ngplus.com.br Open in urlscan Pro
2a02:4780:23:367e:e747:764c:8640:fbad Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ngplus.com.br/
Effective URL:
https://ngplus.com.br/
Submission: On January 08 via api (January 8th 2024, 10:27:36 pm UTC) from US — Scanned from NL

Summary HTTP 239 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 26 domains to perform 239 HTTP transactions. The main IP is 2a02:4780:23:367e:e747:764c:8640:fbad, located in Meppel, Netherlands and belongs to AS-HOSTINGER, CY. The main domain is ngplus.com.br.
TLS certificate: Issued by R3 on November 30th 2023. Valid for: 3 months.

This is the only time ngplus.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 65	2a02:4780:23:... 2a02:4780:23:367e:e747:764c:8640:fbad	47583 (AS-HOSTINGER) (AS-HOSTINGER)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:2a64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6811:5459	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	40.127.232.184 40.127.232.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:440... 2606:4700:4400::ac40:902d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:25b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	5.226.179.10 5.226.179.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
23	5.226.179.16 5.226.179.16	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::62 2620:1ec:bdf::62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
16	2606:4700::68... 2606:4700::6811:ca6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3 4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
2 5	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
2	65.21.130.13 65.21.130.13	24940 (HETZNER-AS) (HETZNER-AS)
12	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
5	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	142.250.110.156 142.250.110.156	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:7::a	15169 (GOOGLE) (GOOGLE)
3	157.90.6.85 157.90.6.85	24940 (HETZNER-AS) (HETZNER-AS)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	2600:9000:244... 2600:9000:2440:7400:15:157b:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
239	39

65 2a02:4780:23:367e:e747:764c:8640:fbad (Meppel, Netherlands) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

ngplus.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.r4you.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.crispcricket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gml-grp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:2a64 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:5459 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

br.betano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.127.232.184 (Dublin, Ireland) 4 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wlpixbet.adsrv.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wlf12bet.adsrv.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:902d (United States)

ASN13335 (CLOUDFLARENET, US)

pixbet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:25b7 (United States)

ASN13335 (CLOUDFLARENET, US)

f12.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.226.179.10 (United Kingdom) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.bet365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 5.226.179.16 (United Kingdom)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.bet365.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
members.bet365.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content001.bet365.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
extra.bet365.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::62 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wlstoiximan.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6811:ca6e (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.116 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.23.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.21.130.13 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.130.21.65.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.233.6 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.110.156 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:7::a (Ireland)

ASN15169 (GOOGLE, US)

r5---sn-5hne6nsy.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.90.6.85 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.85.6.90.157.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2440:7400:15:157b:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img01.ztat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	ngplus.com.br 1 redirects ngplus.com.br	1 MB
39	googlesyndication.com c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185 ade.googlesyndication.com — Cisco Umbrella Rank: 360	242 KB
29	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 pubads.g.doubleclick.net — Cisco Umbrella Rank: 357 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 ad.doubleclick.net — Cisco Umbrella Rank: 199 bid.g.doubleclick.net — Cisco Umbrella Rank: 1354 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677	294 KB
23	bet365.nl www.bet365.nl — Cisco Umbrella Rank: 493046 members.bet365.nl content001.bet365.nl — Cisco Umbrella Rank: 819904 extra.bet365.nl	479 KB
17	revjet.com ads.revjet.com — Cisco Umbrella Rank: 8504 cdn.revjet.com — Cisco Umbrella Rank: 8224 pix.revjet.com — Cisco Umbrella Rank: 7200	735 KB
16	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 9459	170 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	117 KB
6	eacdn.com 4 redirects wlpixbet.adsrv.eacdn.com wlf12bet.adsrv.eacdn.com — Cisco Umbrella Rank: 857337 wlstoiximan.eacdn.com — Cisco Umbrella Rank: 73907	7 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115 imasdk.googleapis.com — Cisco Umbrella Rank: 639	373 KB
4	ztat.net img01.ztat.net — Cisco Umbrella Rank: 28362	25 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	2 KB
4	gml-grp.com 2 redirects gml-grp.com — Cisco Umbrella Rank: 39255	4 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1695	358 B
4	r4you.co static.r4you.co	128 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	3 KB
3	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 407 gcdn.2mdn.net — Cisco Umbrella Rank: 1773 r5---sn-5hne6nsy.c.2mdn.net — Cisco Umbrella Rank: 361205	8 MB
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 23894 ui.cleverwebserver.com — Cisco Umbrella Rank: 25820 call.cleverwebserver.com — Cisco Umbrella Rank: 27322	47 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	242 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	129 KB
2	betano.com 1 redirects br.betano.com — Cisco Umbrella Rank: 262165	628 B
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
1	bet365.com 1 redirects www.bet365.com — Cisco Umbrella Rank: 37543	548 B
1	f12.bet f12.bet — Cisco Umbrella Rank: 593040
1	pixbet.com pixbet.com — Cisco Umbrella Rank: 743819
1	crispcricket.com www.crispcricket.com	4 KB
0	zeronaught.com Failed ponos.zeronaught.com Failed
239	26

	Domain	Requested by
65	ngplus.com.br	1 redirects ngplus.com.br
19	pagead2.googlesyndication.com	imasdk.googleapis.com c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net ngplus.com.br tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
16	c.bannerflow.net	ngplus.com.br gml-grp.com c.bannerflow.net
14	tpc.googlesyndication.com	c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com ngplus.com.br googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com securepubads.g.doubleclick.net
12	cdn.revjet.com	ads.revjet.com srcdoc ngplus.com.br
12	content001.bet365.nl	www.bet365.nl
9	googleads.g.doubleclick.net	c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com pagead2.googlesyndication.com ngplus.com.br
9	www.bet365.nl	ngplus.com.br www.bet365.nl
7	securepubads.g.doubleclick.net	ngplus.com.br securepubads.g.doubleclick.net imasdk.googleapis.com
5	csi.gstatic.com	imasdk.googleapis.com
5	ad.doubleclick.net	2 redirects c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com srcdoc
4	img01.ztat.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	gml-grp.com	2 redirects ngplus.com.br wlstoiximan.eacdn.com
4	region1.google-analytics.com	www.googletagmanager.com
4	fonts.gstatic.com	fonts.googleapis.com
4	static.r4you.co	ngplus.com.br static.r4you.co
4	fonts.googleapis.com	ngplus.com.br c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
3	ade.googlesyndication.com
3	pix.revjet.com	srcdoc c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com cdn.revjet.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	ngplus.com.br c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
3	c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googletagmanager.com	ngplus.com.br www.bet365.nl www.googletagmanager.com
2	ads.revjet.com	c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com ads.revjet.com
2	pubads.g.doubleclick.net	imasdk.googleapis.com ngplus.com.br
2	www.googletagservices.com	c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com ngplus.com.br
2	wlstoiximan.eacdn.com	gml-grp.com
2	imasdk.googleapis.com	static.r4you.co imasdk.googleapis.com
2	wlf12bet.adsrv.eacdn.com	2 redirects
2	wlpixbet.adsrv.eacdn.com	2 redirects
2	br.betano.com	1 redirects ngplus.com.br
1	www.google.com	tpc.googlesyndication.com
1	googleads4.g.doubleclick.net
1	r5---sn-5hne6nsy.c.2mdn.net	ngplus.com.br
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	extra.bet365.nl	www.bet365.nl
1	members.bet365.nl	www.bet365.nl
1	s0.2mdn.net	imasdk.googleapis.com
1	www.bet365.com	1 redirects
1	f12.bet	ngplus.com.br
1	pixbet.com	ngplus.com.br
1	call.cleverwebserver.com	ngplus.com.br
1	ui.cleverwebserver.com	ngplus.com.br
1	scripts.cleverwebserver.com	ngplus.com.br
1	www.crispcricket.com	ngplus.com.br
0	ponos.zeronaught.com Failed	www.bet365.nl
239	49

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
ngplus.com.br R3	`2023-11-30` - `2024-02-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
r4you.co GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh
crispcricket.com E1	`2023-12-17` - `2024-03-16`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
gml-grp.com E1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
betano.com Cloudflare Inc ECC CA-3	`2023-12-31` - `2024-12-30`	a year	crt.sh
pixbet.com GTS CA 1P5	`2023-12-02` - `2024-03-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-11` - `2024-03-09`	a year	crt.sh
bet365.nl GTS CA 1P5	`2023-12-16` - `2024-03-14`	3 months	crt.sh
ia-prod-azurecdn.eacdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-24` - `2024-11-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
img01.ztat.net Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://ngplus.com.br/
Frame ID: 25E1FBE13C3C71A633DB29BA01613D9C
Requests: 114 HTTP requests in this frame

Frame: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CFE861102EA97BC7EFC20AA82DE94D91
Requests: 1 HTTP requests in this frame

Frame: https://gml-grp.com/I.ashx?btag=a_8725b_1238c_&affid=2566&siteid=8725&adid=1238&c=CM_BR_SB_BA_BETANO_NGPLUS
Frame ID: 82621D9A007A239AED79842D28F93BF1
Requests: 11 HTTP requests in this frame

Frame: https://br.betano.com/myaccount/ban/country-341629?alt=true
Frame ID: 21B3D8E5E5047708BBABEA77362E2868
Requests: 1 HTTP requests in this frame

Frame: https://pixbet.com/hub/registration/?btag=a_1971b_114c_CM_BR_SB_DT_PIXBET_NGPLUS
Frame ID: D38C79C84EFFD4218029541AAA52A365
Requests: 1 HTTP requests in this frame

Frame: https://f12.bet/?btag=a_3672b_86c_CM_BR_SB_DT_F12_NGPLUS
Frame ID: E61967ACCECB5F0774A8FE4D3C83E3F5
Requests: 1 HTTP requests in this frame

Frame: https://www.bet365.nl/olp/open-account?affiliate=365_02788145
Frame ID: 4E61523FE056953E575AE6D56CB70F81
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: 32946B786B456735E86E64C239A80C53
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 89E14BF0C227000267BE9DBB4A371174
Requests: 1 HTTP requests in this frame

Frame: https://gml-grp.com/T.ashx?btag=a_8725b_1238c_&affid=2566&siteid=8725&adid=1238&c=CM_BR_SB_BA_BETANO_NGPLUS&t=638403496496740000&MediaID=2693&MediaIndex=0&XYZ=120%260%26148%26%26%26%260%260%26%26
Frame ID: 98414B37DC0705F2D211FD00C93A0661
Requests: 1 HTTP requests in this frame

Frame: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Frame ID: 27B357D4BBB8429D97B6BC7934B6CFF6
Requests: 24 HTTP requests in this frame

Frame: https://members.bet365.nl/Members/Helpers/DefaultAff.aspx?affiliate=365_02788145
Frame ID: BB4CF0EC4FF7BC916F6451E9154CB308
Requests: 1 HTTP requests in this frame

Frame: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DAFC969F80E49ABF73ED152ECE9993D5
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNbS3t4BMAE&v=APEucNU7EYkq5f1GOL8lMncCX84WvqUanLzhcUuVsW6I7Jy3jskYeqxcfDeKvZaSYR4S05lm5MKk09jmN1WurKyUOynobeixbgL-8R0EUYNdJ6SvKZCrE5nh-Cut4zObm61BGGPKOHPb4VvRpEwhG3G3uBudgF_L3Dc4nedxv13K-b8FTfYcEPI
Frame ID: AA53042B7C6F91BDCA15011845DE3AA4
Requests: 5 HTTP requests in this frame

Frame: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DDA9687EAFD8BD242D3167B4AE74EAD2
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DF307A2E0D9976ABD491960E2AB7F12D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8B7D6200AB8098A36AF0417BE609F81F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Frame ID: B55D0D0D6CA9FE3F029D4E327432A8D8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fc6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
Frame ID: 15D63E656D36A4D54F47DB9DEF1AE421
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Frame ID: C4BCB7799E2F7EC7071283B6FB7BE9D2
Requests: 19 HTTP requests in this frame

Frame: blob://https://gml-grp.com/6b66aefa-462c-4988-9f69-2eb21c74f9e6
Frame ID: D072FF56419F09CA060CF162271570DF
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F1c779fa1-3947-4668-922c-faa5dcb06e77.png&w=300&h=250&q=85&f=webp&rt=contain
Frame ID: 90612B07BD3DE06E8A972A4ACCAEA5A4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 03B00482EB9F7C015D7E1093CE1B3753
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 792A566D8D31A8A0A77CD5799F3A9579
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F981C7FF7DE25122DDE6B4C8E5C0FB8A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NG+ - A casa dos reviews

Page URL History Show full URLs

http://ngplus.com.br/ HTTP 301
https://ngplus.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

239
Requests

95 %
HTTPS

68 %
IPv6

26
Domains

49
Subdomains

39
IPs

6
Countries

12157 kB
Transfer

17546 kB
Size

41
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuKECD1FzXtiI9ztcIrCd7x2MMGHLhFIUL5aJrNuGMGrXuEUzYhy_5mSi83A79dzh_tZFJICWnVfbzZjcjCvt4R4xqm_eVq8mRbUosEY0_OxZAyXvPmkPIZheYlELhwGVCDR6y9jtxweoj4CUdn0bMAIR42j7adfDxRJpckN4tocXmZG-oQoJ9CnkioguDEN_uzJdMhsDIejysEQpWF5vCbUPTgRWpcVTWxVw9RllPUe-1LbLmSaVUN7iXv2o3rBKJQfj5p-dvZAuSHgQ6eDBQySqHp4oCdtxc_JahFonpxVt9_yE5LxCaMYTO-PADxSj-MR4BkANjixvp-nEwP6cK3O079qG08K_16F1oIuG_AtaKtr6TPnzADKxDk6e2ZibKJxplhOxY7XNG1sWSnS_h_eJ7hWU4lBX_82MO3TbETnxJmaCPljGMb81_Bu94u3Jxfv6Ic__2U24CKKO2bACe6NhpaqwEY11tagzDUIKPrpOSEiB63ZcqBpf3SZrP57YNBbZSAt8k7TKbpKCsmdVd5l2LmezUGvNE8M5RypSpbeakCzcv4W8gadHnnEOL4oghKd7PQuytCWF-1KkLqc5aBUZgVFf2GkTazZ7nXj3MepEgsxYcKQzco9unPJzX_Sa5aLA9N0aRiElmpmIkU-96JMKyAyLpVHsy7UJ-6mqSN5_dVP8pBhq3SGjMBiKgtobu1dKTMMrSXv8jnWMaBKEXASLYa1LmaLbj61NNtWMKwEqA9kszg8gyhZ7ztBUBR0MHyT6Lk7ibmsYrlCUxD6h_3bTZDGJXUN13FGgNee6bKwmLXhTrvgGjjvBkUnFsGC8ftsaZZy6s5566yC40v3917-oqKYC1KeCh8D2Mkmbq6RmNFnVAyc-xa-wI0RM_KVxEl8uPBu_nTWbCe2qYX9J5MqiZFnqTSGqYaKMmMa_WWz4XxpTapHy0_MUgGRm2T7PqYiFrQrGC7fZrrkiB18aC2PYb3E6Vd_f6WOHDxmKD0vJbpwqW-fFxpfQrPC-0OWhAoSh6yRtQFbUrnyNcdOnh5sHIDKWVkT4Bq9tiBcT8k1EsOs61h9rPCdZtLOoVFg_t7qnECC1MM0tYFS_7QFXmStZml94WGWjaGdsqPs_569Z8nkB3fkh5_7BacCmhD0fV3-eVnBe-4PMnVFeJxtdnMHy29V4szlImfPvgVkYT-DgSwBr3-5ISnnUPiaW3-gP5B6VFnhmxndMw5PUZokNm20YUTKLQFYWJwALI5l6dfS9RYi_VhPubi2hviR4GcBLq_C_F5ZGsp6Fkw6hWE8p4WIdMjov4UjGIZ5sHwsgmM4jTePxkJzAznr87q52Lt54FOaHfx8r16Ve0Tbtl0MD1MFcNZPTD2Ipxh8_Gl1PtmszvaRq0A-fsCBTONWYmT_-fN9hL_xq5CABxFIROoNKgCh496B7XGW5dLKf6VOBq0m7NWaTqXP-yBS6VP1A5FKsMjGwyg2VP6owWbgt82YExj6ykW_YkqS25hleGdzv5ANhq_yiU6Uw1G2sR4nyHkYNjfPey0_MvS4yu4E5Xb7qhYagrJAtxg5LVrJoXcAEDBOxKOSdvWQDkpRmDwyixMfgxt-w5OX8ADhOZtkpqZHSy9eZXtBTfatHaLAUl7-OXwtBMZ&sai=AMfl-YR7TBcpvWtxoVVjmDTsMdPw5Az8E_UbLlwuDXr6VSk4olemuSrnQc9RVS090xNUiZhCieJCz4Wj8v9W153ajyjZ7nEH_G8H6WKDID3RQKIpHHamenLD70RK6D5ciAM6UXIzsh0X1YiWLtzU0AUulQBB-TdtXoF4oSPHG1Y5UdoSunk4ry0ibeunpXgaLjwCVU0FU790SbYgoMHGaMvtZIVgtJPbfSRRAQ-MfXkp65Ek3XKQ6VnIiOeL06fqLYAOc6fKFjBzBTHhYC39YfOKj1tyYbFJv1gqZA-57dxWhJbmQq9g&sig=Cg0ArKJSzPQxfMShm4SqEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://www.ah.nl/producten/product/wi561263/nicorette-invisi-patch-25mg%3Fdclid%3D%25edclid!
Title: Saiba mais

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ngplus.com.br/ HTTP 301
https://ngplus.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://gml-grp.com/C.ashx?btag=a_8725b_619c_&affid=2566&siteid=8725&adid=619&c=CM_BR_SB_DT_BETANO_NGPLUS HTTP 302
https://gml-grp.com/C.ashx?btag=a_8725b_619c_&affid=2566&siteid=8725&adid=619&c=CM_BR_SB_DT_BETANO_NGPLUS&AutoR=1 HTTP 302
https://br.betano.com/?btag=a_8725b_619c_CM_BR_SB_DT_BETANO_NGPLUS&utm_medium=2566&utm_source=1&siteid=8725 HTTP 302
https://br.betano.com/myaccount/ban/country-341629?alt=true

Request Chain 98

https://wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1971b_114c_&affid=871&siteid=1971&adid=114&c=CM_BR_SB_DT_PIXBET_NGPLUS HTTP 302
https://wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1971b_114c_&affid=871&siteid=1971&adid=114&c=CM_BR_SB_DT_PIXBET_NGPLUS&AutoR=1 HTTP 302
https://pixbet.com/hub/registration/?btag=a_1971b_114c_CM_BR_SB_DT_PIXBET_NGPLUS

Request Chain 99

https://wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=CM_BR_SB_DT_F12_NGPLUS HTTP 302
https://wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=CM_BR_SB_DT_F12_NGPLUS&AutoR=1 HTTP 302
https://f12.bet/?btag=a_3672b_86c_CM_BR_SB_DT_F12_NGPLUS

Request Chain 100

https://www.bet365.com/olp/open-account?affiliate=365_02788145 HTTP 302
https://www.bet365.nl/olp/open-account?affiliate=365_02788145

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECh-QVtPEk5BZH_dnAfW0ug&google_cver=1

Request Chain 170

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZx20kTcSDTeTJoIV4rNZgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEpp18LI4HVRdbH5JLD4Rc&google_cver=1

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECtY8xmjnagaycL7uY-3Mg8&google_cver=1

Request Chain 172

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIxMTU0MjM3NzA2NTM0MDQwNA%3D%3D

Request Chain 193

https://gcdn.2mdn.net/videoplayback/id/e68fb302f1d46ac5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736288850/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4DE85B35FA2AFCF7A158D5A3FC69171443385A4D.15779882DB288D3B3DCE57F0AEC76EC672DF6554/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-5hne6nsy.c.2mdn.net/videoplayback/id/e68fb302f1d46ac5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736288850/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8300694E5684E3B499A956D8AD47DDF7028F7313.08DC881E24A56EA91B78AB5BC1BCD25A1314AAE1/key/cms1/cms_redirect/yes/mh/wW/mip/2a00:1630:2:608::3/mm/42/mn/sn-5hne6nsy/ms/onc/mt/1704752208/mv/u/mvi/5/pl/32/file/file.mp4

Request Chain 197

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357507735;dc_trk_aid=548521546;dc_trk_cid=185788965;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704752850588 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357507735;dc_pre=CJf44qDrzoMDFbGXgwcdAukEcA;dc_trk_aid=548521546;dc_trk_cid=185788965;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704752850588

Request Chain 219

https://ad.doubleclick.net/ddm/trackimp/N266802.4619367MATTERKINDDV360/B31170110.383801897;dc_trk_aid=574930741;dc_trk_cid=206977697;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N266802.4619367MATTERKINDDV360/B31170110.383801897;dc_pre=CNOM-aDrzoMDFVHIuwgdvlsGmA;dc_trk_aid=574930741;dc_trk_cid=206977697;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

239 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ngplus.com.br/
Redirect Chain

http://ngplus.com.br/
https://ngplus.com.br/

166 KB
43 KB

904ms
851ms

Document
text/html

2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn / PHP/8.1.18

Resource Hash

9e13654bd2976a5141d4821aede8f15b0efeb47e70f04ad87e8fb1221f049e43

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 22:27:27 GMT
etag: "143386-1704735257;br"
link: <https://ngplus.com.br/wp-json/>; rel="https://api.w.org/" <https://ngplus.com.br/wp-json/wp/v2/pages/233>; rel="alternate"; type="application/json" <https://ngplus.com.br/>; rel=shortlink
platform: hostinger
server: hcdn
x-hcdn-cache-status: MISS
x-hcdn-request-id: c6a0c9071a62c135c01ad0a75182459b-srv-edge1
x-hcdn-upstream-rt: 0.644
x-litespeed-cache: hit
x-powered-by: PHP/8.1.18
x-turbo-charged-by: LiteSpeed

Redirect headers

Connection: keep-alive
Content-Length: 707
Content-Type: text/html
Date: Mon, 08 Jan 2024 22:27:26 GMT
Server: hcdn
alt-svc: h3=":443"; ma=86400
content-security-policy: upgrade-insecure-requests
location: https://ngplus.com.br/
platform: hostinger
x-hcdn-cache-status: MISS
x-hcdn-request-id: 63ea0ec6a062a89bd9859d990d2dc366-srv-edge1
x-hcdn-upstream-rt: 0.371
x-turbo-charged-by: LiteSpeed

GET
H2 200 webfontloader.min.js Show response
ngplus.com.br/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 34ms
31ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:27 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 40388
alt-svc: h3=":443"; ma=86400
content-length: 4638
x-hcdn-cache-status: HIT
last-modified: Sat, 16 Dec 2023 10:10:49 GMT
server: hcdn
etag: "2f42-657d77a9-388e9819d261cd6a;br"
x-hcdn-request-id: 149c906d390e70c35b82b256be737216-srv-edge1
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 11:14:19 GMT

GET
H2 200 style.min.css
ngplus.com.br/wp-includes/css/dist/block-library/ 107 KB
13 KB 32ms
30ms Stylesheet
text/css 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:27 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 32670
alt-svc: h3=":443"; ma=86400
content-length: 13320
x-hcdn-cache-status: HIT
last-modified: Tue, 21 Nov 2023 17:19:20 GMT
server: hcdn
etag: "1add3-655ce698-bda540bd18fa2f33;br"
x-hcdn-request-id: af428709f6798eed244bb76ad5268823-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 13:22:57 GMT

GET
H2 200 wpp.css
ngplus.com.br/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
904 B 32ms
30ms Stylesheet
text/css 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.3.4

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:27 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 32670
alt-svc: h3=":443"; ma=86400
content-length: 511
x-hcdn-cache-status: HIT
last-modified: Thu, 09 Nov 2023 22:10:54 GMT
server: hcdn
etag: "688-654d58ee-6149e44c746f6e71;br"
x-hcdn-request-id: 2f0d25b1a3bb2e15283f59268a412094-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 13:22:57 GMT

GET
H2 200 extendify-utilities.css
ngplus.com.br/wp-content/themes/huber/lib/framework/redux/assets/css/ 52 KB
5 KB 32ms
30ms Stylesheet
text/css 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/framework/redux/assets/css/extendify-utilities.css?ver=4.4.11

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

c89fbb7c3991d609883de7c21412f6b27f44b0d049c72e49011d9a0311ac2eba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:27 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 32670
alt-svc: h3=":443"; ma=86400
content-length: 5053
x-hcdn-cache-status: HIT
last-modified: Wed, 03 Jan 2024 00:26:48 GMT
server: hcdn
etag: "d0bb-6594a9c8-bd0ac0e2c93d5338;br"
x-hcdn-request-id: f0faa6aaeb257fd9ae6d14a6daba0813-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 13:22:57 GMT

GET
H2 200 style.css
ngplus.com.br/wp-content/themes/huber/ 132 KB
20 KB 32ms
31ms Stylesheet
text/css 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/style.css?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

0dc98c5cc4bb232b9783d9bdd2756e292d938cb0008dc2733b59f37755fcc61e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:27 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 32670
alt-svc: h3=":443"; ma=86400
content-length: 20199
x-hcdn-cache-status: HIT
last-modified: Wed, 03 Jan 2024 00:26:48 GMT
server: hcdn
etag: "21039-6594a9c8-1fd5cbd352b102a0;br"
x-hcdn-request-id: ad8128175477d97029a2c438c2e7506c-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 13:22:57 GMT

GET
H2 200 font-awesome.min.css
ngplus.com.br/wp-content/themes/huber/lib/fonts/font-awesome/css/ 30 KB
7 KB 32ms
31ms Stylesheet
text/css 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/fonts/font-awesome/css/font-awesome.min.css?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:27 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 32670
alt-svc: h3=":443"; ma=86400
content-length: 6637
x-hcdn-cache-status: HIT
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "792a-6594a9c9-f7ae3c68f64567c;br"
x-hcdn-request-id: e987bf90e2e2511145c66415cc77ec0f-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 13:22:57 GMT

GET
H2 200 featherlight.min.css
ngplus.com.br/wp-content/themes/huber/lib/scripts/featherlight/ 2 KB
1014 B 50ms
48ms Stylesheet
text/css 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/featherlight/featherlight.min.css?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

cd8eb8c761325cc4e3ed7728b9844d057a804c4129ef1bd6647a17101556a5fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:27 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 32670
alt-svc: h3=":443"; ma=86400
content-length: 621
x-hcdn-cache-status: HIT
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "755-6594a9c9-9ae4efe9bad8ed94;br"
x-hcdn-request-id: 55282fe86ced7a0cb791bff14edbb7cf-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 13:22:57 GMT

GET
H2 200 featherlight.gallery.min.css
ngplus.com.br/wp-content/themes/huber/lib/scripts/featherlight/ 2 KB
930 B 50ms
49ms Stylesheet
text/css 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/featherlight/featherlight.gallery.min.css?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

246f551c3746b2645d188e042b88211422b9655d3188e29e6a6b8873a01b3101

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:27 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 32670
alt-svc: h3=":443"; ma=86400
content-length: 537
x-hcdn-cache-status: HIT
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "6f7-6594a9c9-a515dc36b6fbd60e;br"
x-hcdn-request-id: d8af6cccdc092620ec0d54f46ed8da5c-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 13:22:57 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
ngplus.com.br/wp-includes/js/mediaelement/ 11 KB
3 KB 50ms
49ms Stylesheet
text/css 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:27 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 32670
alt-svc: h3=":443"; ma=86400
content-length: 2379
x-hcdn-cache-status: HIT
last-modified: Fri, 18 Dec 2020 22:10:40 GMT
server: hcdn
etag: "2bf8-5fdd28e0-668ccf6c5d8e56a6;br"
x-hcdn-request-id: a16f3b94accacccd8dd195ac9f492cf6-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 13:22:57 GMT

GET
H2 200 wp-mediaelement.min.css
ngplus.com.br/wp-includes/js/mediaelement/ 4 KB
1 KB 50ms
49ms Stylesheet
text/css 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:27 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 32670
alt-svc: h3=":443"; ma=86400
content-length: 979
x-hcdn-cache-status: HIT
last-modified: Fri, 18 Dec 2020 22:10:40 GMT
server: hcdn
etag: "105a-5fdd28e0-40fe51293d3dc04e;br"
x-hcdn-request-id: 9a8135eb457bf9e434c75301919d5430-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 13:22:57 GMT

GET
H2 200 js_composer.min.css
ngplus.com.br/wp-content/plugins/js_composer/assets/css/ 452 KB
39 KB 807ms
807ms Stylesheet
text/css 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.13.0

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

e97075bd70ab8a70cc576b5d90bd13a3e715313272cec401c9342f4665a4c353

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 39914
x-hcdn-cache-status: MISS
last-modified: Mon, 26 Jun 2023 19:44:05 GMT
server: hcdn
etag: "70f6e-6499ea85-824dd836a0b9853a;br"
x-hcdn-request-id: 744ffca11caa1794981176bbb793bab7-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.586
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 90ms
33ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700%7CRoboto%20Condensed:400,700,300%7COpen%20Sans:600%7CUnica%20One&subset=latin&display=swap&ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7be4b4a433a0c1b93deb51f1310da890a3b2cd2ebb4a1bef07227aeac4025c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 22:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 22:27:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jan 2024 22:27:27 GMT

GET
H2 200 jquery.min.js Show response
ngplus.com.br/wp-includes/js/jquery/ 86 KB
29 KB 53ms
52ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:27 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 35476
alt-svc: h3=":443"; ma=86400
content-length: 29531
x-hcdn-cache-status: HIT
last-modified: Tue, 21 Nov 2023 17:19:19 GMT
server: hcdn
etag: "15601-655ce697-a8ed2169f28891be;br"
x-hcdn-request-id: 342bffd6c88fdf7bf1f14c01f38aff74-srv-edge1
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 12:36:11 GMT

GET
H3 200 jquery-migrate.min.js Show response
ngplus.com.br/wp-includes/js/jquery/ 13 KB
5 KB 615ms
611ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 4671
x-hcdn-cache-status: MISS
last-modified: Tue, 08 Aug 2023 22:10:58 GMT
server: hcdn
etag: "3509-64d2bd72-6d4e5e5e97825486;br"
x-hcdn-request-id: f2582a0ad85ac07f7c61378debbfb5cb-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.589
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 wpp.min.js Show response
ngplus.com.br/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
2 KB 633ms
629ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.3.4

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1490
x-hcdn-cache-status: MISS
last-modified: Thu, 09 Nov 2023 22:10:54 GMT
server: hcdn
etag: "1194-654d58ee-594d575306550d26;br"
x-hcdn-request-id: 5b19b4061ee8ed9736e51d59d7187be9-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.606
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 voting.js Show response
ngplus.com.br/wp-content/themes/huber/lib/scripts/ 1 KB
1016 B 621ms
617ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/voting.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

0aafaeb9fb92f594b463f61512ddeda907fb862e26f36b780f201b98096aca6d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 612
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "5c7-6594a9c9-920308c4ceb1f78a;br"
x-hcdn-request-id: a8122f65635c6568ec7ec8025e2af09c-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.598
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
89 KB 99ms
41ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-M3L6M9

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b801a67b78aed5267f0bd3be937ecf6ee460d90ee81f49d8fd52054663cbe102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91031
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 22:27:28 GMT

GET
DATA 200
OK truncated Show response
/ 241 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d23d7bafee5007dcc49f236a00c0a837ebf117f2d0ef7f59fe12d87e14a97f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 256ms
132ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

589a717cf24cbc81a0bcfd2dd6cec44404c6c090c5f1dc4afb0f83061c43bba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29343
x-xss-protection: 0
server: cafe
etag: 646 / 19730 / m202401020101 / config-hash: 6914489111508300537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 22:27:28 GMT

GET
H2 200 robooster.js Show response
static.r4you.co/ 120 KB
29 KB 86ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.r4you.co/robooster.js
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90ccafedf4026b7b2e72f2e6a29784146c9cbceac7c4db5f247b3f9f61098505

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1963
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 22 Nov 2023 14:03:57 GMT
server: cloudflare
etag: W/"655e0a4d-1def9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5aft91DItcxPp4Qyrya8EKXGusN0OgGw0LxA3wSZGhZBixajTxgQNNij9y2k3JLpa6XkXeOG5E1dhcH9S5a9z%2BC%2F54fEV169UGD%2Fb2L8LwAtj55xlwIdieHOxjwaWZt2Uv2Y8HxEwPntwWBaSw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 8427de38bbb66565-AMS

GET
H3 200 ngplus-novo-logo.png
ngplus.com.br/wp-content/uploads/2021/07/ 8 KB
8 KB 672ms
669ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2021/07/ngplus-novo-logo.png
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 0fe46933912ed26d58b48de863742d48ed2dfd8c87deb84cfef78ffb2b390155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: ebe06eaa8e5654171af05aab494b8ff4-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.650
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8294
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H2 200 Super-Mario-RPG-capa-576x356.jpg
ngplus.com.br/wp-content/uploads/2023/12/ 24 KB
24 KB 848ms
847ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2023/12/Super-Mario-RPG-capa-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 4aeeb9d5c3320f2dc539c986963e86e1a7841ae3ae33e4f5c1ceb46220d99339

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 5f9765da95a6a870dec95ceceadd38cf-srv-edge1
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.828
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 24444
expires: Mon, 15 Jan 2024 22:27:28 GMT

GET
H2 200 Call-of-Duty-Modern-Warfare-III-capa-576x356.jpg
ngplus.com.br/wp-content/uploads/2023/12/ 22 KB
22 KB 836ms
836ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2023/12/Call-of-Duty-Modern-Warfare-III-capa-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: e660cedede24293a84d2338d4f4a6caa1d6378d7d11e7bdae8a94edce859e85d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: e9ba89bee97bf069c5aa0d9daa11a27e-srv-edge1
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.816
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 22066
expires: Mon, 15 Jan 2024 22:27:28 GMT

GET
H2 200 WarioWare-Move-It-capa-576x356.jpg
ngplus.com.br/wp-content/uploads/2023/12/ 63 KB
63 KB 1030ms
1029ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2023/12/WarioWare-Move-It-capa-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 2f63cb1ade6717008506c92a1ec7edba4b19463093adcb38807b6a578e942c4d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 127a9834879908b053459f099437fe5a-srv-edge1
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 1.010
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 64424
expires: Mon, 15 Jan 2024 22:27:28 GMT

GET
H2 200 CMu9cBAIKN0EEHCMDNa9Qib5cpAGh7E9.js Show response
www.crispcricket.com/storage/ 30 KB
4 KB 132ms
78ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crispcricket.com/storage/CMu9cBAIKN0EEHCMDNa9Qib5cpAGh7E9.js

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8df6ec7183a680549269d3d45eef9d3d6867884f08ebf5bf1d7be0a929b70f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jan 2024 16:18:35 GMT
server: cloudflare
etag: W/"65982bdb-78cf"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwE8n6Dytbv8yCk%2FV6LH0cwsJS7Un6SEqjHzmHC21rAXK5d0W4DDRZLf9SwKpse0VCDo8ilCf2h7STN8%2FZIyBxARm1xkkWz1%2FXe8k1UIMbJvuDH2JhDxnMnNKE0krO53%2BIAzsHsnlkvxsOj7FjD4dQp%2BpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8427de38af0c5c3d-AMS

GET
H3 200 shortcodes-style.css
ngplus.com.br/wp-content/plugins/huber-plugin/assets/ 0
357 B 21ms
20ms Stylesheet
text/css 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/plugins/huber-plugin/assets/shortcodes-style.css?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
content-security-policy: upgrade-insecure-requests
age: 2206
alt-svc: h3=":443"; ma=86400
content-length: 0
x-hcdn-cache-status: HIT
last-modified: Tue, 13 Jul 2021 21:57:25 GMT
server: hcdn
etag: "0-60ee0c45-d5c5a44a8ded9448;;;"
x-hcdn-request-id: 52d612c7c56b98037fbc4d52e9565c49-srv-edge2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 21:50:42 GMT

GET
H3 200 so-css-huber.css
ngplus.com.br/wp-content/uploads/so-css/ 72 B
413 B 22ms
18ms Stylesheet
text/css 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/uploads/so-css/so-css-huber.css?ver=1633565732

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

138ba97e12506fb0ca34c6b1b9787b9d5d8a6c2f9593a37bf56d2968c4fd68cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2206
alt-svc: h3=":443"; ma=86400
x-hcdn-cache-status: HIT
last-modified: Thu, 07 Oct 2021 00:15:32 GMT
server: hcdn
etag: W/"48-615e3c24-aed6b441e3af7e97;;;"
vary: accept-encoding
x-hcdn-request-id: 6c14c2709135a59ef9c7a546d0d2ee4e-srv-edge2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
expires: Mon, 15 Jan 2024 21:50:42 GMT

GET
H3 200 ResizeSensor.js Show response
ngplus.com.br/wp-content/plugins/theia-sticky-sidebar/js/ 6 KB
2 KB 584ms
581ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.8.0

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1398
x-hcdn-cache-status: MISS
last-modified: Tue, 13 Jul 2021 21:57:35 GMT
server: hcdn
etag: "1743-60ee0c4f-86e7ee4cbf8022b4;br"
x-hcdn-request-id: 253f4982ca912bf606f6473ae9a5061e-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.563
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 theia-sticky-sidebar.js Show response
ngplus.com.br/wp-content/plugins/theia-sticky-sidebar/js/ 16 KB
4 KB 628ms
625ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.8.0

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

8d01529d6b0a55fc8c5eedbb03768f3a1c21a157dd555172af0b1851687d5c46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 3405
x-hcdn-cache-status: MISS
last-modified: Tue, 13 Jul 2021 21:57:35 GMT
server: hcdn
etag: "3ffb-60ee0c4f-9c58129815db0ad3;br"
x-hcdn-request-id: 00dcbe79948d84bc5977636888665207-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.603
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 main.js Show response
ngplus.com.br/wp-content/plugins/theia-sticky-sidebar/js/ 435 B
556 B 582ms
579ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.8.0

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 152
x-hcdn-cache-status: MISS
last-modified: Tue, 13 Jul 2021 21:57:35 GMT
server: hcdn
etag: "1b3-60ee0c4f-9e35b4b5eb2e9342;br"
x-hcdn-request-id: 0c1674144229675feff86efb8c273cb5-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.560
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 modernizr.js Show response
ngplus.com.br/wp-content/themes/huber/lib/scripts/ 15 KB
6 KB 630ms
627ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/modernizr.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

ed8fb982cca8eef53eb358236213c23fbf11c5ea803d9e1ba23cc8f671b9c1ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 5928
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "3c2e-6594a9c9-1ba282518af99fd;br"
x-hcdn-request-id: 367404c13bd4ddf816c4140bf6322535-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.603
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 core.min.js Show response
ngplus.com.br/wp-includes/js/jquery/ui/ 21 KB
7 KB 586ms
584ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 6774
x-hcdn-cache-status: MISS
last-modified: Wed, 29 Mar 2023 22:10:53 GMT
server: hcdn
etag: "53be-6424b76d-f828eddffa06cd7d;br"
x-hcdn-request-id: aff663f80c106cb61bba868b53c2cc0e-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.564
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 datepicker.min.js Show response
ngplus.com.br/wp-includes/js/jquery/ui/ 36 KB
11 KB 617ms
615ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

db5ffd916dbeb4938cc236cb3a42e73a56987f28c5deb9f3beccbe2c4af19307

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 10402
x-hcdn-cache-status: MISS
last-modified: Wed, 29 Mar 2023 22:10:53 GMT
server: hcdn
etag: "8f79-6424b76d-8416a40e62020185;br"
x-hcdn-request-id: ed2771803375378dbbdc68e98a26340c-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.594
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 imagesloaded.min.js Show response
ngplus.com.br/wp-includes/js/ 5 KB
2 KB 611ms
609ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-includes/js/imagesloaded.min.js?ver=5.0.0

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1678
x-hcdn-cache-status: MISS
last-modified: Tue, 21 Nov 2023 17:19:19 GMT
server: hcdn
etag: "1590-655ce697-c6863d7a7a28eda6;br"
x-hcdn-request-id: 9e09cbb08f2960c5e2674a335bb6cc94-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.586
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 selectivizr.min.js Show response
ngplus.com.br/wp-content/themes/huber/lib/scripts/ 5 KB
3 KB 655ms
652ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/selectivizr.min.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 2310
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "12e4-6594a9c9-997d1fdd978b1694;br"
x-hcdn-request-id: 8900c3efdd5c0aeb8dc5080462f29c66-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.632
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 placeholders.min.js Show response
ngplus.com.br/wp-content/themes/huber/lib/scripts/ 4 KB
2 KB 614ms
612ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/placeholders.min.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

c9b1f3c6a0969a2ec56f04c3c7b5be37b0d97a151d703381cceb7b31960de8f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1409
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "1010-6594a9c9-71bd83047e3b91f6;br"
x-hcdn-request-id: b42baa349c5cb2400b8563d6e4ca2a9d-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.589
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 featherlight.min.js Show response
ngplus.com.br/wp-content/themes/huber/lib/scripts/featherlight/ 9 KB
4 KB 645ms
643ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/featherlight/featherlight.min.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

4768888882fef6ceb1a6dff8a9696bf132e696c11bb5251139289c8b4fb8ce47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 3366
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "23bf-6594a9c9-a42ed6c806635d0d;br"
x-hcdn-request-id: 8cbf95e425ca90a96b82d65319267f7c-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.623
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 featherlight.gallery.min.js Show response
ngplus.com.br/wp-content/themes/huber/lib/scripts/featherlight/ 3 KB
2 KB 613ms
611ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/featherlight/featherlight.gallery.min.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

ee879758f9612b65ac01b5e3d4d99cbbe3880157b03e78305db210e7d6ae066e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1264
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "cb1-6594a9c9-952c84bac307e186;br"
x-hcdn-request-id: 4224a4c2aef5193a65945a69681d42a2-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.588
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 jquery.flexslider-min.js Show response
ngplus.com.br/wp-content/themes/huber/lib/scripts/ 22 KB
6 KB 612ms
610ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/jquery.flexslider-min.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 6125
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "5746-6594a9c9-73a175c6b9bd4b57;br"
x-hcdn-request-id: bc02b6480ee0d5fe019b565eea12b5fb-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.586
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 isotope.pkgd.min.js Show response
ngplus.com.br/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/ 35 KB
10 KB 609ms
608ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.13.0

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

bf9fabf56b67ff2aab670755578debb0be846534504dfbe5bea6689dbd1c0cbd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 9630
x-hcdn-cache-status: MISS
last-modified: Mon, 26 Jun 2023 19:44:05 GMT
server: hcdn
etag: "8b8a-6499ea85-2d4518e9e550c302;br"
x-hcdn-request-id: f2aa22c3aba9517710807bff36d230e9-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.586
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 jquery.lazyload.min.js Show response
ngplus.com.br/wp-content/themes/huber/lib/scripts/ 3 KB
2 KB 628ms
626ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/jquery.lazyload.min.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1178
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "d35-6594a9c9-b0469c1e35e8d4e6;br"
x-hcdn-request-id: fba98d7b17c8cefa5f30b9a484c7dfa4-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.601
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 jquery.infinitescroll.min.js Show response
ngplus.com.br/wp-content/themes/huber/lib/scripts/ 21 KB
12 KB 625ms
623ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/jquery.infinitescroll.min.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

a52c834a0c553d22cddb73c948433ace91b9181e0e95fb54d07d6d6f61345f0c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 11630
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "54c8-6594a9c9-ae83ecab7d75001d;br"
x-hcdn-request-id: 2f7d3728ecfaaef7f116aacef6437243-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.601
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 custom.js Show response
ngplus.com.br/wp-content/themes/huber/lib/scripts/ 22 KB
5 KB 627ms
625ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/custom.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

4c3ed76a83b9bd60d9ee046a498466d498cace93cef16495968cc369a146b0af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 4562
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "5735-6594a9c9-72a3ad39476ab169;br"
x-hcdn-request-id: 2dda0b13642fce1fffd8979f933f67cf-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.601
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 mediaelement-and-player.min.js Show response
ngplus.com.br/wp-includes/js/mediaelement/ 154 KB
36 KB 798ms
797ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 36022
x-hcdn-cache-status: MISS
last-modified: Wed, 02 Nov 2022 10:11:31 GMT
server: hcdn
etag: "26935-63624253-6fe3c2a2ec05af56;br"
x-hcdn-request-id: 278a3b33cee0a4d833f03bc6969ac3a5-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.591
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 mediaelement-migrate.min.js Show response
ngplus.com.br/wp-includes/js/mediaelement/ 1 KB
882 B 615ms
613ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 478
x-hcdn-cache-status: MISS
last-modified: Tue, 24 May 2022 22:11:14 GMT
server: hcdn
etag: "4a7-628d5802-383e6ed4a4c05359;br"
x-hcdn-request-id: a2ba89aa38f3521efa596bcf13c254e8-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.590
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 wp-mediaelement.min.js Show response
ngplus.com.br/wp-includes/js/mediaelement/ 1 KB
857 B 660ms
659ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 453
x-hcdn-cache-status: MISS
last-modified: Wed, 29 Mar 2023 22:10:54 GMT
server: hcdn
etag: "453-6424b76e-18def7055344ea7e;br"
x-hcdn-request-id: 87ae96bbb50bf15fdaa5b0fb3d7a8ba5-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.638
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 ajax-loop.js Show response
ngplus.com.br/wp-content/themes/huber/lib/scripts/ 14 KB
3 KB 634ms
633ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/ajax-loop.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

1a97604caf58930c000c1c5754a0d7261dce79e14f584bd60bd9245617b62fc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 2947
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "3996-6594a9c9-a621c397d07dbab1;br"
x-hcdn-request-id: 3c3c7ad106411192cac3233a9d887d81-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.611
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 user-ratings.js Show response
ngplus.com.br/wp-content/themes/huber/lib/scripts/ 7 KB
2 KB 630ms
629ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/scripts/user-ratings.js?ver=6.4.2

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

5665f4f9989673a936577ab79f16f6886a2402ed0a6998bca8687cc052073fb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1622
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "1c62-6594a9c9-2c033c4e89d358a8;br"
x-hcdn-request-id: 05e26cd75d25285259f1571bae008be7-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.601
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 js_composer_front.min.js Show response
ngplus.com.br/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 616ms
615ms Script
application/x-javascript 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.13.0

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

f868a810ac6e54ae51ccf2828f623337fb99036eb64d73a7a517f7534297b3e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 5345
x-hcdn-cache-status: MISS
last-modified: Mon, 26 Jun 2023 19:44:05 GMT
server: hcdn
etag: "4e6a-6499ea85-8daec96ca163054;br"
x-hcdn-request-id: e9f7340f47d33998a4f4a8d05bb09f9a-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.593
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
DATA 200
OK truncated Show response
/ 105 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7a39d455be44d6cb814f2330d1ccfabcde733554397a68df5be28d85d2d7843

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 218 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58a6395a27e4d24edca79d60b0b8ce9ce5a790475a12a9a8101ee6da7486e14b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 84 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80b3e857e1c16346cbbf1a8303870698fd76db9f26b3b046d6ef4b352403fa46

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 84 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: deaed9bb14fd7063a07126e9b74e300d76a9371007d231b98239a68494831632

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 790 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0a6ee90f7d31651db5ed76b62352d35c1784956c07e3e4bfe162d394670c47a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 84 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a2a5a605fbff705a5bf4f8aff0aae041608b9dd85a3e93dac0bbc19002f0cb6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 84 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 802137756810945ce6547bfdb681dcc8875a0a249d8a33f00713285588856970

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 eb44dd0c785010921f2d176313cdd55c.js Show response
scripts.cleverwebserver.com/ 128 KB
47 KB 79ms
32ms Script
application/javascript 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/eb44dd0c785010921f2d176313cdd55c.js
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e1f71ac19a73fc2926866c8f94d7570e65077d46668cd1078362cc06d220039

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
x-amz-version-id: WqYDx1MzZqCZtZ4B36KBzQyUVYTIGMga
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Dec 2023 10:31:33 GMT
server: cloudflare
x-amz-request-id: SF50V6CM4K4XJNMY
age: 1254
etag: W/"751b7de8c4fa60d5f4498fedf42c9c1b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 8427de38a8b1b897-AMS
x-amz-id-2: h2Q9SvhTQ/UWrErCKse0uWjxOuT1JhgS54Lhsb4G+WBk02aoJii8KUFGcT1S25wgGgTwBQ96rpw=
expires: Mon, 08 Jan 2024 22:57:28 GMT

GET
H3 200 codigos-Torre-do-Inferno-capa-979x438.jpg
ngplus.com.br/wp-content/uploads/2024/01/ 16 KB
16 KB 855ms
854ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2024/01/codigos-Torre-do-Inferno-capa-979x438.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 9b14d97cf06e271ca6582957ca194c9f3866b6ec9cd28a5a888c5f2f07fc7a0a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: f4a284c8676a2067596753c02254ee33-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.837
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 15956
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
DATA 200
OK truncated
/ 139 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb46fc22f1ab28a4180d6a2858ed054012c3c138443bebf5ba38698de622d811

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
ngplus.com.br/wp-content/themes/huber/lib/fonts/font-awesome/fonts/ 75 KB
76 KB 807ms
807ms Font
font/woff2 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/wp-content/themes/huber/lib/fonts/font-awesome/css/font-awesome.min.css?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ngplus.com.br/wp-content/themes/huber/lib/fonts/font-awesome/css/font-awesome.min.css?ver=6.4.2
Origin: https://ngplus.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 77160
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:49 GMT
server: hcdn
etag: "12d68-6594a9c9-3821a37d43d91d87;;;"
x-hcdn-request-id: e90425a4b2f3762ea50ba42fe95a1d86-srv-edge2
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.599
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 EA-Sports-WRC-capa-576x356.jpg
ngplus.com.br/wp-content/uploads/2023/12/ 37 KB
38 KB 1027ms
1027ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2023/12/EA-Sports-WRC-capa-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 70df282115ef87c44cd158ac44b98ddbabf5f1b337569a212af06b6c91bd7184

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 05a9b39f28c4ac698604bb70452909a9-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 1.009
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 38310
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 RoboCop-Rogue-City-capa-576x356.jpg
ngplus.com.br/wp-content/uploads/2023/12/ 32 KB
32 KB 843ms
841ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2023/12/RoboCop-Rogue-City-capa-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: bc6794c901f7087813a719c18961cce8f65dae8226ff687f1c2c7dec28c011ac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 7a9b327ed51e72a0297e7b43247b4a9b-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.823
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 32950
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 Alan-Wake-II-capa-576x356.jpg
ngplus.com.br/wp-content/uploads/2023/12/ 30 KB
31 KB 831ms
829ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2023/12/Alan-Wake-II-capa-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 80cf576bf69a47a7056780efa98d560e525bea2b0d91f03f5394f9c14580bbbf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: c5f32c6c1f59ee5df1c983fe3e2d1ac2-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.810
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 31050
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 pubg-mobile-capa-576x356.jpg
ngplus.com.br/wp-content/uploads/2023/01/ 29 KB
29 KB 837ms
836ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2023/01/pubg-mobile-capa-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 18d9eca36f9e4830a70cdc0ede40943c49ca6deb30535f94992cdbdac9debf86

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 970ab908ed694ad041468b097b3fdaad-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.817
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 29258
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 Slay-the-Spire-capa-576x356.jpg
ngplus.com.br/wp-content/uploads/2022/08/ 28 KB
28 KB 838ms
837ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2022/08/Slay-the-Spire-capa-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: dd2206ea43514f297a0ddb76966bb382674c6d08ad9678747b8e094194068584

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: f8c515156d7695f5198b3146dcbe3565-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.818
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 28312
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 a-musical-story-196j6-576x356.jpg
ngplus.com.br/wp-content/uploads/2022/03/ 19 KB
19 KB 850ms
849ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2022/03/a-musical-story-196j6-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 22064211b18a5f0d5c2ffd12d2b8022700f603218b67144ddba621168a2b4430

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: b86b4fb8dc6edcb0fa3e249e34699fa8-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.831
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 19500
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 sayonara-wild-hearts-capa-576x356.jpg
ngplus.com.br/wp-content/uploads/2022/08/ 36 KB
36 KB 1063ms
1061ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2022/08/sayonara-wild-hearts-capa-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 56b2ba2216439a1481f1b9e183c7207c01b97a6d0b0ad276e5086146627d121b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 1341cb37bea39c8af2f413f5cde34865-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 1.044
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 36760
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 celeste-listing-thumb-01-ps4-us-01feb18-576x356.jpg
ngplus.com.br/wp-content/uploads/2021/10/ 24 KB
24 KB 833ms
831ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2021/10/celeste-listing-thumb-01-ps4-us-01feb18-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: fa4d8e7ac1ee345ffa89eeb64ca5719a4728256d381341334bf5518cdd8f56cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: c545002035d95d76eef047b1e54590a2-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.812
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 24568
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 Hindsight-capa-576x356.jpg
ngplus.com.br/wp-content/uploads/2022/08/ 17 KB
17 KB 829ms
828ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2022/08/Hindsight-capa-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: aa232a270903c37b16cb14888a94f7fb0f50b86c783cd6fa1dfc715fab4433f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 4884896369b5407efe74f141d9e6081f-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.809
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 17136
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 gta5-wallpaper-576x356.jpg
ngplus.com.br/wp-content/uploads/2021/11/ 58 KB
58 KB 1061ms
1060ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2021/11/gta5-wallpaper-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: b85783a5373e20a0aad7f377b17eab31dc3b568f85688d33b738438c5c9ad8ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 1d7cf43b634bdbd3e6385384fad521fa-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 1.041
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 59168
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 rdr2ca-576x356.jpg
ngplus.com.br/wp-content/uploads/2018/10/ 37 KB
37 KB 1035ms
1033ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2018/10/rdr2ca-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 96592e3403bc7e8e2b50609104daa99d5db800706f77649234a7283a8195fb65

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 739ca1b16a1d7840bb3a23368065289a-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 1.015
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37624
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 cover-gow-576x356.jpg
ngplus.com.br/wp-content/uploads/2021/10/ 24 KB
24 KB 852ms
851ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2021/10/cover-gow-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 48e45c635d4312f007b43fe7b7b6c8a03ce65b77bc91d58be10e1ea7f35d5c44

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 62ee341e8fcf0517fa7ac56868c4b24d-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.832
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 24272
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 uncharted-4-cover-576x356.jpg
ngplus.com.br/wp-content/uploads/2022/02/ 21 KB
22 KB 848ms
847ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2022/02/uncharted-4-cover-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: b4ec314b95a765e663312a27606f6394d485c6f9f180406cb75f3b33e12e8b87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 3e8a97f9a54fefab1b319a6651e32bc6-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.828
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 21988
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 Elden_Ring_capa-576x356.jpg
ngplus.com.br/wp-content/uploads/2022/02/ 20 KB
20 KB 852ms
851ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2022/02/Elden_Ring_capa-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: e1bc445d278e698f2cb4fd6f641544d1a07c879c3da2093d9bf2df613f94ba51

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 11c27b0bd01e208b297c58cae43e202b-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.831
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 20386
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 Baldurs-Gate-3-capa-576x356.jpg
ngplus.com.br/wp-content/uploads/2023/08/ 36 KB
36 KB 857ms
856ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2023/08/Baldurs-Gate-3-capa-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: fc7512281e207a922a9b017b45ac588dfc87dad9a7abf998e870be08d678ae25

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: a27350fc3f68492dd1e403f1681211b2-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.836
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 36664
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 Persona-5-Royal-576x356.jpg
ngplus.com.br/wp-content/uploads/2021/10/ 23 KB
24 KB 835ms
834ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2021/10/Persona-5-Royal-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: de9e3b9ba9b91358094de123af26fce188e1c6fa9a7c87971a43f3e8c39836e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: dc16a02a5916210d40558d92932c0d11-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.815
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 23802
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H3 200 hades-banner-1920x1080-1920x1080-019724424-576x356.jpg
ngplus.com.br/wp-content/uploads/2021/09/ 51 KB
51 KB 1036ms
1035ms Image
image/webp 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngplus.com.br/wp-content/uploads/2021/09/hades-banner-1920x1080-1920x1080-019724424-576x356.jpg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: b54ad70899eee5d46b8ab2e999fc2c387efb427e02770a9a86b14caebacd04b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: ecce506c73b3c8946253729dc0eee03c-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 1.016
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 52186
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
DATA 200
OK truncated Show response
/ 643 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3910919ba90e3492a9ab5393bd177f9bea0c652008ee79b031f0a4b7b2d00276

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 184 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b5dbc64df7766369ac9a6c8f229a15f47512876154546fbd0610869b7f9f68f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc3b317dc575f520784a5418df2ecf5f270659cd35c81c47f13868c386f780f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 196 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba8e939da8f5824774583728f6cc0eff40a5674a61d923315f6fc2081be1a38d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 125 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9adff8bf51c41610da9ca4d0769e6fe28103ad9cea542709d3e0bde719cdd6d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 179 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb9ba57a70bf6a847c39a97fe3718b3ab0445b2550efb4906af4bbfa37afcafd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 214 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feca56ca5114badf0b1e34b970aeb173ccc03eb2ac4ae445d982d8e548ff188d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 css
fonts.googleapis.com/ 18 KB
2 KB 33ms
33ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700%7CRoboto+Condensed:400,700,300%7COpen+Sans:600%7CUnica+One:latin&display=swap&subset=latin,latin,latin

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ffc97b52ac215e1767cc0bd162bdee7fee4c531ed1d3b9370b9cc3fe5e74bf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 22:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 22:27:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jan 2024 22:27:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 78ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700%7CRoboto+Condensed:400,700,300%7COpen+Sans:600%7CUnica+One:latin&display=swap&subset=latin,latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ngplus.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 280087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 16:39:21 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 102ms
48ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700%7CRoboto+Condensed:400,700,300%7COpen+Sans:600%7CUnica+One:latin&display=swap&subset=latin,latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ngplus.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 07:29:10 GMT
x-content-type-options: nosniff
age: 226698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jan 2025 07:29:10 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 83ms
30ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700%7CRoboto+Condensed:400,700,300%7COpen+Sans:600%7CUnica+One:latin&display=swap&subset=latin,latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ngplus.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 00:57:14 GMT
x-content-type-options: nosniff
age: 336614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 00:57:14 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 117ms
64ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700%7CRoboto+Condensed:400,700,300%7COpen+Sans:600%7CUnica+One:latin&display=swap&subset=latin,latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ngplus.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:42:39 GMT
x-content-type-options: nosniff
age: 402289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:42:39 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/ 159 B
382 B 63ms
46ms Script
application/javascript 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9576b975561031e21cdf6b626441e1243c825dcd758512aa1e10d0f506f9b983

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 8427de39092bb897-AMS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 /
call.cleverwebserver.com/ 43 B
105 B 65ms
47ms Image
image/gif 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=76358&c=NL&r=ZH&l=64&b=Chrome&os=Win10&mob=0&v=1.59.4&ref=aHR0cHM6Ly9uZ3BsdXMuY29tLmJyLw%3D%3D&ruri=&iv=-1&ctr=NL&sz=1200
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8427de397a07b897-AMS
content-length: 43
content-type: image/gif

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6766
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 07 Jan 2025 20:34:43 GMT

GET
H2 200 DF.js Show response
static.r4you.co/robooster/hb/ca07fac0-a88f-4706-913b-8473a6284554/ 6 KB
1 KB 297ms
297ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.r4you.co/robooster/hb/ca07fac0-a88f-4706-913b-8473a6284554/DF.js
Requested by: Host: static.r4you.co
URL: https://static.r4you.co/robooster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bdbd5b32b96b90dd6109cc2413f2a386443776bef5d0acd6a7e01e2eb4fddbb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6182
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 10 Nov 2023 12:19:36 GMT
server: cloudflare
etag: W/"654e1fd8-1826"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCcmhJLHQnt%2BRNEX5FkxsOilo2wPs9iN4PcHg%2BQn6uE6EieX3mj52XGj3txEQ4yzxcA7p43z%2FCh7dLoFVG%2BhCYwwdUc95z1It2SCsch0p8dLCa9jGDPdg1cProsip%2BR3weIUvzxfTV6ONQLVjA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 8427de3b5f286565-AMS

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 57ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YXW4YB0LQF&gtm=45Pe4130v892713658&_p=1704752849360&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1538086108.1704752849&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704752849&sct=1&seg=0&dl=https%3A%2F%2Fngplus.com.br%2F&dt=NG%2B%20-%20A%20casa%20dos%20reviews&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2988
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-M3L6M9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ngplus.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 442ms
442ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3486561013196934&correlator=3628218655811885&eid=31079956%2C31080298%2C95320409%2C31080115&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&iu_parts=22497919863%2Cngplus_home%2Cd_middle_970x250_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=1&didk=1723748466&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704752849390&lmt=1704752849&adxs=315&adys=901&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fngplus.com.br%2F&vis=1&psz=1200x0&msz=1200x0&fws=0&ohw=0&ga_vid=1538086108.1704752849&ga_sid=1704752849&ga_hid=1358351245&ga_fc=true&dlt=1704752847837&idt=1327&adks=2010077148&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dad1c78d44d3d20f0fc75e00a4750dc25429710dbc653de9fe7fa121ae5cb0fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11247
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ngplus.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CFE8 6 KB
3 KB 232ms
87ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngplus.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:27:29 GMT
expires: Tue, 07 Jan 2025 22:27:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 I.ashx Show response
gml-grp.com/ Frame 8262 1 KB
1 KB 92ms
46ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gml-grp.com/I.ashx?btag=a_8725b_1238c_&affid=2566&siteid=8725&adid=1238&c=CM_BR_SB_BA_BETANO_NGPLUS

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9f9c6775b84c5286ffdc5bfa690a3b18beee2cc6681096dff5232775c6c5974f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ngplus.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8427de3d297c656d-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 08 Jan 2024 22:27:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJ2ORmFoF36EmhNPM4OMDZHeefhs52KLStLNjPS16MU2Wlskn%2FZFQxtrFOAiipzl3HfWQkAqD7xzklIVH%2FZeEBQJpjKhd6kenm8Qt9F82D5gEBIp9v5ks1Aq0x27hW3uHiop%2BHNm8NZUSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H2

200

country-341629
br.betano.com/myaccount/ban/ Frame 21B3
Redirect Chain

https://gml-grp.com/C.ashx?btag=a_8725b_619c_&affid=2566&siteid=8725&adid=619&c=CM_BR_SB_DT_BETANO_NGPLUS
https://gml-grp.com/C.ashx?btag=a_8725b_619c_&affid=2566&siteid=8725&adid=619&c=CM_BR_SB_DT_BETANO_NGPLUS&AutoR=1
https://br.betano.com/?btag=a_8725b_619c_CM_BR_SB_DT_BETANO_NGPLUS&utm_medium=2566&utm_source=1&siteid=8725
https://br.betano.com/myaccount/ban/country-341629?alt=true

0
0

97ms
97ms

Document
text/html

2606:4700::6811:5459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://br.betano.com/myaccount/ban/country-341629?alt=true

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:5459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.betano.com:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8427de3f090e0b52-AMS
content-encoding: br
content-security-policy: frame-ancestors https://*.betano.com:*
content-type: text/html; charset=utf-8
date: Mon, 08 Jan 2024 22:27:29 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-farm: BR-MYACCOUNT26
x-xss-protection: 1; mode=block

Redirect headers

age: 0
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8427de3e0fbe0b52-AMS
content-length: 0
date: Mon, 08 Jan 2024 22:27:29 GMT
location: /myaccount/ban/country-341629?alt=true
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-cacheable-status: 302
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

403

/
pixbet.com/hub/registration/ Frame D38C
Redirect Chain

https://wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1971b_114c_&affid=871&siteid=1971&adid=114&c=CM_BR_SB_DT_PIXBET_NGPLUS
https://wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1971b_114c_&affid=871&siteid=1971&adid=114&c=CM_BR_SB_DT_PIXBET_NGPLUS&AutoR=1
https://pixbet.com/hub/registration/?btag=a_1971b_114c_CM_BR_SB_DT_PIXBET_NGPLUS

0
0

74ms
25ms

Document
text/html

2606:4700:4400::ac40:902d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixbet.com/hub/registration/?btag=a_1971b_114c_CM_BR_SB_DT_PIXBET_NGPLUS

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:902d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=15
cf-ray: 8427de3e3d3c65f6-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 22:27:29 GMT
expires: Mon, 08 Jan 2024 22:27:44 GMT
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 197
Content-Type: text/html; charset=utf-8
Date: Mon, 08 Jan 2024 22:27:28 GMT
Location: https://pixbet.com/hub/registration/?btag=a_1971b_114c_CM_BR_SB_DT_PIXBET_NGPLUS
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

403

/
f12.bet/ Frame E619
Redirect Chain

https://wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=CM_BR_SB_DT_F12_NGPLUS
https://wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=CM_BR_SB_DT_F12_NGPLUS&AutoR=1
https://f12.bet/?btag=a_3672b_86c_CM_BR_SB_DT_F12_NGPLUS

0
0

72ms
22ms

Document
text/html

2606:4700:4400::6812:25b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f12.bet/?btag=a_3672b_86c_CM_BR_SB_DT_F12_NGPLUS

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=15
cf-ray: 8427de3e3d516667-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 22:27:29 GMT
expires: Mon, 08 Jan 2024 22:27:44 GMT
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 173
Content-Type: text/html; charset=utf-8
Date: Mon, 08 Jan 2024 22:27:28 GMT
Location: https://f12.bet/?btag=a_3672b_86c_CM_BR_SB_DT_F12_NGPLUS
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1

200
OK

open-account Show response
www.bet365.nl/olp/ Frame 4E61
Redirect Chain

https://www.bet365.com/olp/open-account?affiliate=365_02788145
https://www.bet365.nl/olp/open-account?affiliate=365_02788145

5 KB
5 KB

135ms
91ms

Document
text/html

5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.nl/olp/open-account?affiliate=365_02788145
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd9f9f1ebf8e21460b02fc163755f48f9f9d3ab379f83b20dd0fb6f3af5aeba1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8427de3dfa050e9c-AMS
Connection: keep-alive
Date: Mon, 08 Jan 2024 22:27:29 GMT
Server: cloudflare
ServerDetails:
Transfer-Encoding: chunked

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8427de3d5c437751-AMS
Connection: keep-alive
Content-Length: 0
Date: Mon, 08 Jan 2024 22:27:29 GMT
Location: https://www.bet365.nl/olp/open-account?affiliate=365_02788145
Server: cloudflare
ServerDetails:

GET
H3 200 prebid.js Show response
static.r4you.co/robooster/hb/ 262 KB
83 KB 35ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.r4you.co/robooster/hb/prebid.js
Requested by: Host: static.r4you.co
URL: https://static.r4you.co/robooster.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd95be4bcfcb2c5e662cdd09c95dbcc1cf1f4e71fe07c4739f310490864af471

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1274
cf-polished: origSize=268686
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jul 2023 18:04:34 GMT
server: cloudflare
etag: W/"64bebd32-4198e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fI3RYgsKUNV9QyTYZsiI8nB%2FxVl3yK9OoOsZDIchvawPRFGjLP6gLWxPT8TIhw5teovkskmQuA1tERKABPPEKKJhtlmoL3e026qHVEZF3MHesCX2KZ008ZVul44mU0NYonZFVn6n4CrX8wWoc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 8427de3d3d6fb7c4-AMS

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
126 KB 110ms
32ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: static.r4you.co
URL: https://static.r4you.co/robooster.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128925
x-xss-protection: 0
expires: Mon, 08 Jan 2024 22:27:29 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 179 KB
51 KB 394ms
394ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3486561013196934&correlator=454312307599695&eid=31079956%2C31080298%2C95320409%2C31080115&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&iu_parts=22497919863%2Cngplus_robooster%2CD_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&didk=1083018062&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704752849474&lmt=1704752849&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fngplus.com.br%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1538086108.1704752849&ga_sid=1704752849&ga_hid=1358351245&ga_fc=true&dlt=1704752847837&idt=1327&adks=4057387918&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a84aadae666395284ce06d603c5847dad68f216cac945abb814b4437b00ddcff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51974
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ngplus.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 40 KB
14 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1fee0e275eff6d223e9845ca7aee343e0f4ea7b74b8e33b3b37088e559fce0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 23:17:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83425
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13827
x-xss-protection: 0
server: cafe
etag: 14489142153891184122
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 06 Jan 2025 23:17:04 GMT

GET
H3 200 blank.gif
ngplus.com.br/wp-content/themes/huber/lib/framework/images/ 1 KB
2 KB 586ms
586ms Image
image/gif 2a02:4780:23:367e:e747:764c:8640:fbad
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ngplus.com.br/wp-content/themes/huber/lib/framework/images/blank.gif

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:367e:e747:764c:8640:fbad Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

f76b892a3ea42aeab71d05411df230349b1bb51508eefe4ccfcc43ce3bd58ace

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1477
x-hcdn-cache-status: MISS
last-modified: Wed, 03 Jan 2024 00:26:48 GMT
server: hcdn
etag: "5c5-6594a9c8-6d03507b3f313f8f;;;"
x-hcdn-request-id: 7f7e6fcd01518ec4a52210975f0cbb58-srv-edge2
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.567
accept-ranges: bytes
platform: hostinger
expires: Mon, 15 Jan 2024 22:27:29 GMT

GET
H2 200 s.5.6.min.js Show response
wlstoiximan.eacdn.com/TrafficOpt/ Frame 8262 7 KB
3 KB 137ms
19ms Script
application/javascript 2620:1ec:bdf::62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlstoiximan.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_8725b_1238c_&affid=2566&siteid=8725&adid=1238&c=CM_BR_SB_BA_BETANO_NGPLUS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
last-modified: Wed, 30 Mar 2016 16:08:31 GMT
etag: "56fbf9ff-1a7b"
x-azure-ref: 00XacZQAAAACFVVtJD9J0SobuYfLr0mnuQU1TMDRFREdFMTkxMwA1OGIyYWI1Ny04ZDc2LTQxYzEtODM5Ni0yZmY4MDg2ZTU4ZGM=
x-cache: TCP_HIT
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes

GET
H2 200 Ad_1238.js Show response
wlstoiximan.eacdn.com/wlstoiximan/img/js/ Frame 8262 652 B
848 B 156ms
38ms Script
application/javascript 2620:1ec:bdf::62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlstoiximan.eacdn.com/wlstoiximan/img/js/Ad_1238.js?t=2024010822
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_8725b_1238c_&affid=2566&siteid=8725&adid=1238&c=CM_BR_SB_BA_BETANO_NGPLUS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 171f9cf6f424fa27694134bc7b2ccfd337f71e4cffe3a40b423c94deaf2ddbeb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
last-modified: Tue, 16 May 2023 14:14:07 GMT
etag: "64638faf-28c"
x-azure-ref: 00XacZQAAAAAFS26mFjPyS6FFJa4LKkH+QU1TMDRFREdFMTkxMwA1OGIyYWI1Ny04ZDc2LTQxYzEtODM5Ni0yZmY4MDg2ZTU4ZGM=
x-cache: TCP_MISS
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes
content-length: 652

GET ppub_config
securepubads.g.doubleclick.net/pagead/ 0
0

GET
H2 200 bridge3.609.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3294 751 KB
240 KB 25ms
25ms Document
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngplus.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 27265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 245986
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 14:53:04 GMT
expires: Tue, 07 Jan 2025 14:53:04 GMT
last-modified: Mon, 18 Dec 2023 19:42:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 200ms
61ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Jan 2024 22:27:29 GMT

GET
H3 200 replay.png
static.r4you.co/video/ 14 KB
14 KB 25ms
25ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.r4you.co/video/replay.png
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a16d1525095548f2d410928173be540002245ad94e9ea0d95c847de0e84dfd5f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1268
alt-svc: h3=":443"; ma=86400
content-length: 14339
last-modified: Mon, 29 Mar 2021 13:15:40 GMT
server: cloudflare
etag: "6061d2fc-3803"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBOkLe%2BkvmkwzzWntcHJywsvB8Hd2qxS3UOor1nB%2FWfK9NBW3FIyXD%2B7Y3gZH537MpHJu1ZyLY0Pez%2Fbyv78jI5c5%2B9Ixxq%2BYP%2FRZK4Se1RuDGEAlOgzWqB%2BAsLK6NwNtI5dasqpejwHZ5XAGCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8427de3e7eaeb7c4-AMS

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 89E1 40 KB
14 KB 79ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 21:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 08 Jan 2024 22:48:22 GMT

GET
H2 200 6130c86b00c787e1d6076f86 Show response
c.bannerflow.net/a/ Frame 8262 78 KB
26 KB 81ms
34ms Script
application/javascript 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/6130c86b00c787e1d6076f86?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=https%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_8725b_1238c_%26affid%3D2566%26siteid%3D8725%26adid%3D1238%26c%3DCM_BR_SB_BA_BETANO_NGPLUS%26MediaID%3D2693%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fngplus.com.br%252F%26asclurl%3D
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d209ff662534f6a6f63857a866e9c71a2b3f854b6bf3795ab2551e97279d14b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 22:27:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 8427de3ec9561e81-AMS
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H3 200 T.ashx Show response
gml-grp.com/ Frame 9841 0
833 B 49ms
49ms Document
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gml-grp.com/T.ashx?btag=a_8725b_1238c_&affid=2566&siteid=8725&adid=1238&c=CM_BR_SB_BA_BETANO_NGPLUS&t=638403496496740000&MediaID=2693&MediaIndex=0&XYZ=120%260%26148%26%26%26%260%260%26%26

Requested by

Host: wlstoiximan.eacdn.com
URL: https://wlstoiximan.eacdn.com/TrafficOpt/s.5.6.min.js?t=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gml-grp.com/I.ashx?btag=a_8725b_1238c_&affid=2566&siteid=8725&adid=1238&c=CM_BR_SB_BA_BETANO_NGPLUS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8427de3e88460b90-AMS
content-length: 0
date: Mon, 08 Jan 2024 22:27:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmUhcLMiTBUjNkLUL2wbM%2BnXlo74WIqKt9BsOMwqVpjkxNtNzm2cZ0fs76ty1cUM4AsmnWQXQammK%2FT0bX8gZkVIN4WksFKN74lLnCXwvK6xX2RcPFTDTTlzrHyNfbAc92Sf8Y1ku1ZRhw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 4E61 173 KB
62 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM

Requested by

Host: www.bet365.nl
URL: https://www.bet365.nl/olp/open-account?affiliate=365_02788145

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

749bfc35b5e9458886eb990b3d3c307d8f015cc455fbb358a81e3fadbb52465c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63685
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK open-account Show response
www.bet365.nl/olpc/nl/135/0/1/ Frame 27B3 44 KB
12 KB 36ms
36ms Document
text/html 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bet365.nl/olpc/nl/135/0/1/open-account

Requested by

Host: www.bet365.nl
URL: https://www.bet365.nl/olp/open-account?affiliate=365_02788145

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

577a44959429da7b5823f85fe3bacbcbefb5ea82c80c685187e954f33a30043d

Security Headers

Name

Value

Content-Security-Policy

default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.bet365.nl/ *.bet365.nl;frame-src 'self' http://members.bet365.nl 'nonce-C8gE1DcRFtTdvbQ+NWIAVuQLFG3BcTAXyOOfsBFob/0=';style-src 'self' 'unsafe-inline';img-src 'self' data: 'self' data: https://www.imagecache365.com https://content001.bet365.nl/ https://content001.bet365.nl/SportsContent/ 'nonce-C8gE1DcRFtTdvbQ+NWIAVuQLFG3BcTAXyOOfsBFob/0=';connect-src 'self' *.google-analytics.com http://members.bet365.nl https://www.bet365.nl/ https://extra.bet365.nl wss://wsbanpush.bet365affiliates.com 'nonce-C8gE1DcRFtTdvbQ+NWIAVuQLFG3BcTAXyOOfsBFob/0=';font-src 'self' data: 'nonce-C8gE1DcRFtTdvbQ+NWIAVuQLFG3BcTAXyOOfsBFob/0=';worker-src 'self' https://extra.bet365.nl https://www.bet365.nl/ *.bet365.nl blob: 'nonce-C8gE1DcRFtTdvbQ+NWIAVuQLFG3BcTAXyOOfsBFob/0='; connect-src 'self' *.google-analytics.com *.bet365.nl wss://wsbanpush.bet365affiliates.com

Request headers

Referer: https://www.bet365.nl/olp/open-account?affiliate=365_02788145
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6847
CF-Cache-Status: HIT
CF-RAY: 8427de3e9acd0e9c-AMS
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 11327
Content-Security-Policy: default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.bet365.nl/ *.bet365.nl;frame-src 'self' http://members.bet365.nl 'nonce-C8gE1DcRFtTdvbQ+NWIAVuQLFG3BcTAXyOOfsBFob/0=';style-src 'self' 'unsafe-inline';img-src 'self' data: 'self' data: https://www.imagecache365.com https://content001.bet365.nl/ https://content001.bet365.nl/SportsContent/ 'nonce-C8gE1DcRFtTdvbQ+NWIAVuQLFG3BcTAXyOOfsBFob/0=';connect-src 'self' *.google-analytics.com http://members.bet365.nl https://www.bet365.nl/ https://extra.bet365.nl wss://wsbanpush.bet365affiliates.com 'nonce-C8gE1DcRFtTdvbQ+NWIAVuQLFG3BcTAXyOOfsBFob/0=';font-src 'self' data: 'nonce-C8gE1DcRFtTdvbQ+NWIAVuQLFG3BcTAXyOOfsBFob/0=';worker-src 'self' https://extra.bet365.nl https://www.bet365.nl/ *.bet365.nl blob: 'nonce-C8gE1DcRFtTdvbQ+NWIAVuQLFG3BcTAXyOOfsBFob/0='; connect-src 'self' *.google-analytics.com *.bet365.nl wss://wsbanpush.bet365affiliates.com
Content-Type: text/html; charset=utf-8
Date: Mon, 08 Jan 2024 22:27:29 GMT
Last-Modified: Mon, 08 Jan 2024 20:25:42 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H/1.1 200
OK DefaultAff.aspx Show response
members.bet365.nl/Members/Helpers/ Frame BB4C 84 B
816 B 194ms
148ms Document
text/html 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://members.bet365.nl/Members/Helpers/DefaultAff.aspx?affiliate=365_02788145
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olp/open-account?affiliate=365_02788145
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Referer: https://www.bet365.nl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8427de3edd32b72e-AMS
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 177
Content-Type: text/html; charset=utf-8
Date: Mon, 08 Jan 2024 22:27:29 GMT
ME-Redirect: PQB
Server: cloudflare
Vary: Accept-Encoding

GET
H/1.1 200
OK FTN45__W.woff2
www.bet365.nl/olpc/Content/Fonts/ Frame 27B3 45 KB
45 KB 35ms
34ms Font
application/octet-stream 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.nl/olpc/Content/Fonts/FTN45__W.woff2
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751

Request headers

Referer: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Origin: https://www.bet365.nl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 08 Jan 2024 20:24:37 GMT
Server: cloudflare
Age: 7231
Vary: Accept-Encoding
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8427de3ecb2e0e9c-AMS
Content-Length: 45892

GET
H/1.1 200
OK olpc-styles.css
www.bet365.nl/olpc/ Frame 27B3 468 KB
142 KB 69ms
36ms Stylesheet
text/css 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.nl/olpc/olpc-styles.css?v=SuaS2milX2ZTEa0mvRDpTxAesp4iiadepupT9BHOA5M1
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fad4ec63f7167def05a3fb8e2c10bfbf35c726620abf81b929ff9adfcb7e15d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/olpc/nl/135/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 08 Jan 2024 18:55:48 GMT
Server: cloudflare
Age: 12665
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Connection: keep-alive
CF-RAY: 8427de3f081b6602-AMS
Expires: Tue, 07 Jan 2025 18:55:48 GMT

GET
H/1.1 200
OK ProductCommon_v1.js Show response
www.bet365.nl/members/services/host/Scripts/js/ Frame 27B3 9 KB
4 KB 93ms
57ms Script
application/javascript 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b62b7053fc0d2b1a5ac08a518c0828d73fcd03228e8852c12bd876e7f68c2612

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/olpc/nl/135/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 22:27:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 08 Jan 2024 22:27:29 GMT
Server: cloudflare
x-bet-hop: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 8427de3f0de566df-AMS
Expires: 0

GET
H/1.1 200
OK olpc-scripts.js Show response
www.bet365.nl/olpc/ Frame 27B3 149 KB
45 KB 72ms
37ms Script
text/javascript 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.nl/olpc/olpc-scripts.js?v=w0MPwNFmUSTKa4Zv118RVYu4nAt830586Ridh4RcHXc1
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b31490f715edc524759a34c7291363a5cb48cf647277ee15c6ed776cb199460f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/olpc/nl/135/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 08 Jan 2024 22:00:40 GMT
Server: cloudflare
Age: 1607
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8427de3f0b8f0e9c-AMS
Content-Length: 45667
Expires: Tue, 07 Jan 2025 22:00:40 GMT

GET
H/1.1 200
OK Visa_Grey.svg
content001.bet365.nl/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 27B3 29 KB
9 KB 105ms
57ms Image
image/svg+xml 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.nl/SportsContent/FeaturesTemplate/SVG/Payment/Visa_Grey.svg
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33b05fb6d444405d240ae0e5098903f43cc514479f08bbbe5d6c7ebe21436e34

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 19 Jun 2023 09:56:00 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 8427de3f1bcd0b40-AMS
Content-Length: 9046
Expires: Sat, 13 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK iDeal.png
content001.bet365.nl/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 27B3 10 KB
10 KB 112ms
63ms Image
image/png 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.nl/SportsContent/FeaturesTemplate/SVG/Payment/iDeal.png
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5053212781def26f3c6a13232e859609d0a88d95b8c15138c2a6cc745544c455

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 02 Nov 2022 16:04:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 8427de3f1fc1b8f0-AMS
Content-Length: 10108
Expires: Sat, 13 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK Paypal.svg
content001.bet365.nl/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 27B3 7 KB
3 KB 55ms
54ms Image
image/svg+xml 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.nl/SportsContent/FeaturesTemplate/SVG/Payment/Paypal.svg
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5923b5d3167186e22377d01f2002120106ed40e936e0341426c681d5a61e2184

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:13:53 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 8427de3f7c510b40-AMS
Expires: Sat, 13 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK Sofort_Landingpage.svg
content001.bet365.nl/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 27B3 3 KB
2 KB 65ms
61ms Image
image/svg+xml 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.nl/SportsContent/FeaturesTemplate/SVG/Payment/Sofort_Landingpage.svg
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135832e5ea5d35dc1208592b56db63803045436048dbeb3465b349475a5efaf8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 09 May 2023 16:17:00 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 8427de3f8861b8f0-AMS
Expires: Sat, 13 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK SPORTSX1-ESSA_2.png
content001.bet365.nl/SportsContent/Global/Footer/ Frame 27B3 6 KB
7 KB 99ms
64ms Image
image/png 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.nl/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 04 Jun 2019 13:21:41 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 8427de3fbb4fb8bb-AMS
Content-Length: 6386
Expires: Sat, 13 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK agog.svg
content001.bet365.nl/SportsContent/Global/Footer/ Frame 27B3 6 KB
2 KB 117ms
82ms Image
image/svg+xml 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.nl/SportsContent/Global/Footer/agog.svg
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48da0a8ae434a4e3d050759b45ecede05299ecae2424341af936a1a2f7a3487c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 11:08:21 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 8427de3fbcb4b79c-AMS
Expires: Sat, 13 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK LOKETKANSSPEL.svg
content001.bet365.nl/SportsContent/Global/Footer/ Frame 27B3 4 KB
2 KB 104ms
67ms Image
image/svg+xml 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.nl/SportsContent/Global/Footer/LOKETKANSSPEL.svg
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c938e10e035eaa076974c64742ba9d9bda824ae467083b5d5dd6ab3d619eaea7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 21 Oct 2021 15:57:06 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 8427de3fb89d661f-AMS
Expires: Sat, 13 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK eCogra-Horizontal2x.png
content001.bet365.nl/SportsContent/Global/Footer/ Frame 27B3 2 KB
2 KB 116ms
82ms Image
image/png 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.nl/SportsContent/Global/Footer/eCogra-Horizontal2x.png
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 11 Aug 2021 10:23:12 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 8427de3fbce10a48-AMS
Content-Length: 1671
Expires: Sat, 13 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK SPORTSX2-18.png
content001.bet365.nl/SportsContent/Global/Footer/ Frame 27B3 4 KB
5 KB 68ms
68ms Image
image/png 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.nl/SportsContent/Global/Footer/SPORTSX2-18.png
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 20 Mar 2015 09:13:01 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 8427de3fdcb60b40-AMS
Content-Length: 4400
Expires: Sat, 13 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK bet365%20grey%20footer%20logo.png
content001.bet365.nl/SportsContent/Global/Footer/ Frame 27B3 8 KB
8 KB 59ms
58ms Image
image/png 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.nl/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 11 Jun 2015 14:13:32 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 8427de3fe8b1b8f0-AMS
Content-Length: 7868
Expires: Sat, 13 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK TwitterGrey.svg
content001.bet365.nl/SportsContent/Promotions/LandingPages/Common/Footer/ Frame 27B3 776 B
880 B 55ms
55ms Image
image/svg+xml 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.nl/SportsContent/Promotions/LandingPages/Common/Footer/TwitterGrey.svg
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6e3f7c2420799e32c7d8dbc9a45f5137c2844c33187a9202fc08479becc003

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 08 Aug 2023 13:53:18 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 8427de401bd8b8bb-AMS
Expires: Sat, 13 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK Facebook.svg
content001.bet365.nl/SportsContent/Promotions/LandingPages/Common/Footer/ Frame 27B3 649 B
799 B 61ms
61ms Image
image/svg+xml 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.nl/SportsContent/Promotions/LandingPages/Common/Footer/Facebook.svg
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9798155f42f6363ed2bcebc3ad9785c05f00d5bc4ec7f535e90b040c85af5d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 14 Aug 2023 15:33:39 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 8427de402920661f-AMS
Expires: Sat, 13 Jan 2024 22:27:29 GMT

GET
H/1.1 200
OK ProductCommon_v1.js Show response
www.bet365.nl/members/services/host/Scripts/js/ Frame 27B3 987 B
1 KB 57ms
57ms Script
application/javascript 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js?async
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc045e08570de447e7b6319886d0c770d58f03f7d8c071c9b61456ca85b47438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/olpc/nl/135/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 22:27:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 08 Jan 2024 22:27:29 GMT
Server: cloudflare
x-bet-hop: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 8427de3f78ba6602-AMS
Expires: 0

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 282 B
162 B 184ms
84ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fngplus.com.br%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3f4ff09e543b2189b2ca7c7a97cdfac8e7d04e086f00669a9427ba87dc27cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137
x-xss-protection: 0
expires: Mon, 08 Jan 2024 22:27:29 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 4E61 271 KB
91 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7e71268d2862194615eae7ba55516e55a1529ce560230984999c2d1c2ee9cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 22:27:29 GMT

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/4736204/6800456/ Frame 8262 14 KB
15 KB 37ms
37ms Image
image/jpeg 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/4736204/6800456/preload.jpg
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_8725b_1238c_&affid=2566&siteid=8725&adid=1238&c=CM_BR_SB_BA_BETANO_NGPLUS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de7e8a7141de086455c3a4800148f82a292883665e5671da9d7c6b1993b4ae06

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Jan 2024 22:27:29 GMT
cf-cache-status: MISS
content-md5: Bzl50eHnaOzDqsXneHDqhw==
content-length: 14558
x-ms-lease-status: unlocked
last-modified: Wed, 19 Jul 2023 13:59:40 GMT
server: cloudflare
etag: "0x8DB88606587222B"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: f2505f04-701e-0025-1681-427caf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 8427de3f39bc1e81-AMS

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 8262 0
81 B 35ms
35ms Ping
text/plain 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6130c86b00c787e1d6076f86?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=https%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_8725b_1238c_%26affid%3D2566%26siteid%3D8725%26adid%3D1238%26c%3DCM_BR_SB_BA_BETANO_NGPLUS%26MediaID%3D2693%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fngplus.com.br%252F%26asclurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gml-grp.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8427de3f7a081e81-AMS
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H2 200 container.html Show response
c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DAFC 6 KB
3 KB 52ms
51ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngplus.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:27:29 GMT
expires: Tue, 07 Jan 2025 22:27:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 4E61 0
71 B 21ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-45M1DQFW2B&gtm=45je4130v894926616z8891162585&_p=1704752849682&gcs=G1-0&gcd=11l1p1l1l5&dma_cps=sypham&dma=1&cid=1820536814.1704752850&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1704752849&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.nl%2Folp%2Fopen-account%3Faffiliate%3D365_02788145&dt=Welkomstbonus&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=426
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bet365.nl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ProductCommon_v1.js Show response
www.bet365.nl/members/services/host/Scripts/js/ Frame 27B3 301 KB
169 KB 30ms
30ms Script
application/javascript 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AAD3FuuMAQAAo0qk13IY17ScnCkLooVX5dWKKcLK5DisBYn5uXH3SCQdxxWE&PIRXTcSdwp--z=q
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js?async
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a38c4ce51079cbd9a954953ca948e7313e3874e1de2f3264fd0e0a7d9f929d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/olpc/nl/135/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 08 Jan 2024 22:00:00 GMT
Server: cloudflare
x-bet-hop: 1
Age: 1648
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600, immutable
Connection: keep-alive
CF-RAY: 8427de3fd9336602-AMS

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AA53 624 B
826 B 132ms
63ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNbS3t4BMAE&v=APEucNU7EYkq5f1GOL8lMncCX84WvqUanLzhcUuVsW6I7Jy3jskYeqxcfDeKvZaSYR4S05lm5MKk09jmN1WurKyUOynobeixbgL-8R0EUYNdJ6SvKZCrE5nh-Cut4zObm61BGGPKOHPb4VvRpEwhG3G3uBudgF_L3Dc4nedxv13K-b8FTfYcEPI

Requested by

Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:27:30 GMT
expires: Mon, 08 Jan 2024 22:27:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DAFC 89 KB
31 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 22:27:29 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAFC 42 B
286 B 64ms
63ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DFDS7YQo1csnFZfHhJ3qIPRn-iqG4txA-U0qY2UO9Eq20UXjEshxj80xRhWHc-3opknzRkwDagJAWKr_ZBnOLgunSdwsJJEURtvDkKElbwrNNGimQ

Requested by

Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame DAFC 3 KB
1 KB 97ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 22:19:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame DAFC 20 KB
9 KB 93ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:12:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAFC 204 KB
65 KB 184ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 22:27:30 GMT

GET 1
ponos.zeronaught.com/ Frame 27B3 0
0

GET
H3 200 container.html Show response
c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DDA9 6 KB
3 KB 50ms
50ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngplus.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:27:29 GMT
expires: Tue, 07 Jan 2025 22:27:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 112ms
60ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?fm=t&rt=xfp&lid=187&sdkv=h.3.609.1&e=44750822%2C44772139%2C44777649%2C44781409%2C44804291%2C44808026&id=ima_html5&c=364226654380212&domain=ngplus.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3294 51 KB
9 KB 447ms
309ms XHR
text/xml 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22497919863%2Fngplus_robooster%2FD_Outstream&description_url=https%3A%2F%2Fngplus.com.br&tfcd=0&npa=0&sz=320x480%7C336x280%7C350x350%7C400x300%7C480x320%7C580x400%7C600x350%7C600x400%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=546338449420763&vad_type=linear&vpmute=1&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=2905555246&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=3FAC1579-9038-4F78-A056-D049E5685168&nel=0&eid=44750822%2C44772139%2C44777649%2C44781409%2C44804291%2C44808026&url=https%3A%2F%2Fngplus.com.br%2F&dlt=1704752847837&idt=1925&dt=1704752849995&cookie=ID%3D2c1af1c7e6e9be3e%3AT%3D1704752849%3ART%3D1704752849%3AS%3DALNI_Mao7A9-KRmw_74DZ6FN_C4M7fLGbw&gpic=UID%3D00000d3d943f81b8%3AT%3D1704752849%3ART%3D1704752849%3AS%3DALNI_Ma3Zp-opkLLsrY7RNWesyycEKS-SA&scor=469454232386116&ged=ve4_td2_tt0_pd2_la2000_er1325.1200.1484.1500_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ec8f46062aa838e6ffe12b70751e534ca7ec2b940a7f38b09b36ffd399a9637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8920
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAFC 0
20 B 59ms
58ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2950077539937&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAFC 0
20 B 59ms
58ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2950077539937&version=m202309260101&ct=77&x=1&cor=16840073600821795000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DAFC 34 KB
20 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXy58iA_XN3stPP-rG19pUI7dLvzk2f0gXLIH7AEL2wHznSYjD77jkhmxO4mUy_xBVHwWhVPbxrdgw4Pl81XoUHJ_dLpayReLW7NtuP4_x8t7adwtxghJY8wdVFZK-T-991TMJKKbO3wEyZsY78q4a8SzJ9ZK9-EQOO4mrp1GqLnJ_P1A&cry=1&dbm_d=AKAmf-D7K2_WIMzijlOGeCYQNJwn_C_1CnVtAvoot7S1Iv-mfjv3HOnie4sK3nE-scs6egQUEeFGbM_AshQwVK46xhbc3Uji5tAkBUda8q5wW0EeLdNGw-jPD6UldfL88nT06RTob-F-CmgbSMmk0JgeikyJBfzEDKvX07RH3GR_j2z5XIlA4riILRpBQbxoPKtBpwjl7TR0780xiohD0eLEvGGI9KVtaysHzfaGE8E8AjWh2y-w_zpMbmPsODhToSH75XtkXx8DfzQ5f3NzdwkKFvjpRMCGpNCFvuyXI9S8LuIumhOg5DOSSLId7HiepOwlp_Npai0wBYrW67d2aSva6Ft8-fbiLBNo5e_SE8l0FbSmkbplChJ-lYOptYvxPRHTSUY_XnzGJfwM2k_CvanKvkxZkRve2bfbZB-R2B6xbnn7hnd6wOap9fwc4ldwxYjUO8TqZDp3kT5sM5WNKHh_JipOoY6OLdwFS0di3kjyXwaAjiRA0-QYh2IDF9Q1HmPWKAxLeTe1SQ8rl-bG6d3j7ASMpn64FjQan2jZMnHlTdSCS0zzVmHQNcMtJc6rAClW2IZLmWIXWE8nvckgwpYNMdShgTPMNKzaLU8-tlDdKviaBLz9Wv3R8Y_1xD9XgJs0wBcNK4FxGnXOX37Bph7SF4Kdb01-3H59hWytFdBvFQNmCQ4-or-eiN01j0UdxKya8Sr0kb0qst9H35PtogutIG2lzF32Up3NcCd7bpD_VY2QgAObqeq-04YCHtNl7AAFx41INSAMAUOmDhEi5J6HN1ghz5d_Z7NEOdygkiULPIuh8Un2HpJtmxsyq-m0QNPMatNjhD5ePXr8MEbCikpX1GJBaUSNn3QWlOqz56QtnEXiDqvgLoLu9_DL6pTIJGW7LdHVB5XNuDGM86Xfbay7k2fhKKDEFSBfBySKZPbhAyIWvdi0pZzD6KJB1uJFqbQfZcwhpJnN3oSa7Sr0MNXDmvzQOm4Grx-LbEt8YQ78IGiY5tDBJtA5Zr9InT62oBBF4IK2qW8Z1nU5EQmehIeuK036EssOhgiOu9IPCRPtkccthhgyzq9kQ6vSepx-T2_lLnlKx_dov1dyovZ_RfIgZbXfQe3jFAwx3UUWGqEgkiztpENihPXpjUmKoR9MAfqDxWfPCtp0ReJ3QM3FH_Nzv-MDCPtgQxK9nnsuEi8OTzVr7tJTATQAaugqpP6EpbtHsGg7FpdnR2KW6toP6uKnn-obt0TbWW-zvdCNOxEUvCKQfQyFQEZCo5j2LiV9GxxKkc8I7ARrWL1vG6fD7sxc116Us6IpU3TpO2IYnv71ljfUzxOl7xSJLkrQeMTpKpcf1t59T9BFljFDfu3DR7naybwJGPRao5piNl_xblKfB4ybaEAdGKdUGkrpdXqnDrTwqIPbpO_HgXlfiF3J2c6N1mV77lNU5tnnpcq74mZFLo1P05kUwJnOkbnjDf4wkvlyjqXU9HmRHTztPgcdxCLdu_I0e5Cf1kopftlSk8Fa_LvL0E-MPqC7bIWjQkngDE8RkDCGN3AiDMmB1prTWhr0nNNla2O0bAvp_N2HiX6U3Eq-NTyyajYrUrQSJWemelbagk-1z2XJKnZ-Sn7W4rtHdzhCxlyQ8d2WXX4_bblvrsGnsjEyiOgR6iyLCXxi6UcCOIhQX7tRctvFB03GA8jzCl6agnAJSWkPj4sdykJS1uPbLhGK7SP01oA8QOpXdIZfS1i8rJtrFPIHrCnbJjb0Ri04UzR8wRZRba9uNx3vI7SmlAFBdmavnXp6iF3WcUYAdAzK6Qno9WhNRuYCmY7Pzjwy_vof5wPOWw-X_cVTa6f-fH-P46nc-Gd_F8QbvsOvxRb7sZpD6_7qkqZzTBBqKAZuOSkJ-DBkk8xhtjlp3yesUX1LIoq1VLbmMQJ1YiY84BvOKQV-cMHXgjNNHh_HgHVbruzxuwBo61y6RhCocnqX2-iL8Dbo2hi0N7tZSr38p_ZjRbSl--Qherwc8DXYDCQozIqf1Tn7VGM2Lax9gA9vG2J5XhQpBdRBNwpiDESWVV7d5jjzplyDbfNE8urMmCllF9FJspKSIco7E3bgnyoAFKOjh8rU-dcQCB5FLJaYgheLEfhVczROKBcShBPKNLdIoRtXMz91EKpaGbux5r1H_JuDGWP47WfRkzS9wpsuWiD4P1JhmVYnNxXiVXtQa7SrnQ95Rd2Wj69fqg8TH7BJOCc5APf6r_8RbP0bbXEzicJAA4yG5yacE-gIU1vevNaaq94mOzBfrCLwLY_pX8NfN3dlldHaEHIRtSL5AgcFtn-AiP_NxqL11nSTG2HI__bKBl4AkI2ME3XgbXzJ7Me3NDH3EvaKi3b5cVraMmrIi4WWQ8wuH9R8bI76eYg4AnWek2ctNYIQ41fqj-54TVBKgUqCxO8sNjMf3Rn72klKjz1wtwtkCuBa1ZGe5YHcHrMQ7ItVZDDxEc-22pUSKfm_FXPeOmuhnqhdYX9h7ce-BKoDZsTVovryBdGOsO63r-wOJlPYKO5Jiytq1YqT7bYX6960AbZRgo3Z2ED59L4TviDlR9vqebctuJPtZxnPoSiLwmzo17I-HG855IB3h-b5vAeu1XcGaAOONmylmX1ASNL0SKiuSwYLr-Q7IpAI8sRuI2-xx96c2L75DlFXhnI-WCA8Zs2oHzK08U49LTXjtdJf5eg1uK_1EDOP9FnUZMAH9bSvOsnbmo80hRQlJ98mVNsd6jekcFxUrbZUhgPEKdgbX0FyQV6YI49MiVVibeMFZUeGc-DXRNV7IbdKVrNuuo26T3_z9McoibxEEoa2Yz9g8qRhTzmip_XNXgn10h9R1JlytqM0UcuPuNqHuvOBXGg1IhSS8xd4X1NtkHOXaCUyl99s5aCOvIo1m_EVrUzkeZNFHsnUdnYZyDkamdKc8740iffybr_3riDV3XNa11hBCl8y3UZci3TG2qKf32iaUK8sTcOik44dR2BuIkR2YFY5JykiYaxWj_sdRctAXsord0EBuS2aYLWbzIDr3pLLVezK-1sJfu0kHUusTSkP-7K7pm77DmMKcM3K_fsU4rBDMnUjsjJsakj19WaOw5SCqrBCEFJq5UUm2t46MlrM0Vouh2DtwBzYF8miCR68Ax09-xudINIoT219RPn0MvLpFP-6XuKjztV48pYa3u8l_biT4whrUT2RbVN78JX6tpKu33YwJ9mtnvupIwcgu5pNCfkXlMmPiidlSyMm6nRdjHtsuJzeQgmBeBO-eLhgSUnGgKDeDm7F3htsNeSU_TQ4MvjTPMgZAShIDU1UD8U-X1cIQSJfmtK8_1IeLajMalIVOOJ9hOPdsnaBgRlJEWYaN7qNS4o7b82tK98gbl5XgN2xG3nHkrcPA3biYxQuG9UG2eBTfgZSsK_hxRBzZEHmoB87tDndJQa-8iHRnuCJ_55RGTCpHaP25LpTTbm6SFtUxPumZCw2BwBR0INLBJMwmnNvkTUuhDhqzn4mrSM-VrKZYCwunEA6zsiOT_J9ktOJ8Zx45yMzLSEfSWeBSWnbbeUZyxQfjFPUIK1zxocco2dssNXa6Wd0FnCVtDnwABs4DW1wcZyiFiuAL4Ql6IM6LdZNHqNx9vcKDBazT2Y3_nFgO3NhtiANxdqiPgZKrMsQNwrQQ1DZRqQqDuZkq8C2COt9klmKpimxKeOCo0F92TKn7CbZyrdc0tq-nJQZu_1y1uL8BqwnHW4vTQ-y85YdV2-gvp2_we3QpkqftleUBwS7ksRR_m1TL32BZ_DJ2BVL7Pu75j-5jwk4Z2BLH48iN-zGkZen5SXNq3zKYVuVTj29NxXA5SxaM4KRawdPpTW4MepFsKUvCYRhJ550Av_82i9Auw&cid=CAQSTgAvHhf_An3URQZBeKK934g99HZPs1lolYGGwTxryGTexXsImakAAQ-ud4i5tZa0ZM-py6-AedXNTUiLfFEEqvYEoT8fSP5xdH-HcQco1BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fngplus.com.br%2F&ds=l&xdt=1&iif=1&cor=16840073600821795000&adk=2086295848&idt=86&cac=0&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fbfcaf146dba41e7fd8d829287e081d4465f8279f08152d357837dfdc8209e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19623
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK d63a1fdc-63ef-4a80-bd68-543de03fe827
https://www.bet365.nl/ Frame 27B3 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bet365.nl/d63a1fdc-63ef-4a80-bd68-543de03fe827
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/olpc/nl/135/0/1/open-account
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
H/1.1 200
OK ServerTime Show response
extra.bet365.nl/ Frame 27B3 261 B
1 KB 317ms
177ms XHR
text/html 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://extra.bet365.nl/ServerTime

Requested by

Host: www.bet365.nl
URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8864efce91b63cc17acaf305730d3a35f4357c51937eec0c0a33c08d55427152

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' .google-analytics.com .bet365.nl wss://wsbanpush.bet365affiliates.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:30 GMT
Content-Encoding: gzip
Content-Security-Policy: connect-src 'self' *.google-analytics.com *.bet365.nl wss://wsbanpush.bet365affiliates.com
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
CF-RAY: 8427de419875b8ee-AMS
Content-Length: 264

POST
H/1.1 200
OK cookieconsentajax Show response
www.bet365.nl/olpc/nl/135/0/1/ Frame 27B3 4 KB
2 KB 66ms
65ms XHR
text/html 5.226.179.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.nl/olpc/nl/135/0/1/cookieconsentajax?
Requested by: Host: www.bet365.nl
URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f9194274af2f03901c585408d3a3ad8a269951b9fd5b27a86bba6e30d9d8b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/olpc/nl/135/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:30 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Connection: keep-alive
CF-RAY: 8427de40ba526602-AMS
Content-Length: 1404

GET
H3 200 css2
fonts.googleapis.com/ Frame DDA9 4 KB
671 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 20:29:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jan 2024 22:27:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DF30 14 KB
1 KB 36ms
36ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 20:38:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jan 2024 22:27:30 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame DF30 2 KB
903 B 31ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:37:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame DF30 23 KB
9 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 22:19:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame DF30 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 22:19:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame DF30 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44090
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:12:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF30 204 KB
64 KB 127ms
126ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 22:27:30 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame DF30 37 KB
16 KB 79ms
23ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Apr 2024 13:56:43 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame DDA9 22 KB
9 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:50:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:50:18 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DDA9 205 B
518 B 82ms
29ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 19:51:36 GMT
x-content-type-options: nosniff
age: 9354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Jan 2025 19:51:36 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DDA9 604 B
694 B 83ms
30ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 19:46:30 GMT
x-content-type-options: nosniff
age: 9660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Jan 2025 19:46:30 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame AA53
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECh-QVtPEk5BZH_dnAfW0ug&google_cver=1

43 B
334 B

40ms
40ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECh-QVtPEk5BZH_dnAfW0ug&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNbS3t4BMAE&v=APEucNU7EYkq5f1GOL8lMncCX84WvqUanLzhcUuVsW6I7Jy3jskYeqxcfDeKvZaSYR4S05lm5MKk09jmN1WurKyUOynobeixbgL-8R0EUYNdJ6SvKZCrE5nh-Cut4zObm61BGGPKOHPb4VvRpEwhG3G3uBudgF_L3Dc4nedxv13K-b8FTfYcEPI
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0IKzaSjTIRybZjIv7WI0SW8nhDmnJ0BnO8S8iYABCsxBN7czjgr5b1pillVxvXedX4PHBbOfekRH%2BYC6hBq128618cUQU5f17U2604JuqZYN2jL2GetVsQ4D7QehF22CAxY%2BCpqVNmNuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8427de41be8d28aa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECh-QVtPEk5BZH_dnAfW0ug&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AA53
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZx20kTcSDTeTJoIV4rNZgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEpp18LI4HVRdbH5JLD4Rc&google_cver=1

43 B
771 B

80ms
80ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEpp18LI4HVRdbH5JLD4Rc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNbS3t4BMAE&v=APEucNU7EYkq5f1GOL8lMncCX84WvqUanLzhcUuVsW6I7Jy3jskYeqxcfDeKvZaSYR4S05lm5MKk09jmN1WurKyUOynobeixbgL-8R0EUYNdJ6SvKZCrE5nh-Cut4zObm61BGGPKOHPb4VvRpEwhG3G3uBudgF_L3Dc4nedxv13K-b8FTfYcEPI
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7A6tl2f%2B%2BC7xiN4QviyQWxBZDYysz1ZrCKCb%2FSkt4TBkdCFQW8X8CU0GgLCX2%2BIKpHLoJ7qVM9eg6hbx5xgOdG3QmR47agBuC%2F8edEmlcsie2o2ClGalG7xt3AjD0R5oHwUMotjWIPWZ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8427de4258946649-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEpp18LI4HVRdbH5JLD4Rc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame AA53
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECtY8xmjnagaycL7uY-3Mg8&google_cver=1

43 B
1010 B

17ms
16ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECtY8xmjnagaycL7uY-3Mg8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNbS3t4BMAE&v=APEucNU7EYkq5f1GOL8lMncCX84WvqUanLzhcUuVsW6I7Jy3jskYeqxcfDeKvZaSYR4S05lm5MKk09jmN1WurKyUOynobeixbgL-8R0EUYNdJ6SvKZCrE5nh-Cut4zObm61BGGPKOHPb4VvRpEwhG3G3uBudgF_L3Dc4nedxv13K-b8FTfYcEPI

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
an-x-request-uuid: dffb73b3-baea-4245-8577-1a869476decd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.153.108; 31.204.153.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECtY8xmjnagaycL7uY-3Mg8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AA53
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIxMTU0MjM3NzA2NTM0MDQwNA%3D%3D

170 B
243 B

34ms
33ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIxMTU0MjM3NzA2NTM0MDQwNA%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
an-x-request-uuid: cd4e3014-e078-4903-b81d-8e352a40ce6a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIxMTU0MjM3NzA2NTM0MDQwNA%3D%3D
x-proxy-origin: 31.204.153.108; 31.204.153.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 27B3 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240104/r20110914/ Frame DAFC 31 KB
12 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240104/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXy58iA_XN3stPP-rG19pUI7dLvzk2f0gXLIH7AEL2wHznSYjD77jkhmxO4mUy_xBVHwWhVPbxrdgw4Pl81XoUHJ_dLpayReLW7NtuP4_x8t7adwtxghJY8wdVFZK-T-991TMJKKbO3wEyZsY78q4a8SzJ9ZK9-EQOO4mrp1GqLnJ_P1A&cry=1&dbm_d=AKAmf-D7K2_WIMzijlOGeCYQNJwn_C_1CnVtAvoot7S1Iv-mfjv3HOnie4sK3nE-scs6egQUEeFGbM_AshQwVK46xhbc3Uji5tAkBUda8q5wW0EeLdNGw-jPD6UldfL88nT06RTob-F-CmgbSMmk0JgeikyJBfzEDKvX07RH3GR_j2z5XIlA4riILRpBQbxoPKtBpwjl7TR0780xiohD0eLEvGGI9KVtaysHzfaGE8E8AjWh2y-w_zpMbmPsODhToSH75XtkXx8DfzQ5f3NzdwkKFvjpRMCGpNCFvuyXI9S8LuIumhOg5DOSSLId7HiepOwlp_Npai0wBYrW67d2aSva6Ft8-fbiLBNo5e_SE8l0FbSmkbplChJ-lYOptYvxPRHTSUY_XnzGJfwM2k_CvanKvkxZkRve2bfbZB-R2B6xbnn7hnd6wOap9fwc4ldwxYjUO8TqZDp3kT5sM5WNKHh_JipOoY6OLdwFS0di3kjyXwaAjiRA0-QYh2IDF9Q1HmPWKAxLeTe1SQ8rl-bG6d3j7ASMpn64FjQan2jZMnHlTdSCS0zzVmHQNcMtJc6rAClW2IZLmWIXWE8nvckgwpYNMdShgTPMNKzaLU8-tlDdKviaBLz9Wv3R8Y_1xD9XgJs0wBcNK4FxGnXOX37Bph7SF4Kdb01-3H59hWytFdBvFQNmCQ4-or-eiN01j0UdxKya8Sr0kb0qst9H35PtogutIG2lzF32Up3NcCd7bpD_VY2QgAObqeq-04YCHtNl7AAFx41INSAMAUOmDhEi5J6HN1ghz5d_Z7NEOdygkiULPIuh8Un2HpJtmxsyq-m0QNPMatNjhD5ePXr8MEbCikpX1GJBaUSNn3QWlOqz56QtnEXiDqvgLoLu9_DL6pTIJGW7LdHVB5XNuDGM86Xfbay7k2fhKKDEFSBfBySKZPbhAyIWvdi0pZzD6KJB1uJFqbQfZcwhpJnN3oSa7Sr0MNXDmvzQOm4Grx-LbEt8YQ78IGiY5tDBJtA5Zr9InT62oBBF4IK2qW8Z1nU5EQmehIeuK036EssOhgiOu9IPCRPtkccthhgyzq9kQ6vSepx-T2_lLnlKx_dov1dyovZ_RfIgZbXfQe3jFAwx3UUWGqEgkiztpENihPXpjUmKoR9MAfqDxWfPCtp0ReJ3QM3FH_Nzv-MDCPtgQxK9nnsuEi8OTzVr7tJTATQAaugqpP6EpbtHsGg7FpdnR2KW6toP6uKnn-obt0TbWW-zvdCNOxEUvCKQfQyFQEZCo5j2LiV9GxxKkc8I7ARrWL1vG6fD7sxc116Us6IpU3TpO2IYnv71ljfUzxOl7xSJLkrQeMTpKpcf1t59T9BFljFDfu3DR7naybwJGPRao5piNl_xblKfB4ybaEAdGKdUGkrpdXqnDrTwqIPbpO_HgXlfiF3J2c6N1mV77lNU5tnnpcq74mZFLo1P05kUwJnOkbnjDf4wkvlyjqXU9HmRHTztPgcdxCLdu_I0e5Cf1kopftlSk8Fa_LvL0E-MPqC7bIWjQkngDE8RkDCGN3AiDMmB1prTWhr0nNNla2O0bAvp_N2HiX6U3Eq-NTyyajYrUrQSJWemelbagk-1z2XJKnZ-Sn7W4rtHdzhCxlyQ8d2WXX4_bblvrsGnsjEyiOgR6iyLCXxi6UcCOIhQX7tRctvFB03GA8jzCl6agnAJSWkPj4sdykJS1uPbLhGK7SP01oA8QOpXdIZfS1i8rJtrFPIHrCnbJjb0Ri04UzR8wRZRba9uNx3vI7SmlAFBdmavnXp6iF3WcUYAdAzK6Qno9WhNRuYCmY7Pzjwy_vof5wPOWw-X_cVTa6f-fH-P46nc-Gd_F8QbvsOvxRb7sZpD6_7qkqZzTBBqKAZuOSkJ-DBkk8xhtjlp3yesUX1LIoq1VLbmMQJ1YiY84BvOKQV-cMHXgjNNHh_HgHVbruzxuwBo61y6RhCocnqX2-iL8Dbo2hi0N7tZSr38p_ZjRbSl--Qherwc8DXYDCQozIqf1Tn7VGM2Lax9gA9vG2J5XhQpBdRBNwpiDESWVV7d5jjzplyDbfNE8urMmCllF9FJspKSIco7E3bgnyoAFKOjh8rU-dcQCB5FLJaYgheLEfhVczROKBcShBPKNLdIoRtXMz91EKpaGbux5r1H_JuDGWP47WfRkzS9wpsuWiD4P1JhmVYnNxXiVXtQa7SrnQ95Rd2Wj69fqg8TH7BJOCc5APf6r_8RbP0bbXEzicJAA4yG5yacE-gIU1vevNaaq94mOzBfrCLwLY_pX8NfN3dlldHaEHIRtSL5AgcFtn-AiP_NxqL11nSTG2HI__bKBl4AkI2ME3XgbXzJ7Me3NDH3EvaKi3b5cVraMmrIi4WWQ8wuH9R8bI76eYg4AnWek2ctNYIQ41fqj-54TVBKgUqCxO8sNjMf3Rn72klKjz1wtwtkCuBa1ZGe5YHcHrMQ7ItVZDDxEc-22pUSKfm_FXPeOmuhnqhdYX9h7ce-BKoDZsTVovryBdGOsO63r-wOJlPYKO5Jiytq1YqT7bYX6960AbZRgo3Z2ED59L4TviDlR9vqebctuJPtZxnPoSiLwmzo17I-HG855IB3h-b5vAeu1XcGaAOONmylmX1ASNL0SKiuSwYLr-Q7IpAI8sRuI2-xx96c2L75DlFXhnI-WCA8Zs2oHzK08U49LTXjtdJf5eg1uK_1EDOP9FnUZMAH9bSvOsnbmo80hRQlJ98mVNsd6jekcFxUrbZUhgPEKdgbX0FyQV6YI49MiVVibeMFZUeGc-DXRNV7IbdKVrNuuo26T3_z9McoibxEEoa2Yz9g8qRhTzmip_XNXgn10h9R1JlytqM0UcuPuNqHuvOBXGg1IhSS8xd4X1NtkHOXaCUyl99s5aCOvIo1m_EVrUzkeZNFHsnUdnYZyDkamdKc8740iffybr_3riDV3XNa11hBCl8y3UZci3TG2qKf32iaUK8sTcOik44dR2BuIkR2YFY5JykiYaxWj_sdRctAXsord0EBuS2aYLWbzIDr3pLLVezK-1sJfu0kHUusTSkP-7K7pm77DmMKcM3K_fsU4rBDMnUjsjJsakj19WaOw5SCqrBCEFJq5UUm2t46MlrM0Vouh2DtwBzYF8miCR68Ax09-xudINIoT219RPn0MvLpFP-6XuKjztV48pYa3u8l_biT4whrUT2RbVN78JX6tpKu33YwJ9mtnvupIwcgu5pNCfkXlMmPiidlSyMm6nRdjHtsuJzeQgmBeBO-eLhgSUnGgKDeDm7F3htsNeSU_TQ4MvjTPMgZAShIDU1UD8U-X1cIQSJfmtK8_1IeLajMalIVOOJ9hOPdsnaBgRlJEWYaN7qNS4o7b82tK98gbl5XgN2xG3nHkrcPA3biYxQuG9UG2eBTfgZSsK_hxRBzZEHmoB87tDndJQa-8iHRnuCJ_55RGTCpHaP25LpTTbm6SFtUxPumZCw2BwBR0INLBJMwmnNvkTUuhDhqzn4mrSM-VrKZYCwunEA6zsiOT_J9ktOJ8Zx45yMzLSEfSWeBSWnbbeUZyxQfjFPUIK1zxocco2dssNXa6Wd0FnCVtDnwABs4DW1wcZyiFiuAL4Ql6IM6LdZNHqNx9vcKDBazT2Y3_nFgO3NhtiANxdqiPgZKrMsQNwrQQ1DZRqQqDuZkq8C2COt9klmKpimxKeOCo0F92TKn7CbZyrdc0tq-nJQZu_1y1uL8BqwnHW4vTQ-y85YdV2-gvp2_we3QpkqftleUBwS7ksRR_m1TL32BZ_DJ2BVL7Pu75j-5jwk4Z2BLH48iN-zGkZen5SXNq3zKYVuVTj29NxXA5SxaM4KRawdPpTW4MepFsKUvCYRhJ550Av_82i9Auw&cid=CAQSTgAvHhf_An3URQZBeKK934g99HZPs1lolYGGwTxryGTexXsImakAAQ-ud4i5tZa0ZM-py6-AedXNTUiLfFEEqvYEoT8fSP5xdH-HcQco1BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fngplus.com.br%2F&ds=l&xdt=1&iif=1&cor=16840073600821795000&adk=2086295848&idt=86&cac=0&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:54:50 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DAFC 41 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 22:05:36 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDc1Mjg1MDA1MjE1MgogIHNlcnZlcl9pcDogMTQ2NTI0NTkwCiAgcHJvY2Vzc19pZDogMzgyNjA5Nzg4OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame DAFC 0
836 B 206ms
90ms Image
image/png 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDc1Mjg1MDA1MjE1MgogIHNlcnZlcl9pcDogMTQ2NTI0NTkwCiAgcHJvY2Vzc19pZDogMzgyNjA5Nzg4OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTUzMDkxNDc4MTYxNzMzMjI0NzMKZGVidWdfa2V5OiAxNTM5OTE3OTYyMzQyNDUzMDQ0NQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMDgiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMjc2ODE3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzU3Njk2MDAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTExNzk5NzQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwMzIxMDgxOTk1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDY3MTE4NDIyCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8uZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLnBsIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5pdCIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xcf7d6795d78f8baa0000000000000000","13":"0x52d28da589367130000000000000000","14":"0x84ae78da407c165c0000000000000000","15":"0x9719d5de3c3cc5180000000000000000"},"debug_key":"15399179623424530445","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"15309147816173322473"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame DAFC 43 KB
18 KB 194ms
56ms Script
application/javascript 65.21.130.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.21.130.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.13.130.21.65.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Mon, 08 Jan 2024 22:27:30 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Tue, 09 Jan 2024 01:27:30 GMT

GET
DATA 200
OK truncated
/ Frame DAFC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e440a25c4316145975ec0704e39bb57e26e14106400fc65abee02c2fa7f91f89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8B7D 38 KB
13 KB 49ms
49ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:05:36 GMT
expires: Tue, 07 Jan 2025 22:05:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js Show response
pagead2.googlesyndication.com/bg/ Frame B55D 50 KB
19 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19703
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 22:30:39 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B7D 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:05:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 22:05:37 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame DAFC 20 KB
7 KB 107ms
17ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA2) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:31 GMT
server: ECS (amb/6BA2)
age: 384
etag: "64e381eb-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Mon, 08 Jan 2024 22:37:30 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 15D6 2 KB
1 KB 103ms
17ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fc6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 456
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Mon, 08 Jan 2024 22:27:30 GMT
etag: "64e38310-744+gzip"
expires: Mon, 08 Jan 2024 22:37:30 GMT
last-modified: Mon, 21 Aug 2023 15:30:24 GMT
server: ECS (amb/6B83)
vary: Accept-Encoding
x-cache: HIT

POST
H2 204 csi
csi.gstatic.com/ Frame 3294 0
234 B 71ms
20ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lr5htxef&c=5426168609268&slotId=2713084304634&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 3294 39 KB
19 KB 130ms
66ms XHR
text/xml 142.250.110.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B1mS3HV-V15_EgYDWZwIZXI0Fq0-Yy3A7xVEJ4HYH9odOHs3Zvva2NmUdkS_axKl5LGJW2jwmWAhMM37-dLdyVr5eGXA&cry=1&dbm_d=AKAmf-ANa_CVOqYM-zix69_P-W6wDO0cY0nvT0jmVdpp_zcqmYt3Uay-A2dV7RwTLs8-6uKutxWaEkf-SKqLw57W0gOHqHvSbP2BpOnip3rndXPUa8qFMvSZkmBkzVKeink5QcwFyfTK_RbNddHgXUdB6LCX1TBDKwNK5lcS-aYCGRD4Y9Wu3mRfqu-XNMD-rt3CWv75zYMXWfghe6USUKj_T0uEH91r98U3LcH-TT7XyE6JC8LOSAZqovP8OcahesZb0xLV_DjOEn6ZADKujCzWz5yMVV9zcPJ2LVqtBYB7ON2VnoMV5VvCqLlnISMR4YCRrrjj0tm6tzZ1OhKC17mgvKKVMEk5ly1OBsmurvutXGKFt17MajiwrOkhazWssqjjgMBB81DqSi9mqlskZtOl37OfKnUiZXqLLt1GTurMDONCbzzZOZryX2uzJ9wUBSnG3Sm9SzSTNF7igvYZ8mffX_v9ms3uBPQ1mxIkcLB-hC_0KYRZPQzfAe-AfFtMZZphgPB0RMDJAOmN7CXXF-e6Op4jj8KnIejGi4ZgCl-Vgc5jzv6xV2RonMdnRmRw73NygrB70OeHdZSQHnWeIYDGHc71oMURdn26CFJFHpG5iRwi2anm3ZCplSZkRcW3ymjsre6uYda17WFHLoP3Di_ZLSyvvChKK84QnVSNKDriZ9aXRQjTjXirf6dg7o6VYWiS4ey6r41uAGRjP606f_cToXXcRYhkwCORdUCm_k6xDEGYKvmclDc5XaV9oVv6qQ7--jhz3f4T-2mXFE-gaB-miqHvCa0XuHGxCe8a76TWIQb2IYyTltaRYdsgGIk2BovAeN5Wjl0ls4DEVspGSFJ2Y8UqD-4-2i4xnk5eX0JllVMf2RbkmaHhitADznSvFF_iSmQ5I3xhlSwmeqfUUG1C7ywdx10tRxskYyTyJ5tqziHn7viVgrdP8-hY2caT3TcXMHa1dCMbpj7dsYu2Imhh2GSnRDIKU3dG6XeFYGC7Rwtzj6cHWQUS0f9DV00de3ky650Igd6esly2pj70Epu0bUm0LACwsnBRXrY9pIXWFypIjkQjFd8c528czPrNA5hRejdvCBtXGrG7PTFCNdUwx5s-zaIFLfvc2P1yDKHsP1rkiRviHx6Uh4pUvICAZfHHeGIZeqGCbvJHQfkJOWlCTpoTu7zxz5FmMl6EBljVqD08Uan-tW2JeMS4i8NhR9pzFJ7EN6fEvilJ5cL7rrrjp78q30RrGytDDJIN63QZKG4bwNclqN-VEoPwV1bbAtY36f7oWh1-x8Yneo4GOtOwjyTGgs9RIVuZjq2tDUBBCdTG_5Od_YsxzAlFEmVZZWKVIox4FtlRiH8KASIZ7EpfqyEl6IOr5w9aPvJ58GbPaCbOIpCUQPVlMhmLhZStffZlB-VrpsgZ2HKDYtnQbBaYjHM8gpLVmqacq51m4nBBzmjnHKuYGYizARXq_PCxyNgkI7LpSNn1r53IJwlZlcObtbk0UBUb75MkyKQGDjlMMqrYjvJBwBjjEwCqHKN1uXNS5w06YyY1d9X41wMOqfRTIexxAaDvgE9zovil-CZcTNahm0A5dvfEbTdqXhBiIPZkMHn6AW6--LC1A4RD6aD2U1kkslOUDYF_R-Sijl-i4nioTDWdmbTM3Tp0c9NyHeT-0LuTGZzsiLl57rarO8p_dP-QOv1ylvzKtAnHAFFP662nHbl_E4KEtY-zyd7sE7MFnkFuQkcj6krKdgWhG8eljG_ZEZncVVKkHcEeav4ZEc9KSamczrCTx5WtIrvmmMnHzB715ir25rOmx9mmEUeYG2kDkwlKVW0024XY4FwoFzPy3YAP6pwXQQa1IwWipdamIhbm4ImKjyUNK7DMTFfn1koxKuVOsHnsB-xqGI3_-j3a-lKk6p_gjYKDwklni8r5v_sHgtkNhdWgjmaZIkkrKSHxaN1CyucTV8t6YgfKszXdbA1LiUbKixC34BOUmwgQSK60hVzQd6RjmcA4XJdbEdoCNe8JHMvvP_0yDkbTF-U7iNk4xS1sGJkw759qD9G44FC_hnH4XT5iQwg_REoR6yJzIWBsI5L0dVKN-sLSltdan9LBj6oOqlPFAflvHr6Ymp_Hx4fcIJXLXtT68teVFq93nAkiqerklgl-sK6hvAHQ2UY8XMtEPZ-WPkEHbgFBsCYb1mJF6fJSdrM5DITRowdkwLHbvLFYQ1jJ4msFD6ZHLYSPe9fb7tsAftIh-zjnAWkcbzkeWo0bqc6t7AbqG_ikUayW2mZkbFtsb6Hd6mA5VkMJMfH3nquKT9g55PfSrMgOgUkeG77_QdAtQuTtNcFBtJWxeDeJrHHaxGMA2sRMGyj_yRe8B425UYRtnAzn99Z0VwIUWn-E8xt7B9oFMuoZ0cCDH3TpSFR5hRlw8LG2dtRrMDZAG5rSOUkcpqfwxFTR0-EGefJXtx0T8urclT0GhYc00fZOVvJhO_6P7Tz2aXMLWCCptGB_Lb9GalR03RvUdIwa0uKvGCWoxvHi-jXIel0zk1BfymQRpAvxcl4aLFiefOS6hQfxbZO_SJ56DuK793IWdklx9uiRU2AMthokSwixeNoDVV57lYxVtig_I0cKABul1pEsLeTwkbKQF0ARLIgrsOPxLSqaSrV7AjdoaIsJymV4oK097CCXDmxUPJKtkb3czrXaY-pqefyMEqZm_kIXG0V6gCdq9DJhdb7ZNG1j1YyZ_sonssaOn4PUMD6gi5hX5ceFHCsSchVudEj6nU49zxdhyd6jr7LLgNJiH5FRh_6la6ZBOX6MPAw7JvD9tmCzI8bmu5a9HPFaIXX-PwDyWxsq8CA8yYrvTTI87ByJfsN_8R3_TXfgpUI-XUAyqLiji_E5PSihXW8mudRet-IZZNJgZJc4dL5eR7ajY54Xhuc6y2N-6SlouLq_xEpHLFRXVmGq8jOrrGYCpm1qRI7oIi6ksODJnJB4W2zo_lrjEYSJ9BE_tXw3zfxqnDjOGP278lzZ0Jxt8bEg28RKQrGS-5yRI80UDJCaD2UqmgCUlMyCOrG1J0-M7H6-wqWWbsb928sCMUGS7lKlAUwq2Oj1E5wGPYahEnNsIo9rq5kqEXaZqZGE6RlPzAa5e6Ybq168X-_Io1P_zIw1Rk3dsbnrbbhQ5CQ14aPt8rL9CQDW1B52Gmny5P2Kz_siLOJF1gt6mZdmpzjS-s5zdolxEwCW58_LLt9kX3kKpoozjjcM1SaPKJT9qUTvSgYPwXsdwXH3LskNWMSW-ZBj5zFAi9hTYuY_wStQmr0XL6OkGeZqSVajaafVzPiildu6jXDkjpFeiPpD0HSMpFKrjOXv8gEC4TrI1CUOMpP7m-MzBge34vmXoveeNNAlvwmAscMxjrPGQ63NKD2NBcASHr6P8P-Siv8KKc1W9zkNTI0KOhk5pus7mwDZExwthkoiigVD4oU0LTT1WH1pK32NhP5nRFTiUsMrz1wNZdPdFnB3j4W6HJfGdoBtCucSiHnhhLdrraPZuFrdTPE5E_Z3A1oseEyH-eQl8S_yomtYlD3E60natwHr5d4-xc-eGk53XN9XkjzYEKcNfO6EuzoOaq-Ysa8dHbE3NoZUxEWI_SkWrNhg4QoLol1pxXbwHVCdFyqxaQhP_RnYhTTzVhwWul4sTAjdN-OWITXyt4_J-uUoiNyenTEBFYaEmla9E5bIs7EXYUxNpkPQVgVA6fmGJMtLtTcIy42Hb8lM0zYX39-fKkDfxLWpTsWlIaZwaji8T236X0lXaexW-_GxxJiXOAEEHtI6dD_Q1rCLLQGfCif16LQ_agcEkMljaZrcbkG3WwrdHpxsuDU1LKHdWdYnqSAlY3WJ9erbFdxa85VkWUpfcwV1gpTrq4pUWYd7hXmJTE033LHk0xIf-ab-uQjNYpFDAf2G6kFOUk9D8XyQ-A1kQfTnfXoKEvh5aMQZIwRlgJkdxC13cmUZ7Y8Fjmhp4JY3NY4QIOdGXAhR2gPyzwJUjTLofuNK9KCKbBfcApR3ShbgB-pvoyLoziI3AmcaHSbXrIo3hF6htlKYqq1Xl7WrA98gDj2mo-FjKp2WoktAj9plETsupMiaSG2F4bUjPMa8HE_2tAZ8zqJBAzK7l7vG0qKlQXG0ZDnftzleeY6qmCj5itEpd9tiIhQLzFea8Mx-3fC6Fk-_qAoN6_5bYzXzcY9PfQ&cid=CAQSOwAvHhf_xRGN5eAb3DrfyrzhL47siwyvUrZmF7V5ggJ0K0GyzbGcrkpcGL4dPYbKZRhenUxyZb1_j28KGAE&vpmute=1&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&nel=0&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=2905555246&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=3FAC1579-9038-4F78-A056-D049E5685168&eid=44750822%2C44772139%2C44777649%2C44781409%2C44804291%2C44808026&url=https%3A%2F%2Fngplus.com.br%2F&dlt=1704752847837&idt=1925&dt=1704752850463&ged=ve4_td2_tt0_pd2_la2000_er1325.1200.1484.1500_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.110.156 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wf-in-f156.1e100.net

Software

cafe /

Resource Hash

f17d1719160d8276fbce3e161bbda31b5606e966e7f73a889130f7ccb0fbdea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19156
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 398 B
180 B 307ms
307ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3486561013196934&correlator=1684025107966316&eid=31079956%2C31080298%2C95320409%2C31080115&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&iu_parts=22497919863%2Cngplus_robooster%2CD_UnderAds&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90&ifi=3&didk=1527178163&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c1af1c7e6e9be3e%3AT%3D1704752849%3ART%3D1704752849%3AS%3DALNI_Mao7A9-KRmw_74DZ6FN_C4M7fLGbw&gpic=UID%3D00000d3d943f81b8%3AT%3D1704752849%3ART%3D1704752849%3AS%3DALNI_Ma3Zp-opkLLsrY7RNWesyycEKS-SA&abxe=1&dt=1704752850479&lmt=1704752850&adxs=0&adys=1410&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fngplus.com.br%2F&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=1538086108.1704752849&ga_sid=1704752849&ga_hid=1358351245&ga_fc=true&dlt=1704752847837&idt=1327&adks=1759529405&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0aba6d3542fb51c1f8f40ea3a251fb04a51ec239a668c9d1c38f52a07482344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ngplus.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B7D 0
20 B 62ms
61ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B3g8A0nacZbiXA66T7_UP4b22oA4AAAAAOAHgBAI&bg=!4-Cl4K_NAAaumcC-jpk7ADQBe5WfOCal5hs9nYMZf9YFxw82LoSEKWrr4tDIKvwQxgGnHO6HY7OoyaKZn6M_CTrgjAEWAgAAADdSAAAAAWgBBwoAc5VyY4YbitHmKrAqiNVwmwEF-QJn5xWn5OhHvShtt2N37djHdqXUgqgCL1rxA4jbvUrpox97Gdr-UABuxPGsfoWhZw3pRYH93MO2yMzHwb3iB9qN9fIiptE7IkekkK_OITAiSDAiIwCEL4L21Zldpi5zmqaZAxl6KF3Nn0ZTY4s4C3aXS_U8CoL89FyksVX73rVC1DNR76MLUaDeTQWeTR3SIE_7isO6zanXC66FA7PM2amXYD-a3XgjpATVw2XVpsa9LDUtP1x7VQhQX4BR20t8FNGtHTkRUUPSWV0XbN5SXRW7J-Y8V8-0c3w2e80t0cSsAk4_I0otOZ4AhvVFGBsBm8uq2a628RibmzzhxWBEJBXXzF4HmtHbXw3C0Iu9ty_g40c5uNAzbLQq3VM0YFCvt_SM1O4Eff6IP9lQQbQH6295icTzxMsDjMoJ-bTIKJq5_iQQhHNz6LrEE9PiEvRCTqoT0qxU4uBx8Ai63_N6laVdbPet6R0GYybQo84n35gciAvZXgVTAte2ATpz5rfQWE62d6a1qDRGzOfnnhLmGqInXWsMpWoj78Fg6FPtuKV7BfGKKyIbuKQWI8ylGMqQGtPiTafCI7lrvkUUfMJ6SsA-7H4ni0qUnrjwZFLgjwr3Vf-2esb7tu8THxKA0sEDfE20DNajuHvRx95DRRijcxeKRHBq3O6ka33muxJU-vKWr-1K-NChx743XN78ntLXioVJ2bUFMXqEo-GAh3IVcMppi1UrN-z-mdWKyOJ55s2RjMw4jQgiOtz_Lgoz3Px_wBjiiwNqhZRtPxvir-PvoWfuk4zLd7hxziiKHXI1fYM-DKNbzMqvD5MW-3ffmbcu4RDFXMwHdGnsv5lwahp6cfwFcP7gRImNo8PMLYRMxKaIcsae5G-E4NCas6EqFhfzLNMS1s9yi3lTycyFMSStDbg8vHiylzQp54LJRXzeiePadrOhyChl65MIy0dKBmPP1BCFkdpYZZaO3G-tW68IyOzBhZWAW_17LoVp5SVYKkZD1G01OtsbY4yE9i_wjxTVkTL8y7sARTeNSjBngzvXSZ09CQA_q0qi6ktcFe0Y3QIWOiLIF__-cmzdZYRacD1lh3wjCbrXHgJ24lXMOTHzkBRtjn205oNWSzomPEzW1Yuwk4V1Vy-IEYTjvCeX_909IZpFZ3h5d2xzBjkD-lajhotNgQeOzkho4JjrNzzs

Requested by

Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag236671 Show response
ads.revjet.com/ Frame DAFC 258 KB
42 KB 77ms
77ms Script
text/javascript 65.21.130.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236671?_plc_id=111757820&_key=b9d&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCw4N50XacZYq8GqGg7_UP3uWGgASPjoi9dO2ulffPEZ3M_d8FEAEg84G0nwFgkYSghYwYoAG5rJCLKcgBCakCmwsOreBksj6oAwHIA5uEgIAEqgSiAk_QY56q2x_cMo5Z3aM518uwkdZ0LTFYXMYrd_0CKMLgK-3Mt3qGVW-m35vrBeRqWSnkBLKcA1LEII06bh5chWfBtaTvh9mBUESyncZA8AbfQcFS7lZFnMNXGRdywQ0HXdXSAUbQSMsClj7T9zIB7d4Nw20cAWGUr4J1ZhDQfrwfv88uMUIjmfwBdjx4NgzFd8Fgs1OGpLa-6z2dUPCw1I-lfjBr-7-LfQ_GicRiD1eWRHY0EH4Fmu4HUmRirVIHijzzVngnE6QL-DIc9fOxdIVNbXpFZT1h1QCQKVGHjD22AY9NNtoJTdlHhigpvmJgJ_FLM4JSCLvQQPUiXCdPYmuGcbSEljlqSaOJSRHlaId2M3ba7iLNrIfn4O27SK4tz3TcwAT2_9eztATgBAOIBYu17NlLkAYBoAZNgAe55ODqA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WKzYk6DrzoMDgAoDmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTOINEwi0_pOg686DAxUh0LsIHd6yAUCwE_OckRbYEw2IFATYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_An3URQZBeKK934g99HZPs1lolYGGwTxryGTexXsImakAAQ-ud4i5tZa0ZM-py6-AedXNTUiLfFEEqvYEoT8fSP5xdH-HcQco1BgB%26sig%3DAOD64_33_DgFkJlJY1JaCKa6ItSKq3AqMA%26client%3Dca-pub-2652778923374013%26dbm_c%3DAKAmf-BtUnI0DF-OHyyUKPGTMZPULpNV6fXrPo6UMjAY8ni0yOVqAtxr-wbf7GWlkU9RH7dPCTD4s6MhvYabDTkyjHprE0JqEBTGQtfmQ9MZw9no0aZjP5tUttJBx6Ep8fRvIvhM1ZMft2Xi8WaPcTY_N-zJC2ZaumWf8bxzptka4hPM4BGPBQI%26cry%3D1%26dbm_d%3DAKAmf-Dg_uWrM-4GdN6yap3B0weDFPG282t0GXiWxMsayaT6UNZijaF7mplxZlxkxJW1SDKsQLYlj8v7XAiwrofMi7ZgDGFdEIX8LdEETx0p6U0htTYMjby23z2RKdPZjjXG9LKHor-oCmd07YrG_KkD-6MHx2Xs0uclr0B5BMq09KfVQLzi4sIOrkNIB1ULPHzdg-PJSFdk8J-hXefeimEU6cXfZTBbT6s_t12arSEk-xYs-hQvLaSTYmDMGuXDZ9t-0y6k4wWIBW9W1QDBtxvdUOc329qZ6ITPuKSwH5NHscCMkVo5dfIVa4QhBvFPOqCEZtbMa-lkFBTUYn9woslboiMPpHCHK8SalNvB2IynQe_CjlGTzLcyCSiExfwDMR-uRxFkx7uYoZGvIMsEse2jLpoznrNg1VxWJnGGZ26yCIFSqy1EGOCSXhPjiYmvesXcTm1rk5EluxMHvxPZDCaCqfhbDzTeeALTuQrLRYBqzsvYh78paPcCRN090-cO6u-Vt9KBjZK-lhdzErsGnPj90gSd_5izqXgtXbspiTRJvZYEBW733Dk%26adurl%3D&dv360_cmp_id=20321081995&dv360_li_id=1013520349&dv360_crv_id=467118422&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fc6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fngplus.com.br%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=9c6ec0b17ffdb2ec9461_1704752850537&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fngplus.com.br&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1704752850539
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.21.130.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.13.130.21.65.clients.your-server.de
Software: nginx /
Resource Hash: c643f2fd9b5001208cfcdc5347537e4329e77706c69da220732b43ac9c9cf359

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip56643
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3294 0
54 B 20ms
20ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lr5htxy4&c=5426168609268&slotId=2713084304634&ghmsh_eids=44750822%2C44772139%2C44777649%2C44781409%2C44804291%2C44808026&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3294 42 B
121 B 64ms
63ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDClw0nacZeztCpCG7_UP8tmvkATog6jydJvRkPKhEu2O_MIDEAEgzYbYnwFgkYSghYwYyAEFqQKHoCQ3TGKyPqgDAcgDE5gEAKoE8wJP0Pz83gfeliVGCsoxx845rDAG3p_qfdQxFEVwSgmTJnhD-PsO939dQcRdy9nc30mk1RouiHJJ4aGinXuGDj0C6BaKFZE7X8-7zGBsRjDosz-VOXYpf86eWces6FDZUikuxQ1YzgWsW_d_XHdz0tyFjpkV_LQZxAEq7OmbY3mdiILkQjwZ5A_LHTaJbdLZlovctJSB938ToH_IGcjobmaMwlbaalgjxN-vbjJJXAILPmbSYIRkbzGGt3RB13ytspBtnFVQjLSvBZO0R1pPdNWNWm_y-Eu6d-Q89UxSX6obXaCmLiJ6KuRuC9Co0v6-CLrIMx1N6X6NR5XJ5b9TmXveo2o0-5Q0HVOp6pS26O72tKsUh_dMZKM13d4r7UqRTSVKbFbqLWCkJe3BJf4uTdo7pfr8Sg-xjL2j98IYhkGrjNMRaqU1YXs3Lw5p9JehwBs6gYmy2RvkCNLblnhYk6O-riQi6oqlMZ6VcCNuipICD11UA8AE5YOkj8gE4AQDiAWGsK3jTZAGAaAGdoAH8qWo3gKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliE8cCg686DA4AKA8gLAeALAYAMAaIMCCoGCgS7u7ECqg0CTkziDRMI5KnBoOvOgwMVEMO7CB3y7AtCsBOi_IEWyBPn957kA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=HiD_dGJPhZ8&label=show_ad&sdkv=h.3.609.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2ODU1MjU2NDk3NTBAzQMKXAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzU1MTkwOTMyCTIwNzkyOTEwOUCKAVIhCOgeEA8lAACAQSgBOgs1NDE3ODA5MjUtMUIER0RCTVAAGAE.

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
pubads.g.doubleclick.net/pagead/ Frame 3294 0
0 90ms
89ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CM1Av0nacZeztCpCG7_UP8tmvkATog6jydJvRkPKhEu2O_MIDEAEgzYbYnwFgkYSghYwYyAEFqQKHoCQ3TGKyPqgDAZgEAKoE8AJP0Pz83gfeliVGCsoxx845rDAG3p_qfdQxFEVwSgmTJnhD-PsO939dQcRdy9nc30mk1RouiHJJ4aGinXuGDj0C6BaKFZE7X8-7zGBsRjDosz-VOXYpf86eWces6FDZUikuxQ1YzgWsW_d_XHdz0tyFjpkV_LQZxAEq7OmbY3mdiILkQjwZ5A_LHTaJbdLZlovctJSB938ToH_IGcjobmaMwlbaalgjxN-vbjJJXAILPmbSYIRkbzGGt3RB13ytspBtnFVQjLSvBZO0R1pPdNWNWm_y-Eu6d-Q89UxSX6obXaCmLiJ6KuRuC9Co0v6-CLrIMx1N6X6NR5XJ5b9TmXveo2o0-5Q0HVOp6pS26O72tKsUh_dMZKM13d4r7UqRTSVKbFbqLWCkJe3BJf4uTdo7_ft-t5w7wi8rbxtrN5i3MlV26SMBouYF7Ltp0p0lyTIiN24369hbjP31jp34DcQ9CqYNxpIvnF_mwQ-ImOYPPMAE5YOkj8gE4AQDiAWGsK3jTZIFCwgiEAIYAUiRlJwCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfypajeAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEJX1Ehi916uCAtIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYhPHAoOvOgwOACgPICwGiDAgqBgoEu7uxAuINEwjkqcGg686DAxUQw7sIHfLsC0KwE6L8gRbIE-f3nuQD2BMKiBQC2BQB0BUBgBcBshceChwIABIUcHViLTk1ODgyMDUxNTAyNTQ0OTUY-oZ-6BcF&sigh=zcBVI-JgFn0&cmd=Ch1jYS12aWRlby1wdWItMjY1Mjc3ODkyMzM3NDAxMxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSOwAvHhf_xRGN5eAb3DrfyrzhL47siwyvUrZmF7V5ggJ0K0GyzbGcrkpcGL4dPYbKZRhenUxyZb1_j28KGAE&vt=10&sdkv=h.3.609.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2ODU1MjU2NDk3NTBAzQMKXAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzU1MTkwOTMyCTIwNzkyOTEwOUCKAVIhCOgeEA8lAACAQSgBOgs1NDE3ODA5MjUtMUIER0RCTVAAGAE.
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ 0
45 B 20ms
20ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lr5htxbj&c=5426168609268&slotId=2713084304634&eee=missing-element&bi=missing-id&faa=1&fas=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

file.mp4
r5---sn-5hne6nsy.c.2mdn.net/videoplayback/id/e68fb302f1d46ac5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736288850/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/e68fb302f1d46ac5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736288850/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r5---sn-5hne6nsy.c.2mdn.net/videoplayback/id/e68fb302f1d46ac5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736288850/sparams/acao,ctier,expire,id,ip,ipbits,itag...

8 MB
8 MB

109ms
19ms

Media
video/mp4

2a00:1450:400e:7::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hne6nsy.c.2mdn.net/videoplayback/id/e68fb302f1d46ac5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736288850/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8300694E5684E3B499A956D8AD47DDF7028F7313.08DC881E24A56EA91B78AB5BC1BCD25A1314AAE1/key/cms1/cms_redirect/yes/mh/wW/mip/2a00:1630:2:608::3/mm/42/mn/sn-5hne6nsy/ms/onc/mt/1704752208/mv/u/mvi/5/pl/32/file/file.mp4

Requested by

Host: ngplus.com.br
URL: https://ngplus.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:400e:7::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:27:30 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Dec 2023 22:10:29 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-8300831/8300832
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 8300832
Expires: Mon, 08 Jan 2024 22:27:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-5hne6nsy.c.2mdn.net/videoplayback/id/e68fb302f1d46ac5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736288850/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8300694E5684E3B499A956D8AD47DDF7028F7313.08DC881E24A56EA91B78AB5BC1BCD25A1314AAE1/key/cms1/cms_redirect/yes/mh/wW/mip/2a00:1630:2:608::3/mm/42/mn/sn-5hne6nsy/ms/onc/mt/1704752208/mv/u/mvi/5/pl/32/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 647
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.12.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame C4BC 169 KB
50 KB 82ms
32ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBC) /
Resource Hash: f6246ebe302e91d6fb04472e2b5e7aa5b75bf992fb24cbfa3a7c5b5a7bb6a037

Request headers

Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
Origin: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: gzip
last-modified: Fri, 05 Jan 2024 21:15:30 GMT
server: ECS (amb/6BBC)
age: 349
etag: "65987172-2a507+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 51154
expires: Mon, 08 Jan 2024 22:37:30 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame C4BC 43 B
170 B 122ms
29ms Image
image/gif 157.90.6.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=c9789d487dfa501a654f4c355ca237cf&__adt=8240604126931135917&__ade=1&vid=5109923136609986189
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.6.85 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.85.6.90.157.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame C4BC 56 KB
15 KB 17ms
17ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9B) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (amb/6B9B)
age: 548
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Mon, 08 Jan 2024 22:37:30 GMT

GET
H3

200

B29233589.357507735;dc_pre=CJf44qDrzoMDFbGXgwcdAukEcA;dc_trk_aid=548521546;dc_trk_cid=185788965;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704752850588
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame C4BC
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357507735;dc_trk_aid=548521546;dc_trk_cid=185788965;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17047528...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357507735;dc_pre=CJf44qDrzoMDFbGXgwcdAukEcA;dc_trk_aid=548521546;dc_trk_cid=185788965;dc_lat=;dc_rdid=;tag_for_chil...

43 B
64 B

42ms
42ms

Image
image/gif

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357507735;dc_pre=CJf44qDrzoMDFbGXgwcdAukEcA;dc_trk_aid=548521546;dc_trk_cid=185788965;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704752850588

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357507735;dc_pre=CJf44qDrzoMDFbGXgwcdAukEcA;dc_trk_aid=548521546;dc_trk_cid=185788965;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704752850588
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C4BC 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame C4BC 33 KB
33 KB 53ms
18ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
Origin: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (amb/6BB1)
age: 127
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Mon, 08 Jan 2024 22:37:30 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame C4BC 286 B
565 B 17ms
17ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9E) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 85760
x-amz-request-id: YVXQJT65QVQKFP52
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: VC3ClOCHr18hjpOWzO84W7qezCZG6B0P14PL+NSQCJiAc8DUPkMWIQ8VHysbIYdIGoWBmKlErjg=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (amb/6B9E)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 09 Jan 2024 22:27:30 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame C4BC 470 KB
470 KB 70ms
36ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
Origin: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 23558
x-amz-request-id: FVHAQMHSZPCM19QV
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: F8UQE5G8TrxpJ8MdJWl1/2BUui75NxNcrfdqdn4m9nWG2LAkmAhcm7kYxVindMFVWjuwwanmANU=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (amb/6BB1)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 09 Jan 2024 22:27:30 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame C4BC 13 KB
13 KB 71ms
52ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B88) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
Origin: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 16549
x-amz-request-id: FMY4C4NSKGSPDHN8
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: v0whaWdOSITRUh4was4icQojhP4NjxGUYnFN5RC/OKmzVhPkPEwefLLFxb50j0tSNVgzNbBuOAo=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (amb/6B88)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 09 Jan 2024 22:27:30 GMT

GET
H2 200 document.000000E8EA2350.js Show response
c.bannerflow.net/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/4736204/6800456/ Frame 8262 39 KB
7 KB 27ms
27ms Script
application/javascript 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/4736204/6800456/document.000000E8EA2350.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6130c86b00c787e1d6076f86?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=https%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_8725b_1238c_%26affid%3D2566%26siteid%3D8725%26adid%3D1238%26c%3DCM_BR_SB_BA_BETANO_NGPLUS%26MediaID%3D2693%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fngplus.com.br%252F%26asclurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77ddb6412e408862a12051b2accb796404fcb1401c7e737ccd7cd7d329becb58

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 0N5c7CT1kv9VX+4s7JDrLw==
age: 9569
cf-polished: origSize=44524
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 19 Jul 2023 13:59:42 GMT
server: cloudflare
etag: W/"0x8DB886066BDB32C"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 171b1160-401e-002e-3b6b-4287c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 8427de458e661e81-AMS

GET
H2 200 animated-creative.80566aad0db45ccaad54.js Show response
c.bannerflow.net/scripts/ Frame 8262 155 KB
53 KB 30ms
30ms Script
application/javascript 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.80566aad0db45ccaad54.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6130c86b00c787e1d6076f86?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=https%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_8725b_1238c_%26affid%3D2566%26siteid%3D8725%26adid%3D1238%26c%3DCM_BR_SB_BA_BETANO_NGPLUS%26MediaID%3D2693%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fngplus.com.br%252F%26asclurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be721fab17ac58de873aa54537193d60b334335491a6a1faa222f2f57be1fd87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 2kMvAV2hMYY9VqrcIU1JyA==
age: 1984247
cf-polished: origSize=159295
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 12:51:30 GMT
server: cloudflare
etag: W/"0x8DB7D568DE6300D"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 315fdcd7-901e-0002-5675-306b6b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 8427de458e681e81-AMS

GET
H2 200 212609810_uc
cdn.revjet.com/s3/csp/1702542873206/ Frame C4BC 78 KB
78 KB 17ms
17ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1702542873206/212609810_uc
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B75) /
Resource Hash: a93cba72f86d219bab98331c28c6aacf6f1f4804e3941ec7d4f090d51d9c12bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
x-amz-version-id: ZrWE5QbYenj7NvB9AemYYA0uq8LYJ4Ad
age: 81332
x-amz-request-id: VTGHA73RWRMNZPQE
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 79399
x-amz-id-2: 3N39LyAw8kUkU9qKw6Oq6UntP8qM6bSv1S2T1eBqVK4qmRZn/qrjEaEkqAS1kbhLiOteyW1GctE=
last-modified: Thu, 14 Dec 2023 08:34:34 GMT
server: ECS (amb/6B75)
etag: "0fddab6e284c55c872b2488430debbf4"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 09 Jan 2024 22:27:30 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame C4BC 43 B
169 B 29ms
29ms Image
image/gif 157.90.6.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=c9789d487dfa501a654f4c355ca237cf&__adt=8240604126931135917&__ade=1&vid=5109923136609986189&__clstampdif=156&__stamp=1704752850835
Requested by: Host: c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
URL: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.6.85 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.85.6.90.157.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame C4BC 3 KB
2 KB 19ms
19ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B89) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 58897
x-amz-request-id: 498G97ZNSGHKMEKR
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: 3PGZVf9V6lmBThYnUTbnMcOEIKIh6e3xI4IKkX67tkH1oiSv9BGnz1bLzTWgBLSIFZaVd5R4Jrk=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6B89)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 09 Jan 2024 22:27:30 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame C4BC 632 B
651 B 18ms
18ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 84672
x-amz-request-id: RN5RY2NRJRDSWQ0M
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: 7FT0nhBkvM40wbGC1qMkB+rfLwHemr7xoO52SOMim4pDk8QyRpxkQAlXqZQrxYealLn+wO47+S8=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6BBA)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 09 Jan 2024 22:27:30 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame C4BC 7 KB
4 KB 17ms
17ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: ngplus.com.br
URL: https://ngplus.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:30 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 85761
x-amz-request-id: YZJEE802VB6KED3H
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: Z1LLrZDbbjyYWPSer88faB7oXeWPnabuz5u3XU7PeR0DD2kgwl1Ug/lqMUHJ0DNUC4RSgASJayY=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (amb/6B72)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 09 Jan 2024 22:27:30 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 3294 0
17 B 20ms
20ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lr5hty22&c=5426168609268&slotId=2713084304634&qqid=COyewqDrzoMDFRDDuwgd8uwLQg&gqid=0nacZZWeCZa99u8Ptvqt2AU&fb=ima_html5-lima&sdkv=h.3.609.1&mrd=4&aab=1&itv=1&gpm_i=12&gpm_c=12&gpm_a=11&smb=Infinity&br=3944&mt=video%2Fmp4&vs=1920x1080&ua_e=1&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=37&vsrc=web_video_ads
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8262 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 6b66aefa-462c-4988-9f69-2eb21c74f9e6 Show response
https://gml-grp.com/ Frame D072 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gml-grp.com/6b66aefa-462c-4988-9f69-2eb21c74f9e6
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.80566aad0db45ccaad54.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 8262 4 KB
5 KB 69ms
32ms Font
font/woff 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F0fcf3ee0-e29b-498e-b3fc-3d4b5e5431f0.woff&t=%20%24-05ABCDEGHILMNOPRSTUVX%C3%81%C3%87%C3%89%C3%94%C3%95%CC%81%CC%82%CC%83%CC%A7
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_8725b_1238c_&affid=2566&siteid=8725&adid=1238&c=CM_BR_SB_BA_BETANO_NGPLUS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63e57f314a85925e51293fa936ce0841bc0b060fcc6bc71fb667f592dc904cd5

Request headers

Referer: https://gml-grp.com/
Origin: https://gml-grp.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 23:23:30 GMT
server: cloudflare
age: 2934241
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=0fcf3ee0-e29b-498e-b3fc-3d4b5e5431f0-subset.woff
cf-ray: 8427de46d8c50b7c-AMS
expires: Wed, 04 Dec 2024 23:23:30 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 8262 4 KB
4 KB 39ms
39ms Font
font/woff 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2Ff6b54cd1-3526-4f88-b502-c43fefc81916.woff&t=%20ABCDEFGINOPQRSTUV%C3%8A%CC%82
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_8725b_1238c_&affid=2566&siteid=8725&adid=1238&c=CM_BR_SB_BA_BETANO_NGPLUS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a46fd2b6ab24a0332ca0e21d82ddfb0023695ade571fe3230962d84e5df0b4

Request headers

Referer: https://gml-grp.com/
Origin: https://gml-grp.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 00:18:33 GMT
server: cloudflare
age: 3017338
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=f6b54cd1-3526-4f88-b502-c43fefc81916-subset.woff
cf-ray: 8427de47191a0b7c-AMS
expires: Wed, 04 Dec 2024 00:18:33 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 91ms
90ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4954140f02f45363ef8c95f97fdce03cfd2824d19eea3769b46e0f1be06e80e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12319
x-xss-protection: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3294 42 B
64 B 78ms
78ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDClw0nacZeztCpCG7_UP8tmvkATog6jydJvRkPKhEu2O_MIDEAEgzYbYnwFgkYSghYwYyAEFqQKHoCQ3TGKyPqgDAcgDE5gEAKoE8wJP0Pz83gfeliVGCsoxx845rDAG3p_qfdQxFEVwSgmTJnhD-PsO939dQcRdy9nc30mk1RouiHJJ4aGinXuGDj0C6BaKFZE7X8-7zGBsRjDosz-VOXYpf86eWces6FDZUikuxQ1YzgWsW_d_XHdz0tyFjpkV_LQZxAEq7OmbY3mdiILkQjwZ5A_LHTaJbdLZlovctJSB938ToH_IGcjobmaMwlbaalgjxN-vbjJJXAILPmbSYIRkbzGGt3RB13ytspBtnFVQjLSvBZO0R1pPdNWNWm_y-Eu6d-Q89UxSX6obXaCmLiJ6KuRuC9Co0v6-CLrIMx1N6X6NR5XJ5b9TmXveo2o0-5Q0HVOp6pS26O72tKsUh_dMZKM13d4r7UqRTSVKbFbqLWCkJe3BJf4uTdo7pfr8Sg-xjL2j98IYhkGrjNMRaqU1YXs3Lw5p9JehwBs6gYmy2RvkCNLblnhYk6O-riQi6oqlMZ6VcCNuipICD11UA8AE5YOkj8gE4AQDiAWGsK3jTZAGAaAGdoAH8qWo3gKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliE8cCg686DA4AKA8gLAeALAYAMAaIMCCoGCgS7u7ECqg0CTkziDRMI5KnBoOvOgwMVEMO7CB3y7AtCsBOi_IEWyBPn957kA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=HiD_dGJPhZ8&label=video_ad_loaded&sdkv=h.3.609.1&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2ODU1MjU2NDk3NTBAzQNaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KeQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzU1MTkwOTMyCTIwNzkyOTEwOUCKAVIhCOgeEA8lAACAQSgBOgs1NDE3ODA5MjUtMUIER0RCTVAAWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 3294 41 KB
15 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 589760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 02:38:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3294 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

B31170110.383801897;dc_pre=CNOM-aDrzoMDFVHIuwgdvlsGmA;dc_trk_aid=574930741;dc_trk_cid=206977697;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_...
ad.doubleclick.net/ddm/trackimp/N266802.4619367MATTERKINDDV360/ Frame 3294
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N266802.4619367MATTERKINDDV360/B31170110.383801897;dc_trk_aid=574930741;dc_trk_cid=206977697;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
https://ad.doubleclick.net/ddm/trackimp/N266802.4619367MATTERKINDDV360/B31170110.383801897;dc_pre=CNOM-aDrzoMDFVHIuwgdvlsGmA;dc_trk_aid=574930741;dc_trk_cid=206977697;ord=[timestamp];dc_lat=;dc_rdi...

42 B
63 B

56ms
56ms

Image
image/gif

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N266802.4619367MATTERKINDDV360/B31170110.383801897;dc_pre=CNOM-aDrzoMDFVHIuwgdvlsGmA;dc_trk_aid=574930741;dc_trk_cid=206977697;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?

Protocol

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N266802.4619367MATTERKINDDV360/B31170110.383801897;dc_pre=CNOM-aDrzoMDFVHIuwgdvlsGmA;dc_trk_aid=574930741;dc_trk_cid=206977697;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3294 0
557 B 201ms
79ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskMBojgANeT9Md2GaS5fd7G4TqTXSSKUr46I3tGe9xw9PL1zSxuwzm4-SJZ6ZgqO7-PCDXhLPGYGewmw2FNmYcHB7vWJjqgFDDUgOTEnni9gObzjIH1-I-qy6WaBT3BWFcgLfegZNVDsHShLg7i1h6Ni-phDu-9x3vOumlb3iaRrYiOasToElIdHgPQFxJamsyduqJdhsoBbp4DvYIrSP7rspecPMQ0uLlXcEXkp5KA3zaGDaE_TcTj7XBiz4Z7LEy9G3nJkeV27MzA9JjYk_zxSfhPwCiXLAS3_uS-_qk6IOJeHIXV_T0UXXg_knSZvsALMrGGQrdKdvwvSdN3GXtr8_UfRIYctW3aUiEGdBb_nOTIfbwRtmUC-55l5k7DuD2O-g8sZWqvNucERF9T_eqtCtNa5-si5J8WNUn21kzqLKeN52hmvG2yWObH-jH5EOIHBpcTokH0Gj57XCND5YF7wjB9C9tMtWBk6SJfnjQICOUEF0xl27tFfBZrT0377RkM-kGehg_HfTodCPQDdEHA1SOoh7QoGyijyLEReEE0mSLZZzqEZl_IVT3oyCFIIq5q73-Ma59DJ_f1rkSFgKxAfDhj0GcN7x-aahq9cvzkvhQVq__0PKvHaMRaGM_JS3Ts-YQOHwNZkDaJKfXGkjqIetoSyjJQPizColJfneuzmYPVhLPdZG9wYnYOVjxrtHTqzj7cVVOVg8AVzi406QKLbzZJ59CIHNq8afpLV4Gi5tqnksxNHk74-y45bQaKUXfnHe8smDaf30dacx9Fv5y1I9M2KYJx8OhCVtfwJmlvdS8ib-wDejSVabdSkXR-Zl6CYkriKRnKEXLxh3s-artv4x57R_YmE89SSSyqpj9rUTAfgPWlZeEI0z__WiFoTsUdXnaxXsaqVEzFU1m-p-MKubPTJ6ckCwoNdf9VEln-kJHB7sI2u2-4hSilyNA-uL4o5kOTBBliWTQBbiMuxswxdJEfnCoOHZyU7zwvJ7ThLa5DdUvvncIVHMNdGyPJZZDd_gA55PW4tfeyNO9P7hApbSizdkf6wCB_rvMM0FdooITKcOrv0PfWzh8IdL--70A78Ia_wjG5OZABWEJ1JmzlCCrZY2CAmC_WZVlCcz3Xzhi2r24AH5DIrtOeuOLzfIC1CeDUjy01qJAzx2SWtZqv4TZSpEKaacgDYxQVhvgwWcWbSMkRRm7VoFDCYNpwXgC_S_8gyzpfO9okzySG7fxc9xTVQBEW8ZbKSn_mH6YLx99x1oDDlAtOW7N23ZR9KSN230cFxZdFGg2gD6j9aVnMmc_wj-ygVpBWuMEK0xLzz0LjdTzP-dxFVDmKw0y2DphXl63BL-XZYNh3AIZA5ue1mNqci2QFZBgekfDb0jQVjNFt6vaMJ0c50RMCvhEkDNdwRGaftQG7w3J-4I116-MEzQ4E0_yC9jnFXqC4klw2snzJ1Q-ihrs6ZVYNhdwT5imTxi4PEHsQ-Yw0_ZzbLenTsrC2Dy1FPdF_JDAE__EEQ8kajab9H2Gf2SUIDI5Xa8eRzvBb5z9B8pu-w53&sai=AMfl-YSj1ZBVN8Xx-nLALw0gs1T8f7n0U0jxx8cmU6BVe2jh0Q6hlqS5OYqjJUvfKolJFwy025gAZpqh5F8OjPa-x-PPaCMlsqpyeqSK1cAdbYQHIapzMPx4-M5oJbU61lwdjFKVVTMsTkzS_Z9yXlluXtXB88USs6AJicBKYL07-2u9G8X_yOJrKYMw0nyPMVy234lJt8Pli9eVrZnIlMwzYUzOzsnY8tFfahv0VrcxSXd7dal3KNNSzmH39yiwAZBvXAGFZ_C8GoCTU8OKumhV1vbMSas1Aig&sig=Cg0ArKJSzFF-4g6yqrrAEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&sdkv=h.3.609.1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 3294 0
0 83ms
82ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPn5q8CENX9mt8CGL3Xq4ICIAEwAQ&v=APEucNVXWGIJSlycfDLNmr-Pt14MnHWc_EXk80H7AVsrA6lWDqtRz7ZBCNm7h4W7d0cR8khg9aFBxoY_5_D_Uv0XYMpquSbjlA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3294 42 B
64 B 80ms
79ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDClw0nacZeztCpCG7_UP8tmvkATog6jydJvRkPKhEu2O_MIDEAEgzYbYnwFgkYSghYwYyAEFqQKHoCQ3TGKyPqgDAcgDE5gEAKoE8wJP0Pz83gfeliVGCsoxx845rDAG3p_qfdQxFEVwSgmTJnhD-PsO939dQcRdy9nc30mk1RouiHJJ4aGinXuGDj0C6BaKFZE7X8-7zGBsRjDosz-VOXYpf86eWces6FDZUikuxQ1YzgWsW_d_XHdz0tyFjpkV_LQZxAEq7OmbY3mdiILkQjwZ5A_LHTaJbdLZlovctJSB938ToH_IGcjobmaMwlbaalgjxN-vbjJJXAILPmbSYIRkbzGGt3RB13ytspBtnFVQjLSvBZO0R1pPdNWNWm_y-Eu6d-Q89UxSX6obXaCmLiJ6KuRuC9Co0v6-CLrIMx1N6X6NR5XJ5b9TmXveo2o0-5Q0HVOp6pS26O72tKsUh_dMZKM13d4r7UqRTSVKbFbqLWCkJe3BJf4uTdo7pfr8Sg-xjL2j98IYhkGrjNMRaqU1YXs3Lw5p9JehwBs6gYmy2RvkCNLblnhYk6O-riQi6oqlMZ6VcCNuipICD11UA8AE5YOkj8gE4AQDiAWGsK3jTZAGAaAGdoAH8qWo3gKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliE8cCg686DA4AKA8gLAeALAYAMAaIMCCoGCgS7u7ECqg0CTkziDRMI5KnBoOvOgwMVEMO7CB3y7AtCsBOi_IEWyBPn957kA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=HiD_dGJPhZ8&label=vast_creativeview&ad_mt=0&sdkv=h.3.609.1&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2ODU1MjU2NDk3NTBAzQNaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KfAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzU1MTkwOTMyCTIwNzkyOTEwOUCKAVIkCOgeEA8lAACAQSgBOgs1NDE3ODA5MjUtMUIER0RCTUi6A1AAWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI1PjYoOvOgwMVFlMdCR018gMxEAAYACCV_pJjOhoI1f2a3wIQ5YOkj8gEGOf3nuQDIJvRkPKhEkITCOyewqDrzoMDFRDDuwgd8uwLQg;dc_rmcid=CAQSOwAvHhf_xRGN5eAb3DrfyrzhL47siwyvUrZmF7V5ggJ0K0GyzbGcrkpcGL4dPYbKZRhenUx...
ade.googlesyndication.com/ddm/activity/ Frame 3294 42 B
401 B 228ms
89ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1PjYoOvOgwMVFlMdCR018gMxEAAYACCV_pJjOhoI1f2a3wIQ5YOkj8gEGOf3nuQDIJvRkPKhEkITCOyewqDrzoMDFRDDuwgd8uwLQg;dc_rmcid=CAQSOwAvHhf_xRGN5eAb3DrfyrzhL47siwyvUrZmF7V5ggJ0K0GyzbGcrkpcGL4dPYbKZRhenUxyZb1_j28KGAE;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOliE8cCg686DAw;met=1;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3294 42 B
64 B 79ms
78ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDClw0nacZeztCpCG7_UP8tmvkATog6jydJvRkPKhEu2O_MIDEAEgzYbYnwFgkYSghYwYyAEFqQKHoCQ3TGKyPqgDAcgDE5gEAKoE8wJP0Pz83gfeliVGCsoxx845rDAG3p_qfdQxFEVwSgmTJnhD-PsO939dQcRdy9nc30mk1RouiHJJ4aGinXuGDj0C6BaKFZE7X8-7zGBsRjDosz-VOXYpf86eWces6FDZUikuxQ1YzgWsW_d_XHdz0tyFjpkV_LQZxAEq7OmbY3mdiILkQjwZ5A_LHTaJbdLZlovctJSB938ToH_IGcjobmaMwlbaalgjxN-vbjJJXAILPmbSYIRkbzGGt3RB13ytspBtnFVQjLSvBZO0R1pPdNWNWm_y-Eu6d-Q89UxSX6obXaCmLiJ6KuRuC9Co0v6-CLrIMx1N6X6NR5XJ5b9TmXveo2o0-5Q0HVOp6pS26O72tKsUh_dMZKM13d4r7UqRTSVKbFbqLWCkJe3BJf4uTdo7pfr8Sg-xjL2j98IYhkGrjNMRaqU1YXs3Lw5p9JehwBs6gYmy2RvkCNLblnhYk6O-riQi6oqlMZ6VcCNuipICD11UA8AE5YOkj8gE4AQDiAWGsK3jTZAGAaAGdoAH8qWo3gKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliE8cCg686DA4AKA8gLAeALAYAMAaIMCCoGCgS7u7ECqg0CTkziDRMI5KnBoOvOgwMVEMO7CB3y7AtCsBOi_IEWyBPn957kA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=HiD_dGJPhZ8&label=part2viewed&ad_mt=0&sdkv=h.3.609.1&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2ODU1MjU2NDk3NTBAzQNaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KfAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzU1MTkwOTMyCTIwNzkyOTEwOUCKAVIkCOgeEA8lAACAQSgBOgs1NDE3ODA5MjUtMUIER0RCTUi6A1AAWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI1PjYoOvOgwMVFlMdCR018gMxEAAYACCV_pJjOhoI1f2a3wIQ5YOkj8gEGOf3nuQDIJvRkPKhEkITCOyewqDrzoMDFRDDuwgd8uwLQg;dc_rmcid=CAQSOwAvHhf_xRGN5eAb3DrfyrzhL47siwyvUrZmF7V5ggJ0K0GyzbGcrkpcGL4dPYbKZRhenUx...
ade.googlesyndication.com/ddm/activity/ Frame 3294 42 B
107 B 229ms
90ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3294 42 B
64 B 82ms
82ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDClw0nacZeztCpCG7_UP8tmvkATog6jydJvRkPKhEu2O_MIDEAEgzYbYnwFgkYSghYwYyAEFqQKHoCQ3TGKyPqgDAcgDE5gEAKoE8wJP0Pz83gfeliVGCsoxx845rDAG3p_qfdQxFEVwSgmTJnhD-PsO939dQcRdy9nc30mk1RouiHJJ4aGinXuGDj0C6BaKFZE7X8-7zGBsRjDosz-VOXYpf86eWces6FDZUikuxQ1YzgWsW_d_XHdz0tyFjpkV_LQZxAEq7OmbY3mdiILkQjwZ5A_LHTaJbdLZlovctJSB938ToH_IGcjobmaMwlbaalgjxN-vbjJJXAILPmbSYIRkbzGGt3RB13ytspBtnFVQjLSvBZO0R1pPdNWNWm_y-Eu6d-Q89UxSX6obXaCmLiJ6KuRuC9Co0v6-CLrIMx1N6X6NR5XJ5b9TmXveo2o0-5Q0HVOp6pS26O72tKsUh_dMZKM13d4r7UqRTSVKbFbqLWCkJe3BJf4uTdo7pfr8Sg-xjL2j98IYhkGrjNMRaqU1YXs3Lw5p9JehwBs6gYmy2RvkCNLblnhYk6O-riQi6oqlMZ6VcCNuipICD11UA8AE5YOkj8gE4AQDiAWGsK3jTZAGAaAGdoAH8qWo3gKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliE8cCg686DA4AKA8gLAeALAYAMAaIMCCoGCgS7u7ECqg0CTkziDRMI5KnBoOvOgwMVEMO7CB3y7AtCsBOi_IEWyBPn957kA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=HiD_dGJPhZ8&label=admute&ad_mt=0&sdkv=h.3.609.1&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2ODU1MjU2NDk3NTBAzQNaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KfAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzU1MTkwOTMyCTIwNzkyOTEwOUCKAVIkCOgeEA8lAACAQSgBOgs1NDE3ODA5MjUtMUIER0RCTUi6A1AAWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 9061 6 KB
6 KB 121ms
120ms Image
image/webp 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F1c779fa1-3947-4668-922c-faa5dcb06e77.png&w=300&h=250&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e715e05eeebd48d7746dbc6288c770bae7a13990d405dc29dd8963f55575f3f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 22:27:31 GMT
api-supported-versions: 2.0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 8427de476f881e81-AMS
content-length: 5668
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 9061 14 KB
14 KB 129ms
128ms Image
image/webp 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F32cebf57-a025-409e-95a6-f8d53c377ca7.png&w=407&h=387&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f43d3c91095b5998ed5a1c905437fbf346076c3034853cc123d4fb1a758b3c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 22:27:31 GMT
api-supported-versions: 2.0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 8427de476f891e81-AMS
content-length: 14750
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 9061 12 KB
12 KB 102ms
101ms Image
image/webp 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F800843e0-fd2d-483d-81b8-f3903f6574ff.png&w=373&h=243&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a515819e1fcdff4aaa182a88552e995b5e9db7ec352961d7effba00ae764713

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 22:27:31 GMT
api-supported-versions: 2.0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 8427de476f8a1e81-AMS
content-length: 12634
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 9061 8 KB
8 KB 142ms
141ms Image
image/webp 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F32cebf57-a025-409e-95a6-f8d53c377ca7.png&w=295&h=421&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42fec635cb438461f81520b5114d561016ea0d8b37727329e656102e8e775a9d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 22:27:31 GMT
api-supported-versions: 2.0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 8427de476f8b1e81-AMS
content-length: 8138
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 9061 324 B
550 B 41ms
41ms Image
image/webp 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F96b0ca2e-f33f-49c5-9a20-a8fd6f9cc508.png&w=177&h=39&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dadc69ce42a1c555bd4044037897b660253eaa3eec11d98560eb64f0aebf28f2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 19:48:02 GMT
api-supported-versions: 2.0
server: cloudflare
age: 9569
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 8427de476f8c1e81-AMS
content-length: 324
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 9061 11 KB
11 KB 122ms
121ms Image
image/webp 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F66b925eb-04b0-4f3f-8ceb-2ed2c8380bc6.png&w=412&h=325&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2fcb3f45e9bc8e96de76f670a1cc1a3de59f7556d6db9118090a14e00f0a77c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 22:27:31 GMT
api-supported-versions: 2.0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 8427de476f8d1e81-AMS
content-length: 10988
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 9061 1 KB
2 KB 65ms
64ms Image
image/webp 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fe30d932a-c43d-40b9-9f60-644ba1963d97.png&w=131&h=15&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86cc38e0e62e4be679d8da3c504216ce4ba91a5f6779d4813a30404ad0ff97ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 22:27:31 GMT
api-supported-versions: 2.0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 8427de476f8e1e81-AMS
content-length: 1488
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 9061 5 KB
5 KB 97ms
97ms Image
image/webp 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fe86d0a9a-daa1-4026-be54-bd7568a770f0.png&w=121&h=39&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e48e12ab55c07ac186298422c5e10139c61cf544c89f3b0b7e955dd3485ed99

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 22:27:31 GMT
api-supported-versions: 2.0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 8427de476f8f1e81-AMS
content-length: 4686
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 9061 3 KB
3 KB 47ms
46ms Image
image/webp 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fe86d0a9a-daa1-4026-be54-bd7568a770f0.png&w=80&h=26&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc731561f1e96e35874623df6437a97b3f3d38aaa187ea11119c89de932e09e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 19:48:02 GMT
api-supported-versions: 2.0
server: cloudflare
age: 9569
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 8427de476f901e81-AMS
content-length: 2870
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 03B0 23 KB
8 KB 62ms
62ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 553677
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 12:39:34 GMT
expires: Wed, 01 Jan 2025 12:39:34 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1fb45c0b1f2a4137b9b8d5cbf77fef78.jpg
img01.ztat.net/article/spp-media-p1/73323a4af50a4bd8ac1a33c1bebab231/ Frame C4BC 6 KB
6 KB 116ms
28ms Image
image/webp 2600:9000:2440:7400:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/73323a4af50a4bd8ac1a33c1bebab231/1fb45c0b1f2a4137b9b8d5cbf77fef78.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2440:7400:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Skipper /
Resource Hash: 94d06460a0f1b204d27fe66adf65cc33b417024ff24670cfeda5c551c4380f2f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 23:00:04 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
server: Skipper
age: 689247
x-amz-cf-pop: DUS51-P3
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: lIt9-npyYFGfnUNUCyRI9kgytenL1XnmRH-XTNe8v3onZXXjGDDSLg==

GET
H2 200 bf8283ab012949c5b0a66305ef3ff24c.jpg
img01.ztat.net/article/spp-media-p1/1eb280a6d92043ad8cb6ae11f72e9c7a/ Frame C4BC 3 KB
4 KB 120ms
31ms Image
image/webp 2600:9000:2440:7400:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/1eb280a6d92043ad8cb6ae11f72e9c7a/bf8283ab012949c5b0a66305ef3ff24c.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2440:7400:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Skipper /
Resource Hash: a04e664bb59ecdc5013690bc724d7b53bf44e501bf0c913319a857427fc1f6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 23:00:06 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
server: Skipper
age: 689245
x-amz-cf-pop: DUS51-P3
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dMi9ynV6QR67-bHnN-eandgliSvwJc2a4caAXpm0Elh8g2K6Jr4TOQ==

GET
H2 200 f55d43428c6c4304967900f801e48af0.jpg
img01.ztat.net/article/spp-media-p1/ecef2213684143f49e633efa69311d15/ Frame C4BC 8 KB
9 KB 118ms
30ms Image
image/webp 2600:9000:2440:7400:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/ecef2213684143f49e633efa69311d15/f55d43428c6c4304967900f801e48af0.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2440:7400:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85b778abaa70fc56481136c70b23736b8d9e5cf303e9cc7e17444007eb86baaa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 23:00:02 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
age: 689250
x-amz-cf-pop: DUS51-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8582
x-amz-expiration: expiry-date="Fri, 02 Feb 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Tue, 24 Oct 2023 20:44:31 GMT
server: AmazonS3
etag: "7d3d596ec4909db1ed3447fbb532ba7b"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: u4F4BQIX7b9ua6bcYi-pTggscd_IgHV0hhH7zVQ-L1av3m3IV1mKDg==

GET
H2 200 4c58b373c55544228abe6b4b3bb565dd.jpg
img01.ztat.net/article/spp-media-p1/da231788bcc3488e9c579f31d591177b/ Frame C4BC 6 KB
6 KB 122ms
33ms Image
image/webp 2600:9000:2440:7400:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/da231788bcc3488e9c579f31d591177b/4c58b373c55544228abe6b4b3bb565dd.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2440:7400:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbccb3f4604f60570a0ba26a8113cbe80e64dee8cd3597f989ab7a49c11d43c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 23:00:04 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
age: 689248
x-amz-cf-pop: DUS51-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6090
x-amz-expiration: expiry-date="Sun, 04 Feb 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Thu, 26 Oct 2023 13:57:45 GMT
server: AmazonS3
etag: "958dfce5f63a8f418869e9fa0dd2b2a2"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: nFhbmd7GWtz6kc0cMII6TlOyirbhYPGYiFCqy_xGSap2EXkqkQbuOw==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 22:27:31 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 03B0 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 22:05:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 792A 13 KB
5 KB 49ms
49ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngplus.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:05:36 GMT
expires: Tue, 07 Jan 2025 22:05:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F981 829 B
1 KB 164ms
59ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ba5650b494497dd4e159b520d624a1dd467d7c9079bd53d1d959b1c8cc664999

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xCkUkOjz5T2msvckND6_OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ngplus.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xCkUkOjz5T2msvckND6_OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:27:31 GMT
expires: Mon, 08 Jan 2024 22:27:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DAFC 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstatIhi6OjBDP1OsKADjK0JzNohyu_iK1YaoyuImon1a3mhE_MJbr-EIDFzVYgTcRIukSy2OVGTdSZt5pJOWiXo48JENUENmEwfLCiQOiCzvin6xylf8wM2-UMbOjU0pcVLIhFVu1T5ktdHbTZtyUlowYoP&sai=AMfl-YRsJcVgiE1wLN6rYiBB71xlDz5O_6GbOiw2s1VlwpUP6BpPkR1H2IoS-Eh530Y6SRXxAtFJBm4NlCqcMTYlE_VU_kcOECLTLTKKcku-LS-PDVJ5vcAMdJruVnqmhZoTPTb3wsB4Fs1Iu3cmg_TD&sig=Cg0ArKJSzPA8uTFCcnjJEAE&cid=CAQSTgAvHhf_An3URQZBeKK934g99HZPs1lolYGGwTxryGTexXsImakAAQ-ud4i5tZa0ZM-py6-AedXNTUiLfFEEqvYEoT8fSP5xdH-HcQco1BgB&id=lidar2&mcvt=1022&p=901,315,1151,1285&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2010077148&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704752849845&rpt=367&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 792A 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 22:05:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 03B0 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.609.1&bgai=BAqjm0nacZdTHIZam9fgPteSPiAMAAAAAOAHgBAI&bg=!9fal9rnNAAY3kmNgF5I7ADQBe5WfOEbOWDEgfMX9Rqkfj1z-3pQgY262b1-ZNpQOXmBus3MZ2Z18xRxpzE5_7m4BPUR6AgAAAEVSAAAAAWgBBwoAekzrlAxooT8IpnUZyFF9LSEkp3kTdU1Ivsp0tkJXcYwhNPHld1vk6qyi457AVNT3uqTv-88-cNnywSKpgtrtlkVPu-8P4Npz70my_OGMxj52otbebn39KQ8UlUWt9EBnF_lHuN7mTmHqcT6YE2LseVLWt0cRot3nI8TzmQLZOQMhjdbGx08fhITPDlD7icoDnhACa35wPwYRtpYOYgolHvFdz3-Za31r7BwHMu1n5tOS1vVKVkbLzIqxFxZfilGuIrI07ScywC9AIk2E1VovLKCLRQ9bzkPJRyrgxy-lS2lrk3ZuHfHSOMDGkU0KkNEPPVXrJeoco8wfiK95ljkTSFbH-WvUGOr66rrOUW3B8mdkruGRALRZ1rUwFaPZJURMWoSTPN1hVEAWpUfnCdbrC02U1YFolPoWdpPPVSOzjcnJAcMqNI0gXUVBSR71qVaqMXQgNml3cD4HDgDmv4x0ESpuOdy4hduz8CTWjlN60K8JCqBZ2RBDY7b7AqGI4SMg6kg3JewrmVes2M-h0uOHGLNVMhO7yHKjh3Cae9kO2KJ4Tsab0q05iI6v0G3gIx4yP9FolvyOMJFWG92M3V7uZsSdEpvc9DTKlcX-0f8mURw2MHV5Ye5_oc-proLi7JwQY1ijDHWHEQFC_0sJrL91A5l9ElPnOujvoo22C92bAiq7vm-kpUIzfCBg2z1B0WebaTCaYJYJo0I2gbbLJqgzM0DNUgfdvZFHEro5CHyeY-qyaJq5D_uCRk4lhy2_lV8OjWXDiXmB3HVNWaueTE8zbbWbcvNcCaaj4CZpyAFZZ1_UXi8R2LaGjNz0q0uRYvN5h1348IJCgILIKwSHb8wMbOITSgDkPKbTbxDmNGG8Fmjhj5KBrYocnJqANCoH1x5lPgHgZwXykKEHTOV8bubc3xt1rD0eDUJgoJ5KWK-WYoy_toVia-UgOW4iv9EKCq0B62R4IhS8Lnh-OD1x15aKMyr5vm5FSMARVuvMx-W0DwWcsTMrZD6Y3V0WiS49Z0P-49uWTgDrBF57eOoIXmagE_Jnmrz1CnDMv75e7B7VecPKHHfNzabteB7Gln3JN1p6gRtcvjGZUPtF4lQHlG51Lkh8taRpvZUTM5qxWJaxmzFzmP9eTi3V

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 792A 0
10 B 49ms
49ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?egX_0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:27:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F981 0
0 58ms
57ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=3486561013196934&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

POST
H2 200 900
pix.revjet.com/interaction/ Frame C4BC 43 B
169 B 29ms
29ms Ping
image/gif 157.90.6.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.revjet.com/interaction/900?__ads=c9789d487dfa501a654f4c355ca237cf&vid=5109923136609986189&__adt=8240604126931135917&__ade=1&latent=0&vis_type=8&__stamp=1704752851802
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.6.85 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.85.6.90.157.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAFC 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2950077539937&version=m202309260101&ct=77&x=1&cor=16840073600821795000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
60ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=3486561013196934&bg=!q6ilqOfNAAY3kmNgF5I7ADQBe5WfOKJRhAMCNEogkkIoLQOZkqfkyxm7eCfgbdcnmpDd1MHW5LEHe-RcXYCm4lxFGPnTAgAAADhSAAAAA2gBB5kCvIGBjX8XzADfCL8cwAzApwaVmlzyCR1AjruxO4AMc34DaLvAABg7smkUio_X9mAiWdL-0N_D4L9mp6bZN2WqgqKttRImBhLIQZoNaDw-019G7zDwL4ipRTDqSVjs8DYpdbWlYO_53bZkGZZJ4y6y5y-4IGYBM-6sVkgsvZa78-3NkDkswks1fk6E5otJpPGPUOfUTtVEkfIFg1P_oxRu7jbYqfKezpoGNuWmSubXGAQ6XM-2Omo-fnTtxqIAkANicQOVO30qSALm86aMdLiu_XnDqopcJGl3lWsaSrNb6AUT2xpZAW2A8TWj8FKEE4JFF6e1nYGDIvB5WHpdcqKXRzcn9XCP1_3dzw-QwS8KUXb-GY3qxZQk5UxkAWE_BWoKBy-R4GJxJb87DU27VjOYQfObnm5hKEX325ZLlo0Dfd3fOys-49PMJrbWBMESAs97UmUNE6-brLe7jNfPVU9jZ_P8hnbtSnsIrcApQXFwhkBMb5GbqvVzMsJ4sP5WGUPAR8fxr3ybT3x9TO6r5L7osL0dkupFqJ4Cyc-dzWxJf8mZGoHpueMeSweaJPnUs59Aot1YiUC_WnNuH3tZLKBLQXFFBr7kHtCpj0F4alYwKSxWr3oSJlO_Y4dkow_mxsZHyT9slRd8Y3uuejNN4ZX_hNPL5Wwd1sA0EcnJhVPdXp7G64VbAqPA5QXxlMec07OFlUelxOoyH17-0awV7fS_taWtPBZdMhWCDQ_43hIt1kUNvYwnsR4ixA7WoDrvE6plw4nG33sRDeuMgJ1psjk0W1DHEyD_fV7rYk0H3YPdRw8BXVypf6PAcFnQv0boIAFe7nP1pIcqF5Nm8ORsMlsXIwiJHqYUKg-8Z4kUCeQfsExriIOSYghobskk5OvHtDAq5cMb7MKKdnlgydc6__9HzB9VsC91cSrkYZF-nNs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 21ms
21ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~lr5hty2k&c=5426168609268&slotId=2713084304634&met.4=hvd_lc.lr5hty2j~hvd_src.lr5hty2j&ps=400x225
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ngplus.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 21ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YXW4YB0LQF&gtm=45Pe4130v892713658&_p=1704752849360&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1538086108.1704752849&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1704752849&sct=1&seg=0&dl=https%3A%2F%2Fngplus.com.br%2F&dt=NG%2B%20-%20A%20casa%20dos%20reviews&_s=2&tfd=8457
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-M3L6M9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ngplus.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ngplus.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ Frame 4E61 0
17 B 21ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-45M1DQFW2B&gtm=45je4130v894926616&_p=1704752849682&gcs=G1-0&gcd=11l1p1l1l5&dma_cps=sypham&dma=1&cid=1820536814.1704752850&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1704752849&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.nl%2Folp%2Fopen-account%3Faffiliate%3D365_02788145&dt=Welkomstbonus&en=scroll&epn.percent_scrolled=90&tfd=5429
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bet365.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bet365.nl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI1PjYoOvOgwMVFlMdCR018gMxEAAYACCV_pJjOhoI1f2a3wIQ5YOkj8gEGOf3nuQDIJvRkPKhEkITCOyewqDrzoMDFRDDuwgd8uwLQg;dc_rmcid=CAQSOwAvHhf_xRGN5eAb3DrfyrzhL47siwyvUrZmF7V5ggJ0K0GyzbGcrkpcGL4dPYbKZRhenUx...
ade.googlesyndication.com/ddm/activity/ Frame 3294 42 B
107 B 90ms
89ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3294 42 B
64 B 62ms
62ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDClw0nacZeztCpCG7_UP8tmvkATog6jydJvRkPKhEu2O_MIDEAEgzYbYnwFgkYSghYwYyAEFqQKHoCQ3TGKyPqgDAcgDE5gEAKoE8wJP0Pz83gfeliVGCsoxx845rDAG3p_qfdQxFEVwSgmTJnhD-PsO939dQcRdy9nc30mk1RouiHJJ4aGinXuGDj0C6BaKFZE7X8-7zGBsRjDosz-VOXYpf86eWces6FDZUikuxQ1YzgWsW_d_XHdz0tyFjpkV_LQZxAEq7OmbY3mdiILkQjwZ5A_LHTaJbdLZlovctJSB938ToH_IGcjobmaMwlbaalgjxN-vbjJJXAILPmbSYIRkbzGGt3RB13ytspBtnFVQjLSvBZO0R1pPdNWNWm_y-Eu6d-Q89UxSX6obXaCmLiJ6KuRuC9Co0v6-CLrIMx1N6X6NR5XJ5b9TmXveo2o0-5Q0HVOp6pS26O72tKsUh_dMZKM13d4r7UqRTSVKbFbqLWCkJe3BJf4uTdo7pfr8Sg-xjL2j98IYhkGrjNMRaqU1YXs3Lw5p9JehwBs6gYmy2RvkCNLblnhYk6O-riQi6oqlMZ6VcCNuipICD11UA8AE5YOkj8gE4AQDiAWGsK3jTZAGAaAGdoAH8qWo3gKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliE8cCg686DA4AKA8gLAeALAYAMAaIMCCoGCgS7u7ECqg0CTkziDRMI5KnBoOvOgwMVEMO7CB3y7AtCsBOi_IEWyBPn957kA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=HiD_dGJPhZ8&label=videoplaytime25&ad_mt=4186&sdkv=h.3.609.1&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2ODU1MjU2NDk3NTBAzQNaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KfAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzU1MTkwOTMyCTIwNzkyOTEwOUCKAVIkCOgeEA8lAACAQSgBOgs1NDE3ODA5MjUtMUIER0RCTUi6A1AAWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:27:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fngplus.com.br%2F

Domain: ponos.zeronaught.com
URL: https://ponos.zeronaught.com/1?a=4f1b553bcbb102293b80294fd10f29372b6a27ce&b=A8ojMOuMAQAAWmHZH9-GowUncZg5lox8t5I-ZtG_fR-HUYdOc8EJcXug149CAR_MmWyucuKDwH8AAEB3AAAAAA==&c=-583944288

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ngplus.com.br/	1970-01-20 18:15:44	Name: clever-last-tracker-76358 Value: 0
.ngplus.com.br/	1970-01-21 03:08:32	Name: _ga Value: GA1.1.1538086108.1704752849
ngplus.com.br/	1970-01-21 02:18:08	Name: pll_language Value: pt
gml-grp.com/	1970-01-21 03:08:32	Name: CEK Value: a
.gml-grp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: qlTInfcRhv3c2Ej2sxxnmWGjIYHAIJBhpEm9TEBHrrM-1704752849491-0-604800000
.gml-grp.com/	1970-01-20 17:32:34	Name: __cf_bm Value: 8gDEQRwozcRFPlzdYhFLUSZx6iX.gGkkrVszxEicwkU-1704752849-1-AYo3IKkCfEdL6C0v8NrNmYD6Nk1nY0Juk5iCWN9qh5ot/OdT6LpbjSYQH1l5Eaz/OUB0eqVLsEqZO4gio2roovY=
.bet365.com/	1970-01-20 17:32:34	Name: __cf_bm Value: mfdq2dbhYKkwDbYrL2SGqx1PNOUsWUx4gR4garZ1yOQ-1704752849-1-ATiZ4zbSwzwikDU8J35YDCPUQOBd1642Cg4prD+wxot7x/PFGqkR0qJnY7XFou3N2OETLTNcF+Fg2iwIy22o+mE=
wlf12bet.adsrv.eacdn.com/	1970-01-21 03:08:32	Name: CEK Value: a
gml-grp.com/	1970-01-20 19:42:08	Name: A_619 Value: a=619&r=0&fv=0&lv=0&vc=0&fc=20240108&lc=20240108102729&cc=1
gml-grp.com/	1970-01-20 19:42:08	Name: PM_20 Value: id=3b1731bb-1d57-443c-b02d-4fab334edbff&c=CM_BR_SB_DT_BETANO_NGPLUS&s=8725&ad=619&md=0&pm=20&d=20240108222729&ip=0&r=0&ref=&RedirectParams=btag%3Da_8725b_619c_CM_BR_SB_DT_BETANO_NGPLUS%26utm_medium%3D2566%26utm_source%3D1%26siteid%3D8725&cip=MmEwMDoxNjMwOjI6NjA4Ojoz
wlpixbet.adsrv.eacdn.com/	1970-01-21 03:08:32	Name: CEK Value: a
wlf12bet.adsrv.eacdn.com/	1970-01-20 19:42:08	Name: XYZ Value: 120&0&148&&&&0&1&&b657b77b-8112-4b2d-8ac4-be2cb59bd2df&&a_3672b_86&
wlf12bet.adsrv.eacdn.com/	1970-01-20 19:42:08	Name: A_86 Value: a=86&r=0&fv=0&lv=0&vc=0&fc=20240108&lc=20240108102729&cc=1
wlf12bet.adsrv.eacdn.com/	1970-01-20 19:42:08	Name: PM_2 Value: id=47698e31-0492-4885-934f-efec8f32fdcb&c=CM_BR_SB_DT_F12_NGPLUS&s=3672&ad=86&md=0&pm=2&d=20240108222729&ip=533502316&r=0&ref=&RedirectParams=btag%3Da_3672b_86c_CM_BR_SB_DT_F12_NGPLUS&cip=MzEuMjA0LjE1My4xMDg=
wlpixbet.adsrv.eacdn.com/	1970-01-20 19:42:08	Name: XYZ Value: 120&0&148&&&&0&1&&1b496ae4-70a4-45df-95a9-6195800a8c82&&a_1971b_114&
wlpixbet.adsrv.eacdn.com/	1970-01-20 19:42:08	Name: A_114 Value: a=114&r=0&fv=0&lv=0&vc=0&fc=20240108&lc=20240108102729&cc=1
wlpixbet.adsrv.eacdn.com/	1970-01-20 19:42:08	Name: PM_2 Value: id=e381691e-a93c-4cd4-ae47-bea5dae42488&c=CM_BR_SB_DT_PIXBET_NGPLUS&s=1971&ad=114&md=0&pm=2&d=20240108222729&ip=533502316&r=0&ref=&RedirectParams=btag%3Da_1971b_114c_CM_BR_SB_DT_PIXBET_NGPLUS&cip=MzEuMjA0LjE1My4xMDg=
.f12.bet/	1970-01-20 17:32:34	Name: __cf_bm Value: W.JXVYQQEfNZfE.RDWRzYpBwujRLFHQVKoVkvYRpYLI-1704752849-1-AWoP6iWLRgmzFyLYgLcmrMn9NsbS6TUCuU7izZCNPNbNLj/8rNpDsp9aEbdKPUB3UXN4+1La/KKrHjWxTrqHcYQ=
.pixbet.com/	1970-01-20 17:32:34	Name: __cf_bm Value: WEJYXOtvyD.CiG88pRD4IRyPtpGbSgcGV0GtYsNbMK4-1704752849-1-AY7FN5cGrLxPXVPy4Lb2cjh1vCjinuDK5IVXxtLoqe5ENa3iaueczgmLXyS19ky2NLu2/TN7SnY5gjZO6O1d5Bs=
.bet365.nl/	1970-01-20 17:32:34	Name: __cf_bm Value: iU4IMv9xaAGvzJJ8itGXhTt0007WV.pamf8xWwjpgR8-1704752849-1-AdtNkPcT8wbgoelV7iIc9QhUfJ4EpHYawhkw/Y+9hzFdxUd8HTsFKyEA0qUyaF41bdJJywffMyxbLOw4dU8gFcc=
gml-grp.com/	1970-01-20 19:42:08	Name: XYZ Value: 120&0&148&&&&0&1&&222c085b-8d2a-4e40-bad9-ac8d62ba7453&a_8725b_1238&a_8725b_619&
gml-grp.com/	1970-01-20 19:42:08	Name: A_1238 Value: a=1238&r=0&fv=20240108&lv=20240108102729&vc=1&fc=0&lc=0&cc=0
.betano.com/	1970-01-20 17:32:34	Name: __cf_bm Value: vzMVDn._BKTqzfO7cnCnH2FrS9IHhl.FVm_vNSsvd0Y-1704752849-1-AdpAk5KwFVlp8hTc/NatKeqlYNWl3l4OLOBM00M36HupHOjZSFti/XYpwZp1Jt5Xhxe5qW9qhX/C9nktjGD7yPQ=
.betano.com/	1969-12-31 23:59:59	Name: _cfuvid Value: A1xVZro1Di0kAg86Du090kSrnclm96QgV1YaLFXeFlg-1704752849749-0-604800000
.bet365.nl/	1970-01-20 18:37:20	Name: Affiliates Value: Code=365_02788145%2f207357153605&prd=Sports
members.bet365.nl/	1969-12-31 23:59:59	Name: session Value: processform=0
.bet365.nl/	1969-12-31 23:59:59	Name: pstk Value: 013419BD705845F29D94E6CBD95E47DA000003
.ngplus.com.br/	1970-01-21 02:54:08	Name: __gads Value: ID=2c1af1c7e6e9be3e:T=1704752849:RT=1704752849:S=ALNI_Mao7A9-KRmw_74DZ6FN_C4M7fLGbw
.ngplus.com.br/	1970-01-21 02:54:08	Name: __gpi Value: UID=00000d3d943f81b8:T=1704752849:RT=1704752849:S=ALNI_Ma3Zp-opkLLsrY7RNWesyycEKS-SA
.ngplus.com.br/	1970-01-21 03:08:32	Name: _ga_YXW4YB0LQF Value: GS1.1.1704752849.1.0.1704752849.0.0.0
.doubleclick.net/	1970-01-20 21:51:44	Name: APC Value: AfxxVi67-GczLtpH9vv6lghx03lbqWqCE63sPXh6UhWghdV9UTK0OQ
.adnxs.com/	1970-01-20 19:42:08	Name: uuid2 Value: 7211542377065340404
.casalemedia.com/	1970-01-21 02:18:08	Name: CMID Value: ZZx20kTcSDTeTJoIV4rNZgAA
.casalemedia.com/	1970-01-20 19:42:08	Name: CMPS Value: 5156
.casalemedia.com/	1970-01-20 19:42:08	Name: CMPRO Value: 5156
.adnxs.com/	1970-01-21 03:08:32	Name: XANDR_PANID Value: IFHkhS9jGcZJP6J4kmqVxN7Y1vZUMAlvGI6mGxQEf3Oj813QXUA937pG8ZK5nzkGEtQqpLRzKjeGHasbe-eXgzZ3A06laieK6H49zXwnP-k.
.adnxs.com/	1970-01-20 19:42:08	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVKuBd[+!]tbPl1M>e)ZlrFUfJ+tGXxoa<^jiHHL>*ULAGLpS-TL<^0HtZOyxSt.7rdl3If)y3KL9D3I?+u7w=Sh
.doubleclick.net/	1970-01-20 18:15:44	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 02:54:08	Name: IDE Value: AHWqTUkb3Or-KtprjZKjHk6S9f1EyyIkqk7q8NQOqpRjNqhVWoPasv3S4gLiBDVxumw
.revjet.com/	1970-01-21 03:08:32	Name: trx Value: 5109923136609986189
.revjet.com/	1970-01-20 17:33:59	Name: ads Value: c9789d487dfa501a654f4c355ca237cf

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 503) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: chrome-error://chromewebdata/ Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://f12.bet/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network	error	URL: chrome-error://chromewebdata/ Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://pixbet.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
javascript	error	URL: https://ngplus.com.br/ Message: Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fngplus.com.br%2F' from origin 'https://ngplus.com.br' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fngplus.com.br%2F Message: Failed to load resource: net::ERR_FAILED
security	error	Message: Refused to frame 'https://br.betano.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://.betano.com:".
security	error	URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js Message: Refused to connect to 'https://ponos.zeronaught.com/1?a=4f1b553bcbb102293b80294fd10f29372b6a27ce&b=A8ojMOuMAQAAWmHZH9-GowUncZg5lox8t5I-ZtG_fR-HUYdOc8EJcXug149CAR_MmWyucuKDwH8AAEB3AAAAAA==&c=-583944288' because it violates the following Content Security Policy directive: "connect-src 'self' *.google-analytics.com http://members.bet365.nl https://www.bet365.nl/ https://extra.bet365.nl wss://wsbanpush.bet365affiliates.com 'nonce-C8gE1DcRFtTdvbQ+NWIAVuQLFG3BcTAXyOOfsBFob/0='".
security	error	URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js Message: Refused to connect to 'https://ponos.zeronaught.com/1?a=4f1b553bcbb102293b80294fd10f29372b6a27ce&b=A8ojMOuMAQAAWmHZH9-GowUncZg5lox8t5I-ZtG_fR-HUYdOc8EJcXug149CAR_MmWyucuKDwH8AAEB3AAAAAA==&c=-583944288' because it violates the following Content Security Policy directive: "connect-src 'self' .google-analytics.com .bet365.nl wss://wsbanpush.bet365affiliates.com".
violation	error	URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AAD3FuuMAQAAo0qk13IY17ScnCkLooVX5dWKKcLK5DisBYn5uXH3SCQdxxWE&PIRXTcSdwp--z=q Message: Permissions policy violation: accelerometer is not allowed in this document.
javascript	warning	URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AAD3FuuMAQAAo0qk13IY17ScnCkLooVX5dWKKcLK5DisBYn5uXH3SCQdxxWE&PIRXTcSdwp--z=q Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
rendering	warning	URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AAD3FuuMAQAAo0qk13IY17ScnCkLooVX5dWKKcLK5DisBYn5uXH3SCQdxxWE&PIRXTcSdwp--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AAD3FuuMAQAAo0qk13IY17ScnCkLooVX5dWKKcLK5DisBYn5uXH3SCQdxxWE&PIRXTcSdwp--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://www.bet365.nl/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AAD3FuuMAQAAo0qk13IY17ScnCkLooVX5dWKKcLK5DisBYn5uXH3SCQdxxWE&PIRXTcSdwp--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
ads.revjet.com
bid.g.doubleclick.net
br.betano.com
c.bannerflow.net
c6189493707d596d7b3100b1e7a7f690.safeframe.googlesyndication.com
call.cleverwebserver.com
cdn.revjet.com
cm.g.doubleclick.net
content001.bet365.nl
csi.gstatic.com
dsum-sec.casalemedia.com
extra.bet365.nl
f12.bet
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gml-grp.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
img01.ztat.net
members.bet365.nl
ngplus.com.br
pagead2.googlesyndication.com
pix.revjet.com
pixbet.com
ponos.zeronaught.com
pubads.g.doubleclick.net
r5---sn-5hne6nsy.c.2mdn.net
region1.google-analytics.com
s0.2mdn.net
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
static.r4you.co
tpc.googlesyndication.com
ui.cleverwebserver.com
wlf12bet.adsrv.eacdn.com
wlpixbet.adsrv.eacdn.com
wlstoiximan.eacdn.com
www.bet365.com
www.bet365.nl
www.crispcricket.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ponos.zeronaught.com
securepubads.g.doubleclick.net
142.250.110.156
142.250.185.66
157.90.6.85
172.217.18.2
172.217.18.98
172.217.23.102
172.64.151.101
185.89.211.116
192.229.233.6
2001:4860:4802:32::3
2001:4860:4802:32::36
2600:9000:2440:7400:15:157b:ff80:93a1
2606:4700:4400::6812:25b7
2606:4700:4400::6812:2a64
2606:4700:4400::ac40:902d
2606:4700::6811:5459
2606:4700::6811:ca6e
2620:1ec:bdf::62
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400e:7::a
2a02:4780:23:367e:e747:764c:8640:fbad
2a06:98c1:3120::3
2a06:98c1:3121::3
40.127.232.184
5.226.179.10
5.226.179.16
65.21.130.13
03a38c4ce51079cbd9a954953ca948e7313e3874e1de2f3264fd0e0a7d9f929d
0aafaeb9fb92f594b463f61512ddeda907fb862e26f36b780f201b98096aca6d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdbd5b32b96b90dd6109cc2413f2a386443776bef5d0acd6a7e01e2eb4fddbb
0dc98c5cc4bb232b9783d9bdd2756e292d938cb0008dc2733b59f37755fcc61e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fe46933912ed26d58b48de863742d48ed2dfd8c87deb84cfef78ffb2b390155
101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f
135832e5ea5d35dc1208592b56db63803045436048dbeb3465b349475a5efaf8
138ba97e12506fb0ca34c6b1b9787b9d5d8a6c2f9593a37bf56d2968c4fd68cf
171f9cf6f424fa27694134bc7b2ccfd337f71e4cffe3a40b423c94deaf2ddbeb
18d9eca36f9e4830a70cdc0ede40943c49ca6deb30535f94992cdbdac9debf86
1a97604caf58930c000c1c5754a0d7261dce79e14f584bd60bd9245617b62fc2
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fad4ec63f7167def05a3fb8e2c10bfbf35c726620abf81b929ff9adfcb7e15d
22064211b18a5f0d5c2ffd12d2b8022700f603218b67144ddba621168a2b4430
246f551c3746b2645d188e042b88211422b9655d3188e29e6a6b8873a01b3101
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e48e12ab55c07ac186298422c5e10139c61cf544c89f3b0b7e955dd3485ed99
2e715e05eeebd48d7746dbc6288c770bae7a13990d405dc29dd8963f55575f3f
2f63cb1ade6717008506c92a1ec7edba4b19463093adcb38807b6a578e942c4d
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33b05fb6d444405d240ae0e5098903f43cc514479f08bbbe5d6c7ebe21436e34
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3910919ba90e3492a9ab5393bd177f9bea0c652008ee79b031f0a4b7b2d00276
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42fec635cb438461f81520b5114d561016ea0d8b37727329e656102e8e775a9d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45f9194274af2f03901c585408d3a3ad8a269951b9fd5b27a86bba6e30d9d8b2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a46fd2b6ab24a0332ca0e21d82ddfb0023695ade571fe3230962d84e5df0b4
4768888882fef6ceb1a6dff8a9696bf132e696c11bb5251139289c8b4fb8ce47
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
48da0a8ae434a4e3d050759b45ecede05299ecae2424341af936a1a2f7a3487c
48e45c635d4312f007b43fe7b7b6c8a03ce65b77bc91d58be10e1ea7f35d5c44
4954140f02f45363ef8c95f97fdce03cfd2824d19eea3769b46e0f1be06e80e9
4aeeb9d5c3320f2dc539c986963e86e1a7841ae3ae33e4f5c1ceb46220d99339
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4c3ed76a83b9bd60d9ee046a498466d498cace93cef16495968cc369a146b0af
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ec8f46062aa838e6ffe12b70751e534ca7ec2b940a7f38b09b36ffd399a9637
5053212781def26f3c6a13232e859609d0a88d95b8c15138c2a6cc745544c455
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5665f4f9989673a936577ab79f16f6886a2402ed0a6998bca8687cc052073fb4
56b2ba2216439a1481f1b9e183c7207c01b97a6d0b0ad276e5086146627d121b
56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239
577a44959429da7b5823f85fe3bacbcbefb5ea82c80c685187e954f33a30043d
589a717cf24cbc81a0bcfd2dd6cec44404c6c090c5f1dc4afb0f83061c43bba0
58a6395a27e4d24edca79d60b0b8ce9ce5a790475a12a9a8101ee6da7486e14b
5923b5d3167186e22377d01f2002120106ed40e936e0341426c681d5a61e2184
5a2a5a605fbff705a5bf4f8aff0aae041608b9dd85a3e93dac0bbc19002f0cb6
5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63e57f314a85925e51293fa936ce0841bc0b060fcc6bc71fb667f592dc904cd5
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a515819e1fcdff4aaa182a88552e995b5e9db7ec352961d7effba00ae764713
6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6d23d7bafee5007dcc49f236a00c0a837ebf117f2d0ef7f59fe12d87e14a97f4
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa
6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
6f6e3f7c2420799e32c7d8dbc9a45f5137c2844c33187a9202fc08479becc003
70df282115ef87c44cd158ac44b98ddbabf5f1b337569a212af06b6c91bd7184
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
749bfc35b5e9458886eb990b3d3c307d8f015cc455fbb358a81e3fadbb52465c
77ddb6412e408862a12051b2accb796404fcb1401c7e737ccd7cd7d329becb58
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7be4b4a433a0c1b93deb51f1310da890a3b2cd2ebb4a1bef07227aeac4025c40
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
802137756810945ce6547bfdb681dcc8875a0a249d8a33f00713285588856970
80b3e857e1c16346cbbf1a8303870698fd76db9f26b3b046d6ef4b352403fa46
80cf576bf69a47a7056780efa98d560e525bea2b0d91f03f5394f9c14580bbbf
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
85b778abaa70fc56481136c70b23736b8d9e5cf303e9cc7e17444007eb86baaa
86cc38e0e62e4be679d8da3c504216ce4ba91a5f6779d4813a30404ad0ff97ae
8864efce91b63cc17acaf305730d3a35f4357c51937eec0c0a33c08d55427152
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8d01529d6b0a55fc8c5eedbb03768f3a1c21a157dd555172af0b1851687d5c46
8e1f71ac19a73fc2926866c8f94d7570e65077d46668cd1078362cc06d220039
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90ccafedf4026b7b2e72f2e6a29784146c9cbceac7c4db5f247b3f9f61098505
94d06460a0f1b204d27fe66adf65cc33b417024ff24670cfeda5c551c4380f2f
9576b975561031e21cdf6b626441e1243c825dcd758512aa1e10d0f506f9b983
96592e3403bc7e8e2b50609104daa99d5db800706f77649234a7283a8195fb65
9adff8bf51c41610da9ca4d0769e6fe28103ad9cea542709d3e0bde719cdd6d2
9b14d97cf06e271ca6582957ca194c9f3866b6ec9cd28a5a888c5f2f07fc7a0a
9b5dbc64df7766369ac9a6c8f229a15f47512876154546fbd0610869b7f9f68f
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e13654bd2976a5141d4821aede8f15b0efeb47e70f04ad87e8fb1221f049e43
9f9c6775b84c5286ffdc5bfa690a3b18beee2cc6681096dff5232775c6c5974f
9fbfcaf146dba41e7fd8d829287e081d4465f8279f08152d357837dfdc8209e1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04e664bb59ecdc5013690bc724d7b53bf44e501bf0c913319a857427fc1f6a6
a0a6ee90f7d31651db5ed76b62352d35c1784956c07e3e4bfe162d394670c47a
a16d1525095548f2d410928173be540002245ad94e9ea0d95c847de0e84dfd5f
a52c834a0c553d22cddb73c948433ace91b9181e0e95fb54d07d6d6f61345f0c
a84aadae666395284ce06d603c5847dad68f216cac945abb814b4437b00ddcff
a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
a93cba72f86d219bab98331c28c6aacf6f1f4804e3941ec7d4f090d51d9c12bb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa232a270903c37b16cb14888a94f7fb0f50b86c783cd6fa1dfc715fab4433f1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b31490f715edc524759a34c7291363a5cb48cf647277ee15c6ed776cb199460f
b3f43d3c91095b5998ed5a1c905437fbf346076c3034853cc123d4fb1a758b3c
b4ec314b95a765e663312a27606f6394d485c6f9f180406cb75f3b33e12e8b87
b54ad70899eee5d46b8ab2e999fc2c387efb427e02770a9a86b14caebacd04b9
b62b7053fc0d2b1a5ac08a518c0828d73fcd03228e8852c12bd876e7f68c2612
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b801a67b78aed5267f0bd3be937ecf6ee460d90ee81f49d8fd52054663cbe102
b85783a5373e20a0aad7f377b17eab31dc3b568f85688d33b738438c5c9ad8ab
b8df6ec7183a680549269d3d45eef9d3d6867884f08ebf5bf1d7be0a929b70f8
ba5650b494497dd4e159b520d624a1dd467d7c9079bd53d1d959b1c8cc664999
ba8e939da8f5824774583728f6cc0eff40a5674a61d923315f6fc2081be1a38d
bc3b317dc575f520784a5418df2ecf5f270659cd35c81c47f13868c386f780f7
bc6794c901f7087813a719c18961cce8f65dae8226ff687f1c2c7dec28c011ac
be721fab17ac58de873aa54537193d60b334335491a6a1faa222f2f57be1fd87
bf9fabf56b67ff2aab670755578debb0be846534504dfbe5bea6689dbd1c0cbd
c0aba6d3542fb51c1f8f40ea3a251fb04a51ec239a668c9d1c38f52a07482344
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c2fcb3f45e9bc8e96de76f670a1cc1a3de59f7556d6db9118090a14e00f0a77c
c643f2fd9b5001208cfcdc5347537e4329e77706c69da220732b43ac9c9cf359
c89fbb7c3991d609883de7c21412f6b27f44b0d049c72e49011d9a0311ac2eba
c938e10e035eaa076974c64742ba9d9bda824ae467083b5d5dd6ab3d619eaea7
c9b1f3c6a0969a2ec56f04c3c7b5be37b0d97a151d703381cceb7b31960de8f6
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb9ba57a70bf6a847c39a97fe3718b3ab0445b2550efb4906af4bbfa37afcafd
cd8eb8c761325cc4e3ed7728b9844d057a804c4129ef1bd6647a17101556a5fb
cd95be4bcfcb2c5e662cdd09c95dbcc1cf1f4e71fe07c4739f310490864af471
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d1fee0e275eff6d223e9845ca7aee343e0f4ea7b74b8e33b3b37088e559fce0b
d209ff662534f6a6f63857a866e9c71a2b3f854b6bf3795ab2551e97279d14b3
d7a39d455be44d6cb814f2330d1ccfabcde733554397a68df5be28d85d2d7843
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
dad1c78d44d3d20f0fc75e00a4750dc25429710dbc653de9fe7fa121ae5cb0fc
dadc69ce42a1c555bd4044037897b660253eaa3eec11d98560eb64f0aebf28f2
db5ffd916dbeb4938cc236cb3a42e73a56987f28c5deb9f3beccbe2c4af19307
dc731561f1e96e35874623df6437a97b3f3d38aaa187ea11119c89de932e09e5
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
dd2206ea43514f297a0ddb76966bb382674c6d08ad9678747b8e094194068584
de7e8a7141de086455c3a4800148f82a292883665e5671da9d7c6b1993b4ae06
de9e3b9ba9b91358094de123af26fce188e1c6fa9a7c87971a43f3e8c39836e7
deaed9bb14fd7063a07126e9b74e300d76a9371007d231b98239a68494831632
e1bc445d278e698f2cb4fd6f641544d1a07c879c3da2093d9bf2df613f94ba51
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e440a25c4316145975ec0704e39bb57e26e14106400fc65abee02c2fa7f91f89
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
e660cedede24293a84d2338d4f4a6caa1d6378d7d11e7bdae8a94edce859e85d
e97075bd70ab8a70cc576b5d90bd13a3e715313272cec401c9342f4665a4c353
eb46fc22f1ab28a4180d6a2858ed054012c3c138443bebf5ba38698de622d811
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ed8fb982cca8eef53eb358236213c23fbf11c5ea803d9e1ba23cc8f671b9c1ab
ee879758f9612b65ac01b5e3d4d99cbbe3880157b03e78305db210e7d6ae066e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17d1719160d8276fbce3e161bbda31b5606e966e7f73a889130f7ccb0fbdea5
f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338
f3f4ff09e543b2189b2ca7c7a97cdfac8e7d04e086f00669a9427ba87dc27cdb
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6246ebe302e91d6fb04472e2b5e7aa5b75bf992fb24cbfa3a7c5b5a7bb6a037
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f76b892a3ea42aeab71d05411df230349b1bb51508eefe4ccfcc43ce3bd58ace
f7e71268d2862194615eae7ba55516e55a1529ce560230984999c2d1c2ee9cb3
f868a810ac6e54ae51ccf2828f623337fb99036eb64d73a7a517f7534297b3e6
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939
f9798155f42f6363ed2bcebc3ad9785c05f00d5bc4ec7f535e90b040c85af5d4
fa4d8e7ac1ee345ffa89eeb64ca5719a4728256d381341334bf5518cdd8f56cd
fbccb3f4604f60570a0ba26a8113cbe80e64dee8cd3597f989ab7a49c11d43c4
fc045e08570de447e7b6319886d0c770d58f03f7d8c071c9b61456ca85b47438
fc7512281e207a922a9b017b45ac588dfc87dad9a7abf998e870be08d678ae25
fd9f9f1ebf8e21460b02fc163755f48f9f9d3ab379f83b20dd0fb6f3af5aeba1
feca56ca5114badf0b1e34b970aeb173ccc03eb2ac4ae445d982d8e548ff188d
ffc97b52ac215e1767cc0bd162bdee7fee4c531ed1d3b9370b9cc3fe5e74bf88

ngplus.com.br Open in urlscan Pro 2a02:4780:23:367e:e747:764c:8640:fbad Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

239 Requests

95 %HTTPS

68 %IPv6

26 Domains

49 Subdomains

39 IPs

6 Countries

12157 kBTransfer

17546 kBSize

41 Cookies

1 Outgoing links

Page URL History

Redirected requests

239 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ngplus.com.br Open in urlscan Pro
2a02:4780:23:367e:e747:764c:8640:fbad Public Scan

Screenshot
Live screenshot

Full Image

239
Requests

95 %
HTTPS

68 %
IPv6

26
Domains

49
Subdomains

39
IPs

6
Countries

12157 kB
Transfer

17546 kB
Size

41
Cookies

239 HTTP transactions
20 data transactions