab3e9188e1aec51
8650678fcb8e7f5be0d43a6f6b3b876656062ad58e47ccb973cbc82e9179baef
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9c158cc3d629f2f4638d74146ccc19952cc87d37c3ff8960eb2ab946c8739a07
a25fa80de0f73db48a60517bc3437bdfc370b56f52179ae0a42d20e4019534e4
a6ac431e01bdb435329fac052fb3362001d049705defb4c987aada15973c64f5
a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a
a9456eabca6233ae722f480424ee89c21524b008a06d96d54749b1301baa3f98
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256
ae7d0099df1b3b0efb31eefedcc68038edc790ac12d1149c7bfbcabb1d548c6e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b319ec0a8927f1063f8023ef37c90eab8335344709c4adeddd498cbb6983f1a4
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
bcc9d7aad04ec1a5dc4b07292c18a285b07f9fb32371d3968cc96e6532fca8f1
bf12402e4527bf26c5398bacb6cca80c076ab31c9351e9c7fdaa8c613c09acc3
c0e09e793fb79507dc97ed702a4c2c9c00ab4d1677bd45bcd112e203c96dd661
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c4ea7fbddaefb67d759248a58b9deb694d3f8769e30f6643a09c710afc84d332
c53260c9d70f7a3a4be6a30ac3bf11afe095d1f8634af66889853a351334297e
c928411ea4802253dd0c874e106ad77cbbee991364e6f87920a170a674cb7aad
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d2ec1c907004fb1a0d9ade9e9f5d3b19efb55a0319dbaadaea734d86cb5e4c66
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d943e6c12adbe61a99030502337c487340326a59a4f92b785df8df23b27fe05d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de62b25be1996b765fd579f55d9a90e5faa0c784b9a81908563dda6a4ddc882c
e04ba77c47bc3a299b8dc20a36b3c3bc5f64d629bb43e39ced7eef17dc9b19f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e8762752dbaddc15281f6837e12f584651d9324d92d0944c4b3ebff4d98979e8
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e944b6f3fe7ae059be4a24c9a301021ea8aac5fefe6832b5b9170e74eca22711
ec3c1f8801ad0e47683749ee40d8cade3708b6440d9c08118d05437fe954a552
ed1c972209a66e1dc05b8478123417829a9ded44f03de5e0f4c5e4e402bbe0b9
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7
f2fd3c02a805d633344434c58be4083ad644da7d4de4324fab729c396dfa4b58
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143
fa6b5aa02c581a81789cb3796ce444b4a1da56ec27fbb5a71855ed16a857c80e

celpe2via.net Open in urlscan Pro 78.46.80.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

143 Requests

99 %HTTPS

73 %IPv6

16 Domains

26 Subdomains

23 IPs

2 Countries

2429 kBTransfer

6073 kBSize

15 Cookies

3 Outgoing links

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

celpe2via.net Open in urlscan Pro
78.46.80.122 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

99 %
HTTPS

73 %
IPv6

16
Domains

26
Subdomains

23
IPs

2
Countries

2429 kB
Transfer

6073 kB
Size

15
Cookies

143 HTTP transactions
3 data transactions