urlscan.io logo urlscan.io
SecurityTrails logo

49b91259c8593348.ngrok.app Open in urlscan Pro
2a05:d014:21b:8e01::6e:1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Effective URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Submission: On March 12 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 6 countries across 22 domains to perform 148 HTTP transactions. The main IP is 2a05:d014:21b:8e01::6e:1, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is 49b91259c8593348.ngrok.app.
TLS certificate: Issued by R3 on February 8th 2024. Valid for: 3 months.
This is the only time 49b91259c8593348.ngrok.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a05:d014:21b... 16509 (AMAZON-02)
13 208.84.244.97 40260 (TERRA-NET...)
14 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
28 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
3 35.201.123.184 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.244.18.38 16509 (AMAZON-02)
3 108.138.6.136 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.39 16509 (AMAZON-02)
2 13.33.175.168 16509 (AMAZON-02)
2 34.120.63.153 396982 (GOOGLE-CL...)
2 34.149.50.64 15169 (GOOGLE)
10 37.252.171.53 29990 (ASN-APPNEX)
2 2602:803:c003... 26667 (RUBICONPR...)
3 81.17.55.99 60781 (LEASEWEB-...)
2 2a02:6b8::90 208398 (TELETECH)
2 178.250.1.8 44788 (ASN-CRITE...)
14 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 69.192.160.23 16625 (AKAMAI-AS)
1 23.216.77.36 20940 (AKAMAI-ASN1)
6 23.32.100.25 16625 (AKAMAI-AS)
1 151.101.65.108 54113 (FASTLY)
5 34.102.185.99 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
1 23.35.236.188 16625 (AKAMAI-AS)
2 69.192.162.113 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
148 35
2    2a05:d014:21b:8e01::6e:1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
49b91259c8593348.ngrok.app
13    208.84.244.97 (United States)

ASN40260 (TERRA-NETWORKS-MIAMI, US)
PTR: mia-cdn.trrsf.com
s1.trrsf.com.br
14    2a02:26f0:ab00::b819:336a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s1.trrsf.com
www.terra.com.br
28    2a02:26f0:ab00::b819:337a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p1.trrsf.com
s1.trrsf.com
3    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.244.18.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-38.fra56.r.cloudfront.net
sb.scorecardresearch.com
3    108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net
c.amazon-adsystem.com
6    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1ff0b4e5e3b55639f57df6094e0d9603.safeframe.googlesyndication.com
1    99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
2    13.33.175.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-175-168.fra60.r.cloudfront.net
aax.amazon-adsystem.com
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
10    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
fra1-ib.adnxs.com
2    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    81.17.55.99 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN208398 (TELETECH, RS)
bs.yandex.ru
2    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
14    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    69.192.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    23.216.77.36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-36.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
6    23.32.100.25 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-100-25.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
5    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
tt-10969-0.seg.t.tailtarget.com
b.t.tailtarget.com
t.tailtarget.com
3    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    69.192.162.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-162-113.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
40 trrsf.com
s1.trrsf.com — Cisco Umbrella Rank: 368018
p1.trrsf.com — Cisco Umbrella Rank: 365148
376 KB
18 googlesyndication.com
1ff0b4e5e3b55639f57df6094e0d9603.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
186 KB
14 media.net
prebid.media.net — Cisco Umbrella Rank: 1219
contextual.media.net — Cisco Umbrella Rank: 759
warp.media.net — Cisco Umbrella Rank: 2956
lg3.media.net — Cisco Umbrella Rank: 7803
hblg.media.net — Cisco Umbrella Rank: 2396
134 KB
13 trrsf.com.br
s1.trrsf.com.br
515 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 256
cdn.adnxs.com — Cisco Umbrella Rank: 1640
fra1-ib.adnxs.com — Cisco Umbrella Rank: 7866
acdn.adnxs.com — Cisco Umbrella Rank: 609
63 KB
8 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 93778
d.tailtarget.com — Cisco Umbrella Rank: 100926
tt-10969-0.seg.t.tailtarget.com — Cisco Umbrella Rank: 499861
b.t.tailtarget.com — Cisco Umbrella Rank: 78521
t.tailtarget.com — Cisco Umbrella Rank: 25213
46 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 702
gum.criteo.com — Cisco Umbrella Rank: 466
mug.criteo.com — Cisco Umbrella Rank: 3065
8 KB
7 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
204 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 301
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 621
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
79 KB
5 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 496
eus.rubiconproject.com — Cisco Umbrella Rank: 606
token.rubiconproject.com — Cisco Umbrella Rank: 493
14 KB
3 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1729
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 677
60 KB
2 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 11158
671 B
2 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1806
443 B
2 terra.com.br
www.terra.com.br — Cisco Umbrella Rank: 268023
3 KB
2 ngrok.app
49b91259c8593348.ngrok.app
15 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2394
296 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
10 KB
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 176
226 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
300 B
0 rlcdn.com Failed
api.rlcdn.com Failed
148 22
Domain Requested by
31 s1.trrsf.com 49b91259c8593348.ngrok.app
p1.trrsf.com
s1.trrsf.com
s1.trrsf.com.br
14 pagead2.googlesyndication.com 49b91259c8593348.ngrok.app
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
13 s1.trrsf.com.br 49b91259c8593348.ngrok.app
s1.trrsf.com.br
9 p1.trrsf.com 49b91259c8593348.ngrok.app
s1.trrsf.com.br
s1.trrsf.com
6 contextual.media.net s1.trrsf.com
contextual.media.net
49b91259c8593348.ngrok.app
6 ib.adnxs.com s1.trrsf.com
acdn.adnxs.com
6 securepubads.g.doubleclick.net s1.trrsf.com
securepubads.g.doubleclick.net
4 gum.criteo.com 1 redirects static.criteo.net
s1.trrsf.com
4 fra1-ib.adnxs.com s1.trrsf.com
49b91259c8593348.ngrok.app
cdn.adnxs.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 lg3.media.net 49b91259c8593348.ngrok.app
contextual.media.net
3 prg.smartadserver.com s1.trrsf.com
3 c.amazon-adsystem.com s1.trrsf.com
c.amazon-adsystem.com
2 eus.rubiconproject.com s1.trrsf.com
eus.rubiconproject.com
2 static.criteo.net s1.trrsf.com
static.criteo.net
2 b.t.tailtarget.com d.tailtarget.com
2 tt-10969-0.seg.t.tailtarget.com d.tailtarget.com
2 d.tailtarget.com 49b91259c8593348.ngrok.app
d.tailtarget.com
2 hblg.media.net 49b91259c8593348.ngrok.app
2 bidder.criteo.com s1.trrsf.com
2 bs.yandex.ru s1.trrsf.com
2 fastlane.rubiconproject.com s1.trrsf.com
2 s.seedtag.com s1.trrsf.com
2 prebid.media.net s1.trrsf.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 www.terra.com.br 49b91259c8593348.ngrok.app
securepubads.g.doubleclick.net
2 49b91259c8593348.ngrok.app s1.trrsf.com.br
1 token.rubiconproject.com eus.rubiconproject.com
1 mug.criteo.com
1 acdn.adnxs.com s1.trrsf.com
1 t.tailtarget.com
1 www.google.com tpc.googlesyndication.com
1 cdn.adnxs.com s1.trrsf.com
1 warp.media.net s1.trrsf.com
1 qsearch-a.akamaihd.net s1.trrsf.com
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 1ff0b4e5e3b55639f57df6094e0d9603.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sb.scorecardresearch.com 49b91259c8593348.ngrok.app
1 stats.g.doubleclick.net 49b91259c8593348.ngrok.app
1 www.google-analytics.com 49b91259c8593348.ngrok.app
1 tags.t.tailtarget.com s1.trrsf.com
0 api.rlcdn.com Failed s1.trrsf.com
148 43

This site contains links to these domains. Also see Links.

Domain
servicos.terra.com.br
central.terra.com.br
www.terra.com.br
Subject Issuer Validity Valid
*.ngrok.app
R3		 2024-02-08 -
2024-05-08		 3 months crt.sh
terra.com.br
Sectigo RSA Organization Validation Secure Server CA		 2023-06-30 -
2024-06-29		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-19 -
2024-12-29		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2024-02-19 -
2024-05-19		 3 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-03-11 -
2024-09-09		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-21 -
2024-12-21		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-17 -
2024-05-17		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Frame ID: 9A4AE53AD67913420544E94B6FA0E0E4
Requests: 95 HTTP requests in this frame

Frame: https://s1.trrsf.com.br/slide-mail/normal_2.html
Frame ID: 337651F72776289A3D88F5E408F7A6FF
Requests: 8 HTTP requests in this frame

Frame: https://1ff0b4e5e3b55639f57df6094e0d9603.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9D94DC570703A2E828FE2B5E47880F02
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu1QWCC02ykurLw9kN-wa7QQviw75TBw3gzkiWgOlm2n6LKEpN3cCNlqQQsS0zi0uJIP1aQnmIDR5gcjNJ0eDT5VAY5NnZxQn67XCIvvO9wTsSLCWLIJm30BM3MqpnYDJ5J0fQI99Qu0bu8PaVOLh9nLA8raiBJ4yWHlWR1nTuNv5byrBr7aVxdm6Xgpkw_aVJjT2AdjKgX2DFF6e9U9s6gfChIzgSthJbVtnd7RyKbVae2uI34t_nggk3qhzyLk0jTqGXJfFvhk0bIwn5rRk0bDyKGTywDnhzivUuBELW2WkprYUOoLJ-7yMam-FMmfdy2qsgMA7W9xGwFINl0aIQFeG1H1w3rLxqz-sAjDm2_neYnKTk4dl4UvyPXzjOPxdTGNxTfv7Vzw3wuuI6zKdyx&sig=Cg0ArKJSzML_CBHee2sZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: DA2A429A7E56D7A8AABF2ACB899DA93B
Requests: 6 HTTP requests in this frame

Frame: https://www.terra.com.br/especial/calhau/300x250.html?v
Frame ID: 38CB73757231CABE0EA9C6A7EF38C6CA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuk6YlMWKLu9U7Eq70dbl-ND6TaClgFS3Ch0_IdCdxAd4wgO_b7_OFc5h5VPGpCQmWmZ0vYDIxcOJWSL_3ViX3qRtuA48dF3elTLBNYItIApFzb_ds2PVblJuvk78KTHEMzq-T9SzPORAxx3T_aw4gaIS9ZVS2uXimgteUAicVJBASCixG8H_DeWZTtViZuBEKIaYu-p0DHEl51H2wdT1IMe0GrMPtuhthPFjEsfWVcok0R9Gopv10uO-Zx5fRrt9YTpvhltnQl6YNzth_weleAutk0GQWQYN1F20f0G34JAzMRMkzFQpT6Cm95EDXlu-dUoCeLC2KHkOvYIvyhaSYDv0Q8XAD-GbeinSI-HCSZI69Pl64PdtbNSnlwJTZpG3HfgJofEPNjxFySOjgm484WBwI7N9FBVO3c&sig=Cg0ArKJSzMHVPZxjKbOSEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 007D431CF1AACF95EF0BB699FB1E8FB8
Requests: 19 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2356&&kkdd=33%7CH%7C9n*A&555=NyO0UC1lJHM3x1Mdovpvv~Ie35Qj)!yqvebfl4!OeyRF91po*B58gVH0t!NvVImnHi!-9uWFkM1og8JHRvzt.VVtj~xquI.*xuIW5uZ8!MQArQPXx*MCy1MgwtEINVf(l.Pr2OMPUxaZwbNSIMlKEd*F8*xpe-avWztarwgf1WV%3D&*E=grgVjYjojgCCowgggoo&lWf5=g&kAf-=V&KW*=ggoV&aAKp=XTwY&KEW=oHvYjtvoc&KfKW=TW3Hb4FSCHJ0IprIvYNyBi%3D%3D&K5EW=gCCCgTjTY&AE8p=(rVnjCV&KK=Pc&AK=Lc&KmNk=Lixt7S)&fEW=oR7CyXdOT&afEW=dCr4cVH&maafA=g&NAp=C&BZ=g&2lW=T&-Wag=oHvLCcSTo&-Waj=gVgYwwCgT&qW-a-=AWj%3DN2BB_E25BeB%3DjV_Ulp5fk%3DVsVo_*ZepnK%3DVsCj_*EAeAW%3Dj(o_WKj%3Dg_q-a%3DV%2CV%2CV_AKW%3Dam_*e-AN%3DwggVw_*Bj5eAW%3DjVjTVwgjgg_E25Beq%3Dgoojswj_25BeaIK%3DV_AaW%3D%2Fgjgg%2Fq5sap55-sk-EB%2FmUkp%2FK-qpKpE5-_B-Aa%3D_*EAe25Beq%3DVsrY_Ef%3Dw)dUM7_!qq%3DV_*EAe25BeB%3DTV_5EEf2-%3DV%2CV_pa%3Djj_5K%3Dg_5fAeAW%3DjVjTVwgjgj_*EAeq%3DCwYsoY_25Beq%3DVsCw_*Bj5e25Beq%3DV_*Bj5e25Be*E%3DTcV_25Bea*E%3DV_pKfepp5%3Dww_25BeB%3DjV_lK-a%3D9gV_qq%3Dg(Y_**%3DV_Bj5eq%3DgVVV_p5fk%3DVsVo_*Bj5e25BeIK%3DVcV_qk%3Dg_-wfeq%3Drsj(%2CjVsTj_AEW%3DgCCCgTjTY_AW%3DV_2EW%3DjjWC3i!bw3mffk~axx_qaW%3DgYCgogoYV(YwgYroVTjYC(YTTojjCC(YorVTCwgrT(jV(CrrTVjjVwCTwToor(YjgjwjjjTYYrVowCVjw(jYoVgojrYg(Tj(ggYoTYVo_*Z2%3DVsCj_WjfeB%3DgV_wfK!%3D(rjsrT_2Ek%3DV_WkkeAa5l%3Dm-5kUNz_*5e25Beq%3DrCCsgY_Wjfeq%3DVs(o_UlWjfeq%3DVs(Y_*25Beq%3DVsrC_AA%3DSi_KK%3DPc_2EZ%3D9g_Kp%3DV_5fAeq%3DjVsTj_*25BeB%3DjV_H4%3Dwgjr_Iqe2K%3D9j_NaA%3Dg_IqeKKIA%3D9j_Ka%3Dp5!25a_qAAe1d~%3Dtu%2CScP_pnfAKU5p%3D9g_q-AEAj%3Dg(Y_qWa%3DgrgVjYjojV_q-AEAg%3Dg(Y_EAxp!%3DV_E*25Beq%3Dgsww_EAE!%3DV_qEW%3DVsVo_WK%3Do_*Bj5eq%3Drsj(_E*25BeB%3DjV_KqWf%3DVsVCr_EazfpeEW%3DgY_ApBBp5ea-leEW%3D%2Fgjgg%2Fq5sap55-sk-EB%2FmUkp%2FK-qpKpE5-_A2ffBzea-leEW%3DgTCVrVog_*EpZ-qEBEaz%3DVsCjgC(o_fUA%3DV_K-55Ep54W%3DV_UlqEW%3DVsVoVVVV_q!B5%3DVsVVV_A2EW%3D_WaK%3Dp2eqp_Wkkep5fk%3D!-BAp_Wkk%3Dm-5kUNz_qWfK-fW%3DV_W-Bl%3DWp!-2Ba_ENAB%3DV_AUqf%3D_makB%3Dg_WK2a%3DwV_WUlq%3DV9g_EqK%3Dg_NA8%3Dg_alA%3D(rVnjCV_qAq%3Dg_qAf%3D9g_akn%3Dor_knqIa%3DV&Na*=V&kkk=2bUAS!4P0cI%3D&EZ=(rV&EN4!5=g&qW54W=TYV&qEW=wT(VYw&kK!=Yojwr&zWAf5=g&I-af5p=g&I-aqEW=9gVw&K-WUk-EN=a8x9mXKB9X95fYtwKnz4ocutxTl1T9IZ5Ue-8.rtycv%3D&zfBf=g&EAEW=C&-W*=tz%20upAa%20yp-5KmpA&-Ka=Ru4iiu%2FS2uTlS!l5u8N05ST8-u!l0-ww2-p&flEW=fVrYCwCwooTajVjTVwgjgrVV&AABW=%7B%22AAEf%22%3A%22jgrsggTsjgosV%22%2C%22AAKK%22%3A%22Pc%22%2C%22AAAK%22%3A%22S4%22%2C%22AAKaz%22%3A%22kpp5qpKI%22%7D&makBA5K=g&sflct=8353880&ure=1
Frame ID: D84178057DA79FB6B3D4B38B414CD34E
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Frame ID: E9E572880F7EBA5C34240E4D13780EDC
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C229%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: C84966C198B0546146DEE7FD6DC1C973
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E06108A05B6D0E1E0959AE4289A47183
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9DEA9345D0986817EAFA531668FF8EF5
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=49b91259c8593348.ngrok.app
Frame ID: 1963116444124661661A351CA1693563
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EAAB7BB08464FE9D5A04012B983A7549
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDV2PQ3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: A01D28AEE93F7FDE18D8F95D711BF3C2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B298AE8F09132341F32CEDAEEEA8425B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mail 🕑

Page URL History Show full URLs

  1. http://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpR... HTTP 307
    https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpR... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

148
Requests

99 %
HTTPS

44 %
IPv6

22
Domains

43
Subdomains

35
IPs

6
Countries

1717 kB
Transfer

4672 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1 HTTP 307
    https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 146
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=49b91259c8593348.ngrok.app&sn=ChromeSyncframe&so=0&topUrl=49b91259c8593348.ngrok.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=iimdqXxXUmU4TGJPVUFkVURKMTI5M2dkcUJtcXprYWFHL2l4cll5S0YvVnRNQjR5MW10UStxYjE5eEVsV3YwQmVrOUdGVWgvaXViQS9GaHZrUXMybHdHZzlaL3VTOHdkU0hpVTBHZkZ0dDhSRHh5YmMwNk1hMmpkZVhtYVBCdU9IRXZJdVlXUm1udGtrWkx0TVlkZ2FYb0ZMQXBvQ2dhbDRjSHdDQzB5ZDJvN0ZodmJ2K0oxK2FxWTZ4VUczREFZdjBzWUtOd0Rtemg5dTl2Y3FIZU9UOGJpMGNIeHVKODdlSmp5cS9RVllQcjVJSWN0QzZ2L3JIVWtQQnBKNkp5STRBdDFJdGM4d1Y0cjJ1bG1hWUlwNVlVYjJZWndkQXpGbFhta0lYZjRpSTlIbSsyTzN0L3VFU1pwYjIzdUdQSytMN1pVdXw&cppv=2

148 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request inicio.php
49b91259c8593348.ngrok.app/T2/desktop/
Redirect Chain
  • http://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
  • https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
15 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:21b:8e01::6e:1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 / PHP/8.0.30
Resource Hash
001155829992323f9aa2589ff5b587783ac9f594e287f77471a1769b1272b814

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 12 Mar 2024 17:00:17 GMT
ngrok-trace-id
149a50cfb99d6342c04dbc2974501bc0
server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
x-powered-by
PHP/8.0.30

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Non-Authoritative-Reason
HSTS
core.css
s1.trrsf.com.br/terramail/capa/terra/_css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com.br/terramail/capa/terra/_css/core.css
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:18 GMT
content-encoding
br
last-modified
Tue, 24 Nov 2015 12:38:17 GMT
server
Terra Web Server
vary
Accept-Encoding, Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
text/css
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
context2.css
s1.trrsf.com.br/terramail/capa/terra/_css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com.br/terramail/capa/terra/_css/context2.css
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:18 GMT
content-encoding
br
last-modified
Wed, 18 Jan 2017 17:38:16 GMT
server
Terra Web Server
vary
Accept-Encoding, Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
text/css
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
navbar.css
s1.trrsf.com/fe/zaz-app-navbar/_css/ 		67 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/fe/zaz-app-navbar/_css/navbar.css
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
5c5a9efd1aaf8622dba343cc8a028336cddb7fed5c8ec2b4c6df1b918006f333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:17 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:31 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
access-control-expose-headers
content-type, x-cache
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
9847
jquery-3.5.1.min.js
s1.trrsf.com.br/terramail/_js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com.br/terramail/_js/jquery-3.5.1.min.js
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:18 GMT
content-encoding
br
last-modified
Mon, 08 Jun 2020 15:30:40 GMT
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/javascript
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
zaz.inline.min9df2.js
s1.trrsf.com/fe/zaz-cerebro/prd/scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/fe/zaz-cerebro/prd/scripts/zaz.inline.min9df2.js?standalone=true?v=5
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers
login_sync.js
s1.trrsf.com.br/terramail/_js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com.br/terramail/_js/login_sync.js
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
946eb995c70a4877c4e5b4ae1d6fe72973c93fb55e93e8ac999aa4cf784e8533

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:18 GMT
content-encoding
br
last-modified
Tue, 15 Sep 2020 10:39:05 GMT
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/javascript
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
mod-manager.min.js
s1.trrsf.com/fe/zaz-mod-manager/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/fe/zaz-mod-manager/mod-manager.min.js
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
fd038a3b5887a7211da38f300f043f190119b3d194cccbfc109d10d41ea42a81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:17 GMT
content-encoding
br
last-modified
Wed, 28 Feb 2024 18:57:04 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
access-control-expose-headers
content-type, x-cache
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
11087
script
p1.trrsf.com/cengine/igniter/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.trrsf.com/cengine/igniter/script?s=navbar&r=ad&r=breadcrumb&r=breakingNews&r=cookie-message&r=footer&r=navbar-email&r=search&r=ticker&r=socialpanel&r=shortcuts&r=under18-message&rs=email&p=fixed
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
4a894b0c4a2f4c3fff8bc316a7ad3527f61464b0f7b70d211fefbf52e0b765ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:17 GMT
content-encoding
gzip
x-igniter-uuid
d217481f-293d-4469-904d-49d63cb24e6e
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
STALE
content-type
text/javascript; charset=utf-8
cache-control
max-age=30, stale-while-revalidate=60, stale-if-error=864000
content-length
1473
content.js
s1.trrsf.com.br/metrics/js/br/ 		233 B
501 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com.br/metrics/js/br/content.js
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
eb784ac3d8f6b7e1af85aaf341a248344a9dd8ef874442fc3db40efda6ce9d03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:18 GMT
content-encoding
br
last-modified
Mon, 09 May 2022 19:16:11 GMT
server
Terra Web Server
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=60, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
index.php
49b91259c8593348.ngrok.app/mail/ 		312 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://49b91259c8593348.ngrok.app/mail/index.php?r=site/login&format=json
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/terramail/_js/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:21b:8e01::6e:1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash
27cb8604c55b980c9694cdacebb2235305db75c5961b718b2b92558022cacd24

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

ngrok-trace-id
668a2a41d00b571a72199c4e69f4a667
date
Tue, 12 Mar 2024 17:00:19 GMT
server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
content-length
312
content-type
text/html; charset=iso-8859-1
zaz.inline.min.js
s1.trrsf.com/update-1704722707/fe/zaz-cerebro/prd/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1704722707/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true
Requested by
Host: p1.trrsf.com
URL: https://p1.trrsf.com/cengine/igniter/script?s=navbar&r=ad&r=breadcrumb&r=breakingNews&r=cookie-message&r=footer&r=navbar-email&r=search&r=ticker&r=socialpanel&r=shortcuts&r=under18-message&rs=email&p=fixed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
8dcb0fcb98f857932586111ae076aa46c7f403fa58107f183ca5b074af3b78dd

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
br
last-modified
Mon, 08 Jan 2024 14:05:07 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
1069
terra-horizontal-branco.svg
www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/terra-horizontal-branco.svg
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-mt-cache
HIT
strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Mar 2024 17:00:19 GMT
x-cdnterra-cache-status
STALE
content-length
2774
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
content-type, x-cache
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
zaz.min.js
s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/ 		347 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704722707/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
0f959222ac5827d10e5cb09093bde3ff4c7e0fcdcb2e0e06c8e39a0e3983ed36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
br
last-modified
Mon, 08 Jan 2024 14:05:07 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
MISS
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
85279
202203110000a.js
s1.trrsf.com/metrics/inc/br/ 		83 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/metrics/inc/br/202203110000a.js
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/metrics/js/br/content.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
348b67f2de749b5738ecd616db955265833e209759167e23c17054c0fbd6549e

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 13:18:10 GMT
server
cloudflare-nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=60, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
25176
t3m.js
tags.t.tailtarget.com/ 		347 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-10969-0/CT-411
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/metrics/inc/br/202203110000a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
4cfd43a86ebd2744f3e33bef0a180da38832b0aa7ee2012af05caeca8410feef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 15:49:12 GMT
content-encoding
gzip
via
1.1 google
age
4267
x-guploader-uploadid
ABPtcPrQANerT7bEDgBih8I648fQLOZlaojAoeMEuv304KxhZiq2rMmymIzo8CmgDoKUoOOp48JziAUHTg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29758
last-modified
Wed, 07 Feb 2024 17:51:35 GMT
server
nginx/1.8.1
etag
"46f9412d4f629faaf97c1822698c3026"
vary
Accept-Encoding
x-goog-generation
1707328295024060
x-goog-hash
md5=RvlBLU9in6r5fBgiaYwwJg==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
29758
accept-ranges
bytes
expires
Tue, 12 Mar 2024 17:49:12 GMT
normal_2.html
s1.trrsf.com.br/slide-mail/ Frame 3376 		19 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com.br/slide-mail/normal_2.html
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
a2a07c6ecbecbc2a84021c2b2ee1502483b401523a6b6bb6f5f709aa5bd1f720

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=300, stale-while-revalidate=900, stale-if-error=864000
content-encoding
br
content-type
text/html
date
Tue, 12 Mar 2024 17:00:19 GMT
last-modified
Tue, 05 Mar 2024 19:30:17 GMT
server
Terra Web Server
vary
Accept-Encoding Accept-Encoding
x-cdnterra-cache-status
HIT
ttl-general.gif
s1.trrsf.com/terramail/capa/terra/_img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.trrsf.com/terramail/capa/terra/_img/ttl-general.gif
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/terramail/capa/terra/_css/context2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
cce5b207bafcac198b067c60c7899be700fc0780fa46b7d75773d0f360a45e9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
last-modified
Fri, 06 Aug 2010 18:13:55 GMT
server
Terra Web Server
x-cdnterra-cache-status
MISS
content-type
image/gif
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges
bytes
content-length
4952
klavika
p1.trrsf.com/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.trrsf.com/image/klavika?c=sh&t=acesse%20seu%20terra%20mail
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/terramail/capa/terra/_css/context2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
5b55292cb19be85439b763dd346ac0e0304ea5f90f244660e554d9384c50bda3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
last-modified
Mon, 10 Jul 2023 19:01:41 GMT
server
Terra Web Server
vary
Accept
x-cdnterra-cache-status
HIT
content-type
image/gif
cache-control
max-age=315360000
content-length
2126
expires
Sun, 10 Jul 2033 19:01:41 GMT
btn-terramail_v2.gif
s1.trrsf.com/terramail/capa/terra/_img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.trrsf.com/terramail/capa/terra/_img/btn-terramail_v2.gif
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/terramail/capa/terra/_css/context2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
57425ffa63cfde72a41bfccb7102329aa38d2702abc780e494dc07e87e902a9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
last-modified
Fri, 06 Aug 2010 18:13:55 GMT
server
Terra Web Server
x-cdnterra-cache-status
HIT
content-type
image/gif
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges
bytes
content-length
4958
ico-general.png
s1.trrsf.com/atm/3/core/_img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.trrsf.com/atm/3/core/_img/ico-general.png
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/terramail/capa/terra/_css/context2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
bc03d253ae8bd556dae288f329158a063063e30afa0e8ea7ea13edec2063dd76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
last-modified
Tue, 24 Jan 2023 18:50:45 GMT
server
cloudflare-nginx
x-cdnterra-cache-status
HIT
content-type
image/png
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges
bytes
content-length
8240
txt-armazenamento-msg.jpg
s1.trrsf.com/terramail/capa/terra/_img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.trrsf.com/terramail/capa/terra/_img/txt-armazenamento-msg.jpg
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/terramail/capa/terra/_css/context2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
e5d85771b1d7819b5173f95fa79262187bfd076ffb273be015e774c747d4e112

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
last-modified
Fri, 06 Aug 2010 18:13:55 GMT
server
Terra Web Server
x-cdnterra-cache-status
HIT
content-type
image/jpeg
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges
bytes
content-length
5112
collect
www.google-analytics.com/ 		35 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j41&a=1092137542&t=pageview&_s=1&dl=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&ul=en-us&de=UTF-8&dt=Mail%20%F0%9F%95%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=CGAAgEABG~&jid=311428035&cid=1016849997.1710262819&tid=UA-54936151-1&cd1=comunidad&cd2=email&cd3=&cd4=comunidades&cd5=300263&cd6=home&cd7=cap&cd8=Direct%20Load&cd9=terra&cd10=N&cd11=&cd12=&cd14=&cd15=br&cd16=&cd17=&cd18=&cd19=&cd20=https%3A%2F%2Fs1.trrsf.com%2Fmetrics%2Finc%2Fbr%2F202203110000a.js&cd21=T&cd22=desktop&cd23=&cd34=&cd35=&cd40=&cd41=&cd44=49b91259c8593348%3Angrok%3Aapp%3At2%3Adesktop%3Ainicio.php&cd48=&z=1482248314
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 00:38:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58904
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j41&tid=UA-54936151-1&cid=1016849997.1710262819&jid=311428035&_u=CGAAgEABG~&z=309696900
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 12 Mar 2024 17:00:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=3000033&ns__t=1710262819386&ns_c=UTF-8&c8=Mail%20%F0%9F%95%91&c7=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&c9=
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-38.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
via
1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-amz-cf-id
HWmrt7sgw7yFx4zM_EeGu1yeN-_tyR-ql8fCfdjJh1ZqtzI4lq_vjA==
x-cache
Miss from cloudfront
ShowArea
p1.trrsf.com/api/tagmanfe/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.trrsf.com/api/tagmanfe/ShowArea?key=br.terra_mail.home.setup&direct=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/fe/zaz-mod-manager/mod-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
e2759ae13ee76196b834eb8481f6631370d0bbf8c08ba2dfb0c40e6957a3e0cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
x-tagman-uuid
8122ddaf-fb4d-48be-9f92-6b2cad463e19
content-length
2572
ShowArea
p1.trrsf.com/api/tagmanfe/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.trrsf.com/api/tagmanfe/ShowArea?key=br.terra_mail.home.cabeceira&area=cabeceira&direct=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/fe/zaz-mod-manager/mod-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
76c2b9a887e2be6c58753422ddc93663051846fcd9955f7a82e9318a9eb4b076

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
x-tagman-uuid
53b37130-40f7-4ca7-b667-a9cd9e0ac6e5
content-length
1190
ShowArea
p1.trrsf.com/api/tagmanfe/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.trrsf.com/api/tagmanfe/ShowArea?key=br.terra_mail.home.s1&area=s1&direct=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/fe/zaz-mod-manager/mod-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
562003ec2a8e3f8395e2b490fb8ee1bf321c5c6d0e9edd1f0c3e8ef89fa2d82c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
x-tagman-uuid
46e61792-fe89-46bf-9588-95e574e21a59
content-length
1169
jquery.js
s1.trrsf.com.br/slide-mail/js/ Frame 3376 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com.br/slide-mail/js/jquery.js
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
f4270cd8aaa654b7ff6c695b82ce3f8b19464e05ac2f889612c8dd5c54c54936

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
br
last-modified
Wed, 04 Dec 2013 19:23:08 GMT
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/javascript
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
jquery.sudoSlider.min.js
s1.trrsf.com.br/slide-mail/js/ Frame 3376 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com.br/slide-mail/js/jquery.sudoSlider.min.js
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
a5dc8ebb7a2dbe62e6c45ad27873474b89dfdb5d5c633e2eecae08bad0dcce6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
br
last-modified
Wed, 04 Dec 2013 19:23:08 GMT
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/javascript
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
DS844_Pecas_MailGigante_BN-618x226_v2_HL.jpg
s1.trrsf.com.br/slide-mail/img/banner/ Frame 3376 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.trrsf.com.br/slide-mail/img/banner/DS844_Pecas_MailGigante_BN-618x226_v2_HL.jpg
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
62aead83b721830f4ae3ea138ca2bcdae8a7b9c69d1b921834c3a8088ba4d2b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
last-modified
Fri, 21 Jul 2023 15:12:02 GMT
server
Terra Web Server
x-cdnterra-cache-status
HIT
content-type
image/jpeg
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges
bytes
content-length
36673
DS975_KV_NBA_BN_Home-618x226_V1_RN.png
s1.trrsf.com.br/slide-mail/img/banner/ Frame 3376 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.trrsf.com.br/slide-mail/img/banner/DS975_KV_NBA_BN_Home-618x226_V1_RN.png
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
a7e24f0533599f142ce5fa24301b330a5bb8546cdbebca6a885196e80f5e5a00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
last-modified
Tue, 05 Mar 2024 19:30:13 GMT
server
Terra Web Server
x-cdnterra-cache-status
HIT
content-type
image/png
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges
bytes
content-length
167448
Contabilidade_Home_Terra_Mail-618x226.jpg
s1.trrsf.com.br/slide-mail/img/banner/ Frame 3376 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.trrsf.com.br/slide-mail/img/banner/Contabilidade_Home_Terra_Mail-618x226.jpg
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
99e6be2e6f35c44979f78f70cb06a47b84150d0d8e9945fce11b9665b4a085f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
last-modified
Wed, 18 Oct 2023 19:22:02 GMT
server
Terra Web Server
x-cdnterra-cache-status
HIT
content-type
image/jpeg
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges
bytes
content-length
35276
DS840_Pecas_TerraMail_CentralAssinante_Gestao_618x226_V0_VP.jpg
s1.trrsf.com.br/slide-mail/img/banner/ Frame 3376 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.trrsf.com.br/slide-mail/img/banner/DS840_Pecas_TerraMail_CentralAssinante_Gestao_618x226_V0_VP.jpg
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
3dff9efd4a6d72287b4d30593d1592b349cd42eeda64ce35af90dc46d90166eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
last-modified
Tue, 30 May 2023 14:12:06 GMT
server
Terra Web Server
x-cdnterra-cache-status
HIT
content-type
image/jpeg
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges
bytes
content-length
78048
DS749_Banner_Online_CURSOS_BN-618x226_v2_HL.jpg
s1.trrsf.com.br/slide-mail/img/banner/ Frame 3376 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.trrsf.com.br/slide-mail/img/banner/DS749_Banner_Online_CURSOS_BN-618x226_v2_HL.jpg
Requested by
Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS
mia-cdn.trrsf.com
Software
Terra Web Server /
Resource Hash
2bdc242f8afad2131cb05e2e3288c34d1f6a677452331c1f5b478193f754b9e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
last-modified
Fri, 21 Jul 2023 15:12:02 GMT
server
Terra Web Server
x-cdnterra-cache-status
HIT
content-type
image/jpeg
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges
bytes
content-length
123631
include
p1.trrsf.com/api/includer/ 		6 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p1.trrsf.com/api/includer/include?component=app.navbar&component=mod.aps&component=mod.gpt&component=mod.prebid&country=br&env=prod&format=json&group=web&scheme=https&standalone=true
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
8f48d0578ed7d15c448fbba7e2439b135a938a2aa28ff207cb36f53c8c58e68c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length
908
x-includer-uuid
52ddbecc-2a8f-47c9-b51b-e9d3b2b2980a
apstag.js
c.amazon-adsystem.com/aax2/ 		298 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 16:42:04 GMT
content-encoding
gzip
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Wed, 06 Mar 2024 21:59:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1096
x-amz-server-side-encryption
AES256
etag
W/"4f9091ca1740c69dd8d2e945b57ade3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
LumX7rxftmoZJ20sKbCK8jxb-vOzzjyU4jzQ0DVu5cy56y63s9ggWw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee16646a1d7cd367a3c839e09a0459feb2a6509a29b7e69ab15d334d0d23d1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28589
x-xss-protection
0
server
cafe
etag
739 / 19794 / m202403070101 / config-hash: 3988041232084385848
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Mar 2024 17:00:19 GMT
prebid.js
s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/ 		323 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
189d97907f24a96a47f040fbdacb4f930d1ff41675ac96b659d2cb3eb607d095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
br
last-modified
Fri, 26 Jan 2024 18:05:08 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
96534
zaz.inline.min.js
s1.trrsf.com/update-1704722707/fe/zaz-cerebro/prd/scripts/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1704722707/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
8dcb0fcb98f857932586111ae076aa46c7f403fa58107f183ca5b074af3b78dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
br
last-modified
Mon, 08 Jan 2024 14:05:07 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
1069
zazstandalone.min.css
s1.trrsf.com/update-1674586315/fe/zaz-morph/_css/ 		15 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1674586315/fe/zaz-morph/_css/zazstandalone.min.css
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
e3c16773695082bff1986622d1321bfe386d2855789da8136527d4cb76c0dc58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:55 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
MISS
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2460
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/ 		433 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3e271b44a4874258fc6302e7996e949e760208bc02850938bb38a9ad626f2c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 16:10:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
2963
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139281
x-xss-protection
0
server
cafe
etag
13505786736550064131
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 12 Mar 2025 16:10:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		77 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=49b91259c8593348.ngrok.app
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca5b5aa2408b136ad722846fa8c541ec73c8eaf2fe0a1c4a2ba2a65a3647479e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Tue, 12 Mar 2024 17:00:20 GMT
navbarstandalone.min.css
s1.trrsf.com/update-1674586291/fe/zaz-app-navbar/_css/ 		66 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1674586291/fe/zaz-app-navbar/_css/navbarstandalone.min.css
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
9aa7e7037c03e20ffa24aa11807553d1fb0de02cde3fbe30090aa046fac24760

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
gzip
last-modified
Tue, 24 Jan 2023 18:51:31 GMT
server
Terra Web Server
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
10311
app-navbar.standalone.min.js
s1.trrsf.com/update-1674586291/fe/zaz-app-navbar/_js/ 		92 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1674586291/fe/zaz-app-navbar/_js/app-navbar.standalone.min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
663f70e65e2eb7f65ebe67512f26aba6633027a184560dc0727ecc3f50fb96af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:31 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
17015
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:28:50 GMT
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
12691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
6U0cucnMMZKh2vI_E0NlFcnl5-1hNdJTdRgxaFFA8wRuHRECYiB57w==
ads
securepubads.g.doubleclick.net/gampad/ 		724 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3040261295794108&correlator=1464503367633350&eid=31079957%2C31081713%2C95326465%2C31079525%2C21065725&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fifs&iu_parts=1211%2Cbr.terra.mail%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&fsbs=1&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1710262820062&lmt=1710262820&adxs=0&adys=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&vis=1&psz=1600x434&msz=1600x0&fws=0&ohw=0&ga_vid=1016849997.1710262819&ga_sid=1710262820&ga_hid=1092137542&ga_fc=true&dlt=1710262817808&idt=2205&prev_scp=testfloor%3Dtrue%26connection%3D4g%26fledge%3Dfalse%26lite%3D0%26devicememory%3D8%26pf%3Dfalse%26pr%3Dfalse&adks=3225428632&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22934f9ae4631aa91dcca236943099a2bf3d394c4ef3cf7dee1fbbbfa46b577f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
401
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1ff0b4e5e3b55639f57df6094e0d9603.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9D94 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1ff0b4e5e3b55639f57df6094e0d9603.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Mar 2024 17:00:20 GMT
expires
Wed, 12 Mar 2025 17:00:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bc92a28d-5a18-4ea4-9491-626e7826c69c
config.aps.amazon-adsystem.com/configs/ 		563 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/bc92a28d-5a18-4ea4-9491-626e7826c69c
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
1c121844f01c8abb42eb2dfe4273e2b43b69269484c79290af05dfdc1d71f501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 16:47:58 GMT
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
742
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
N4wj4Vu0y5TL8Qsx9gzyt8Wd-pG_3J7NbSDtFw1WCBBAZmMNkOPiFg==
config
c.amazon-adsystem.com/cdn/prod/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2F49b91259c8593348.ngrok.app&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:28:49 GMT
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
12691
x-cache
Hit from cloudfront
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
bEYiS7QDX29EBiW9BjXnwWSYerUxmeakayjnBUFNc0vS_0GMXJXGHw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&pid=Dmzd8lfSu3s7q&cb=0&ws=1600x1200&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22adv-right%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1211%2Fbr.terra.mail%2Fhome%2Fs1%22%7D%5D&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.175.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-175-168.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
via
1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
94_etKpsuxUvRQ-VIrAALXjcqmzFY099DH3yPa3q72ug92G1mF1GLw==
prebid
prebid.media.net/rtb/ 		338 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUDV2PQ3
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
13a2cb2317563370598fb8cceb4cc05696591397b5d4f6ad8600d25469f05941

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Mar 2024 17:00:20 GMT
bid
s.seedtag.com/c/hb/ 		11 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		138 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
395f429b22143aabe3d4074171e93386772ed7f858ede030ba1cf42254a6997c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:20 GMT
an-x-request-uuid
7d8fad1d-1418-446a-8696-87aa28778361
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.25; 217.114.218.25; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		557 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10828&site_id=25078&zone_id=97396&size_id=15&rf=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&kw=TerraMailGigante%2CE-mailcomantispam%2CE-mailcomantivirus%2CE-mailcomsuporte%2CE-mailcomsuportetelefonico%2CE-mailprotegido%2CE-mailcomacessoseguro%2Cemail%2Cwebmail%2Cantivirus%2Cantispam&tg_v.viewport=s1&tg_v.testfloor=true&tg_v.connection=4g&tg_v.fledge=false&tg_i.domain=49b91259c8593348.ngrok.app&tg_i.page=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&tg_i.adunit=br_terra_mail%2Fhome%2Fs1&tg_i.viewport=s1&tg_i.pbadslot=%2F1211%2Fbr.terra.mail%2Fhome%2Fs1&tk_flint=pbjs_lite_v7.54.5&x_source.tid=03aa8ccd-ff86-4835-9530-b9428c9389f4&l_pb_bid_id=8e43797a1e9c7e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=03aa8ccd-ff86-4835-9530-b9428c9389f4&rp_maxbids=1&p_gpid=%2F1211%2Fbr.terra.mail%2Fhome%2Fs1&slots=1&rand=0.28793127627613746
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6bf3af8edb147958a9e0734d3f9068c0cedea42a2514ca20a24eb2fb64313dfa

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
557
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0721ad7146d2649e46ffc2526cf8c3a89ae2da0dec664fa9e5685d9a34298917
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:20 GMT
an-x-request-uuid
7664ff3f-732f-405c-a1b4-eb5e55fddbe8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.25; 217.114.218.25; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		186 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		186 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
3612118
bs.yandex.ru/prebid/ 		27 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/3612118?imp-id=1&target-ref=49b91259c8593348.ngrok.app&ssp-id=10500
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
gzip
last-modified
Tue, 12 Mar 2024 17:00:20 GMT
x-yandex-req-id
1710262820335461-1467398580567221443200377-production-app-host-vla-pcode-2
content-type
text/html; charset=windows-1251
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Tue, 12 Mar 2024 17:00:20 GMT
cdb
bidder.criteo.com/ 		0
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=21410721324&lsavail=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://49b91259c8593348.ngrok.app
date
Tue, 12 Mar 2024 17:00:19 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&pid=Dmzd8lfSu3s7q&cb=1&ws=1600x1200&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22mod-footer%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%221272x250%22%5D%2C%22sn%22%3A%22%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira%22%7D%5D&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.175.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-175-168.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:19 GMT
via
1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
iCxh9bzliuIoTs-45GvNoBieEnDFpgFQQJkkY4s6La6Tydf87-fZNg==
cdb
bidder.criteo.com/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=85713927398&lsavail=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://49b91259c8593348.ngrok.app
date
Tue, 12 Mar 2024 17:00:19 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		19 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
8caf47115848935c02d92cccf91aac4c8deca1890cd34c73a697b9254fa1db60
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
gzip
an-x-request-uuid
a324728a-e3f6-4f54-a672-6aefa2929371
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.25; 217.114.218.25; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		593 B
953 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10828&site_id=25078&zone_id=97396&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&kw=TerraMailGigante%2CE-mailcomantispam%2CE-mailcomantivirus%2CE-mailcomsuporte%2CE-mailcomsuportetelefonico%2CE-mailprotegido%2CE-mailcomacessoseguro%2Cemail%2Cwebmail%2Cantivirus%2Cantispam&tg_v.viewport=s1&tg_v.testfloor=false&tg_v.connection=4g&tg_v.fledge=false&tg_i.domain=49b91259c8593348.ngrok.app&tg_i.page=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&tg_i.adunit=br_terra_mail%2Fhome%2Fcabeceira&tg_i.viewport=s1&tg_i.pbadslot=%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira&tk_flint=pbjs_lite_v7.54.5&x_source.tid=b228ed7c-5e29-414e-ac9c-da565f70a979&l_pb_bid_id=236412e3699c791&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b228ed7c-5e29-414e-ac9c-da565f70a979&rp_maxbids=1&p_gpid=%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira&slots=1&rand=0.6279291388878094
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
519e320636787ae7d9ad48648687a78f9c57a9f0160aabb4820546cbf0ee18b4

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		338 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUDV2PQ3
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
d894ed9a1549033e73fe4e7310c644303763703a961c784918bfef910d23ab27

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Mar 2024 17:00:20 GMT
3612118
bs.yandex.ru/prebid/ 		27 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/3612118?imp-id=1&target-ref=49b91259c8593348.ngrok.app&ssp-id=10500
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
gzip
last-modified
Tue, 12 Mar 2024 17:00:20 GMT
x-yandex-req-id
1710262820335116-1028060672136572008500233-production-app-host-sas-pcode-28
content-type
text/html; charset=windows-1251
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Tue, 12 Mar 2024 17:00:20 GMT
v1
prg.smartadserver.com/prebid/ 		186 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
2a6177f86499d167337ecff6e3e9eaa1b2b7f013209086fa6ac372afd2d9f919
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:20 GMT
an-x-request-uuid
3fc7222e-74b2-4174-8b05-1163d7a22e49
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.25; 217.114.218.25; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
s.seedtag.com/c/hb/ 		11 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
include
p1.trrsf.com/api/includer/ 		3 KB
734 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p1.trrsf.com/api/includer/include?component=app.navBar&component=mod.globalStorage&component=mod.stalker&country=br&env=prod&format=json&group=web&scheme=https&standalone=true
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
4df9034923d3e506779565e6d79fbd16b8bd3fc7cb6aa3345dcdb0076f7f059f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length
509
x-includer-uuid
0848d529-2f46-4de0-aaed-edec437432fa
zaz-globalstorage-min.js
s1.trrsf.com/update-1674586307/fe/zaz-mod-globalstorage/ 		40 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1674586307/fe/zaz-mod-globalstorage/zaz-globalstorage-min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
166720721c833cecfeb03d4dc92c707c7855430f2a3caf2fd60a736400e6e251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
gzip
last-modified
Tue, 24 Jan 2023 18:51:47 GMT
server
Terra Web Server
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
11522
mod-stalker.min.js
s1.trrsf.com/update-1707912444/fe/zaz-mod-stalker/_js/ 		23 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1707912444/fe/zaz-mod-stalker/_js/mod-stalker.min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
5f3fe6682c31fbff40aa193c0d3554e2e69c800e40ad758ab6783ce184d8b4ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
gzip
last-modified
Wed, 14 Feb 2024 12:07:24 GMT
server
Terra Web Server
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
6779
opensans-regular.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/fe/zaz-morph/fonts/opensans/opensans-regular.woff2
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
513a6866e48ea8e16265464bf3f99aea0289c53007b57221dfd0dd5e64cb6985

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Origin
https://49b91259c8593348.ngrok.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
last-modified
Tue, 24 Jan 2023 18:51:56 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
18708
opensans-bold-webfont.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/bold/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/fe/zaz-morph/fonts/opensans/bold/opensans-bold-webfont.woff2
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Origin
https://49b91259c8593348.ngrok.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
last-modified
Tue, 24 Jan 2023 18:51:56 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
10304
opensans-semibold-webfont.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/semibold/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/fe/zaz-morph/fonts/opensans/semibold/opensans-semibold-webfont.woff2
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Origin
https://49b91259c8593348.ngrok.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
last-modified
Tue, 24 Jan 2023 18:51:56 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
10404
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3040261295794108&correlator=485376554657017&eid=31079957%2C31081713%2C95326465%2C31079525%2C21065725&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fifs&iu_parts=1211%2Cbr.terra.mail%2Chome%2Cs1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1710262820391&lmt=1710262820&adxs=333&adys=446&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&vis=1&psz=320x0&msz=300x0&fws=4&ohw=970&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1016849997.1710262819&ga_sid=1710262820&ga_hid=1092137542&ga_fc=true&dlt=1710262817808&idt=2205&prev_scp=viewport%3Ds1%26refresh%3D0%26testfloor%3Dtrue%26connection%3D4g%26fledge%3Dfalse%26lite%3D0%26devicememory%3D8%26pf%3Dfalse%26pr%3Dfalse%26amznbid%3D2%26amznp%3D2&adks=3904963271&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5751a159888cd311c9ae2bf2c9f6025a1c22ed8dc78b4d48b6a7174d8110409b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19296
x-xss-protection
0
google-lineitem-id
6627833259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138466611492
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3040261295794108&correlator=3593200981611405&eid=31079957%2C31081713%2C95326465%2C31079525%2C21065725&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fifs&iu_parts=1211%2Cbr.terra.mail%2Chome%2Ccabeceira&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%7C1272x250&ifi=3&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1710262820478&lmt=1710262820&adxs=436&adys=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&vis=1&psz=970x0&msz=970x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1016849997.1710262819&ga_sid=1710262820&ga_hid=1092137542&ga_fc=true&dlt=1710262817808&idt=2205&prev_scp=viewport%3Ds1%26refresh%3D0%26testfloor%3Dfalse%26connection%3D4g%26fledge%3Dfalse%26lite%3D0%26devicememory%3D8%26pf%3Dfalse%26pr%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.04%26hb_adid_appnexus%3D3580357b7263bc7%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.04%26hb_adid%3D3580357b7263bc7%26hb_bidder%3Dappnexus&adks=3023070111&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4983fe395b8e45ac9cb85522272bfa2e00283a1b17e9ee591a1e7a4c213949c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19573
x-xss-protection
0
google-lineitem-id
5183171906
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138288643331
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
pagead2.googlesyndication.com/pcs/ Frame DA2A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu1QWCC02ykurLw9kN-wa7QQviw75TBw3gzkiWgOlm2n6LKEpN3cCNlqQQsS0zi0uJIP1aQnmIDR5gcjNJ0eDT5VAY5NnZxQn67XCIvvO9wTsSLCWLIJm30BM3MqpnYDJ5J0fQI99Qu0bu8PaVOLh9nLA8raiBJ4yWHlWR1nTuNv5byrBr7aVxdm6Xgpkw_aVJjT2AdjKgX2DFF6e9U9s6gfChIzgSthJbVtnd7RyKbVae2uI34t_nggk3qhzyLk0jTqGXJfFvhk0bIwn5rRk0bDyKGTywDnhzivUuBELW2WkprYUOoLJ-7yMam-FMmfdy2qsgMA7W9xGwFINl0aIQFeG1H1w3rLxqz-sAjDm2_neYnKTk4dl4UvyPXzjOPxdTGNxTfv7Vzw3wuuI6zKdyx&sig=Cg0ArKJSzML_CBHee2sZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/ Frame DA2A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
11689
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Mar 2024 13:45:31 GMT
300x250.html
www.terra.com.br/especial/calhau/ Frame 38CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.terra.com.br/especial/calhau/300x250.html?v
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=30
content-encoding
gzip
content-length
946
content-type
text/html
date
Tue, 12 Mar 2024 17:00:20 GMT
expires
Tue, 12 Mar 2024 16:59:46 GMT
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-http-reason
OK
x-mt-cache
HIT
x-xact-montador-time
1710262756
x-xact-uuid
8121f80f-00f4-42f5-a327-5afc66c9db7e
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DA2A 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 16:47:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
792
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64070
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Mar 2024 17:47:08 GMT
include
p1.trrsf.com/api/includer/ 		10 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p1.trrsf.com/api/includer/include?component=app.menuNavbar&component=mod.userNavigation&component=mod.xRequest&country=br&env=prod&format=json&group=web&scheme=https&standalone=true
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
b9f1fc7792b82313e253595fe6756b5d35511d7ef2c907c385c0f2b99b355751

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length
980
x-includer-uuid
8df06a46-a789-4f01-a62d-46f1d0a25652
view
pagead2.googlesyndication.com/pcs/ Frame 007D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuk6YlMWKLu9U7Eq70dbl-ND6TaClgFS3Ch0_IdCdxAd4wgO_b7_OFc5h5VPGpCQmWmZ0vYDIxcOJWSL_3ViX3qRtuA48dF3elTLBNYItIApFzb_ds2PVblJuvk78KTHEMzq-T9SzPORAxx3T_aw4gaIS9ZVS2uXimgteUAicVJBASCixG8H_DeWZTtViZuBEKIaYu-p0DHEl51H2wdT1IMe0GrMPtuhthPFjEsfWVcok0R9Gopv10uO-Zx5fRrt9YTpvhltnQl6YNzth_weleAutk0GQWQYN1F20f0G34JAzMRMkzFQpT6Cm95EDXlu-dUoCeLC2KHkOvYIvyhaSYDv0Q8XAD-GbeinSI-HCSZI69Pl64PdtbNSnlwJTZpG3HfgJofEPNjxFySOjgm484WBwI7N9FBVO3c&sig=Cg0ArKJSzMHVPZxjKbOSEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/ Frame 007D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
11689
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Mar 2024 13:45:31 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 007D 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3969
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230037-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fqxm0kHhdTZREtXXYc5EOrcqJACc8sZjTf5gbfHoEK4kXLdwg4aki44mf1CCVpljG5BaE5evv4Or0owfPQ%2BmdTK%2FHdy%2BmIZwh1nb0LM65SviMrYG3l2O%2FIRoss26UXfaEoYzKrIlfF5wV4AYaQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
863557068c614d84-FRA
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 007D 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 16:47:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
792
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64070
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Mar 2024 17:47:08 GMT
mod-user-navigation.min.js
s1.trrsf.com/update-1674586315/fe/zaz-mod-user-navigation/_js/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1674586315/fe/zaz-mod-user-navigation/_js/mod-user-navigation.min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
20976fc8fe202fef3f3b01a7068bc9512b8c82162c61e6e2403f8b4eabcb54aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
gzip
last-modified
Tue, 24 Jan 2023 18:51:55 GMT
server
cloudflare-nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
862
mod-xrequest.min.js
s1.trrsf.com/update-1674586315/fe/zaz-mod-xrequest/_js/ 		19 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1674586315/fe/zaz-mod-xrequest/_js/mod-xrequest.min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
aa3b66cc46e7b15d1cdf78e3dc02b9088bc39ed3f230eec1e0678e7e3dd6488b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:55 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
5199
sizesstandalone.min.css
s1.trrsf.com/update-1674586307/fe/zaz-mod-icons/_css/ 		852 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1674586307/fe/zaz-mod-icons/_css/sizesstandalone.min.css
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
60030481be95c8052a5043bd0ebb13ef16e6254b6e86b8dfe5001590cfafc681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:47 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
165
view
pagead2.googlesyndication.com/pcs/ Frame DA2A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvfjOU_HumRJlP-FvJe9iYs7nj7HE3A90fqPOrT5wc9Twx9aoZhp4pTIxO9a_3sLbMhjB-hnkiQ4vQBjVOiFUHSPGLI3fNPo2FuD6UcY4Q8i47gW5biDNZh_BuNnPjY8coeMS9llo4pG2tnmB2T-EohFPK9j8eG_h5oyscLWTAGBUJurTVbPXF32YdwghITK0tZlFBeyLxqEvUAdToEYKcVjlHKERjtu_ZgTA-CCiGBFTOCJYjsm-wYu-2i6z-gE4wKe-Is4tPkejJxEdUVj1stE4XVoJCUMn8adZzEUgJvlvroVyUpnHxuI8ZIPgV2NEsbzj_w1ykObPoqJnDDAsnEseNGvCu227KodKZw9wxK3LeFH4ER7z8oVm59vWuJEuEIxp451pL_tzNiarsiCzh-v0M&sig=Cg0ArKJSzGvL22vSPmRfEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame DA2A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8204db637b326d64e43b3e7e9fc20fcd37aa3b52c3ba69e62262c3e48b7a8ff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
essentialstandalone.min.css
s1.trrsf.com/update-1709149640/fe/zaz-mod-icons/_css/ 		23 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1709149640/fe/zaz-mod-icons/_css/essentialstandalone.min.css
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
3d325dd246dfeaad4e6ccca70d572764fe927472ef47609d4be8bce6c5a43f0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
br
last-modified
Wed, 28 Feb 2024 19:47:20 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
1364
flagsstandalone.min.css
s1.trrsf.com/update-1709149641/fe/zaz-mod-icons/_css/ 		8 KB
845 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1709149641/fe/zaz-mod-icons/_css/flagsstandalone.min.css
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
bc6e9696c1fef9221482f92961d9e6fc1198177ac8a3bf967266cf9c259862c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
br
last-modified
Wed, 28 Feb 2024 19:47:21 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
536
shieldsstandalone.min.css
s1.trrsf.com/update-1709149644/fe/zaz-mod-icons/_css/ 		21 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1709149644/fe/zaz-mod-icons/_css/shieldsstandalone.min.css
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
48b02510a238c5e7a2a7c1ff436fb73a2d0bdae1f52a47f359dd7278a3ed0cf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
br
last-modified
Wed, 28 Feb 2024 19:47:24 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2329
menu-white.svg
s1.trrsf.com/update-1709148221/fe/zaz-mod-icons/svg/essential/ 		471 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.trrsf.com/update-1709148221/fe/zaz-mod-icons/svg/essential/menu-white.svg
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:336a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
abdfabd3bdc79d4892487c7a172e6081a2c240c50aa908799dea10f28eb7e428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:48 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
199
nmedianet.js
contextual.media.net/ Frame 007D 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8b5ebddde78bfa2bc096c6099a06089fc35a8884b1034c8df7bc6636df0558ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-mnt-h
21-g4dd
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 12 Mar 2024 17:00:21 GMT
server
Apache
etag
"183e7917d0308c9021f5a889f99cb923"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-s1v0
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
38368
expires
Tue, 12 Mar 2024 17:05:21 GMT
log
qsearch-a.akamaihd.net/ Frame 007D 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=b9e843859d4464f02e1a9307190f7f7e&algo=default&bdp=0.0800&bidfp=0.0000&capd=0&cc=DE&cid=8CUH5EN48&crid=101633514&ct=meerbeck&dc=eu_be&dfpbd=0.0576&dn=49b91259c8593348.ngrok.app&iwb=1&ogcbdp=0.0800&other_bids=0.08&other_prv=460&pbshr=100.0000&prdp=0.0576&requrl=49b91259c8593348.ngrok.app%2Ft2%2Fdesktop%2Finicio.php%2F&sat=1&sc=NI&sc_pvid=460&send_erpm=true&server=1&size=970x250&strg=harmony&totalTime=3208010&ugd=4&ver=9.6.5&cliIP=-646784512&time_stamp=2024-03-12%2017%3A00%3A20&seat=BID_API&itype=appnexus&req_id=2621654865619151449&dfp_bucket=0.0&level_base=0&bdp_bucket=0.1&app_type=appnexus&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.111%20Safari%2F537.36&br_ver=122.0.6261.111&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_appn_1-cid_0&ogerpm=0.0800&ogerpm_used=false&rawbid=0.0800&totalTimeBucket=3&as_cache=1&sub_bidder=196&current_day=2.0&current_hour=16&cut=28&floor_bucket=0.00&model_version=202402151342_generic_appn_1-cid_0&erpm_bucket=0.10&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=0&viewability=0.5200&stid=14507081&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=1.2545&bdp_wider_bucket=1&splid=14507081&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=30&advurl=mybestsearches.com%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&url_l1=t2&url_l2=desktop&clisp=rtb-common-7b49d9dfdf-zp8gr.BE&dmm_m1=2024-03-12%2017%3A00%3A20.340428193&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0800&adtyp=0&gpid_format=DEFAULT&gpid=14507081&gpid_sent=true&pst=EMS&bcrid=435408724&erpm_mult=1.000000&zone=b&rc=-1&sfm_key=mowx_System_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=16&wsip=mowx-599cf69fc7-rlxlt&rel_cut_bkt=30&djvm=9.5.8&optimal_cut=0.0&cut_cluster=0.0
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Mar 2024 17:00:21 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 12 Mar 2024 17:00:21 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 007D 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-25.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Tue, 12 Mar 2024 17:00:20 GMT
x-guploader-uploadid
ABPtcPrDBFm7o7QKmX4XaSB8aYt3ZqnHxngeTSt83ozGJDQNyOKFWA_aTOKADcSChCGSVn_JGg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Tue, 12 Mar 2024 18:00:20 GMT
trk.js
cdn.adnxs.com/v/s/243/ Frame 007D 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/243/trk.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
82da873956888d3a0a1db331a301c9b95de6937c0acf64c33a2c9fc711b7fb54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Expires
Thu, 06 Mar 2025 13:25:27 GMT
Date
Tue, 12 Mar 2024 17:00:20 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
531293
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21945-LGA, cache-fra-etou8220095-FRA
Last-Modified
Wed, 06 Mar 2024 13:23:40 GMT
Server
AkamaiNetStorage
X-Timer
S1710262821.994947,VS0,VE0
ETag
"8ddbd8bafc2492a69e46a808a5e2a727:1709731420.917212"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
7, 476863
it
fra1-ib.adnxs.com/ Frame 007D 		0
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252F49b91259c8593348.ngrok.app%252FT2%252Fdesktop%252Finicio.php%253Fok%253DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&e=wqT_3QK0Bei0AgAAAwDWAAUBCKSUwq8GEI6o0sOHgoW8NBgAKjYJkst_SL99rT8RC5NOyd73pD8ZAAAAYLgeBUAhCw0SACkRJPQCAjEAAAAA16PQPzDJuPUGOPpPQJUJSGBQ1J7PzwFYs8FrYABo86GFAXjBhgaAAQGKAQNVU0SSAQNCUkyYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC4qNO6gJ8aHR0cHM6Ly80OWI5MTI1OWM4NTkzMzQ4Lm5ncm9rLmFwcC9UMi9kZXNrdG9wL2luaWNpby5waHA_b2s9QUdSdFZhdkNneFU4RHJSVTNUT1EwSDdLc3dBbzNsSU1ETHJKYk5yeTF6bTJWTERocXBSWVdVbW9kWm1ycnVLMYADAIgDAZADAJgDF6ADAaoDQRIYMjYyMTY1NDg2NTYxOTE1MTQ0OV9zYmlkGhMzNzgwNzkzOTQ4MTUwNDY5NjQ2Igk0MzU0MDg3MjQqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4yNagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATUns_PAYgFAZgFAKAF2dSd59ym_7AkwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFjJtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAAAAAAAAAAAQQJ0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfBhgbSBw0JASIBAQEmDNoHBggFCbjgBwDqBwIIAPAH384BiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=85df0b1d5f3a302fa5b56bb78d414562e4d8c5e1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:20 GMT
an-x-request-uuid
e0d5e290-932c-4ff0-877f-0bfe27399089
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.25; 217.114.218.25; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
app-teams.min.js
s1.trrsf.com/update-1674586301/fe/zaz-app-teams/_js/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1674586301/fe/zaz-app-teams/_js/app-teams.min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
0442c95ddc83162ac9b126fbc73882a437803a7ebef2718bc7ed897ba44950fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:41 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2021
theme-defaultstandalone.min.css
s1.trrsf.com/update-1674586301/fe/zaz-app-teams/_css/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1674586301/fe/zaz-app-teams/_css/theme-defaultstandalone.min.css
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
d26480a38c1de148603009f902429433aa8ca95a8af1b72be0fae1e3ada0d002

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:20 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:41 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
870
menu-navbar.min.js
s1.trrsf.com/update-1674586290/fe/zaz-app-menu-navbar/_js/ 		23 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1674586290/fe/zaz-app-menu-navbar/_js/menu-navbar.min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
c742fe1454397b333346b9fe2ce4b097418f7403a3150261a904a2b54b89e005

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:21 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:30 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
5648
theme-default.min.css
s1.trrsf.com/update-1674586290/fe/zaz-app-menu-navbar/_css/ 		28 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.trrsf.com/update-1674586290/fe/zaz-app-menu-navbar/_css/theme-default.min.css
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
2aef9d5cd3b7f763135c7a2e5065923c4c69e2b8112679206d0aba6fb862bff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:21 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:30 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
3353
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame D841 		74 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2356&&kkdd=33%7CH%7C9n*A&555=NyO0UC1lJHM3x1Mdovpvv~Ie35Qj)!yqvebfl4!OeyRF91po*B58gVH0t!NvVImnHi!-9uWFkM1og8JHRvzt.VVtj~xquI.*xuIW5uZ8!MQArQPXx*MCy1MgwtEINVf(l.Pr2OMPUxaZwbNSIMlKEd*F8*xpe-avWztarwgf1WV%3D&*E=grgVjYjojgCCowgggoo&lWf5=g&kAf-=V&KW*=ggoV&aAKp=XTwY&KEW=oHvYjtvoc&KfKW=TW3Hb4FSCHJ0IprIvYNyBi%3D%3D&K5EW=gCCCgTjTY&AE8p=(rVnjCV&KK=Pc&AK=Lc&KmNk=Lixt7S)&fEW=oR7CyXdOT&afEW=dCr4cVH&maafA=g&NAp=C&BZ=g&2lW=T&-Wag=oHvLCcSTo&-Waj=gVgYwwCgT&qW-a-=AWj%3DN2BB_E25BeB%3DjV_Ulp5fk%3DVsVo_*ZepnK%3DVsCj_*EAeAW%3Dj(o_WKj%3Dg_q-a%3DV%2CV%2CV_AKW%3Dam_*e-AN%3DwggVw_*Bj5eAW%3DjVjTVwgjgg_E25Beq%3Dgoojswj_25BeaIK%3DV_AaW%3D%2Fgjgg%2Fq5sap55-sk-EB%2FmUkp%2FK-qpKpE5-_B-Aa%3D_*EAe25Beq%3DVsrY_Ef%3Dw)dUM7_!qq%3DV_*EAe25BeB%3DTV_5EEf2-%3DV%2CV_pa%3Djj_5K%3Dg_5fAeAW%3DjVjTVwgjgj_*EAeq%3DCwYsoY_25Beq%3DVsCw_*Bj5e25Beq%3DV_*Bj5e25Be*E%3DTcV_25Bea*E%3DV_pKfepp5%3Dww_25BeB%3DjV_lK-a%3D9gV_qq%3Dg(Y_**%3DV_Bj5eq%3DgVVV_p5fk%3DVsVo_*Bj5e25BeIK%3DVcV_qk%3Dg_-wfeq%3Drsj(%2CjVsTj_AEW%3DgCCCgTjTY_AW%3DV_2EW%3DjjWC3i!bw3mffk~axx_qaW%3DgYCgogoYV(YwgYroVTjYC(YTTojjCC(YorVTCwgrT(jV(CrrTVjjVwCTwToor(YjgjwjjjTYYrVowCVjw(jYoVgojrYg(Tj(ggYoTYVo_*Z2%3DVsCj_WjfeB%3DgV_wfK!%3D(rjsrT_2Ek%3DV_WkkeAa5l%3Dm-5kUNz_*5e25Beq%3DrCCsgY_Wjfeq%3DVs(o_UlWjfeq%3DVs(Y_*25Beq%3DVsrC_AA%3DSi_KK%3DPc_2EZ%3D9g_Kp%3DV_5fAeq%3DjVsTj_*25BeB%3DjV_H4%3Dwgjr_Iqe2K%3D9j_NaA%3Dg_IqeKKIA%3D9j_Ka%3Dp5!25a_qAAe1d~%3Dtu%2CScP_pnfAKU5p%3D9g_q-AEAj%3Dg(Y_qWa%3DgrgVjYjojV_q-AEAg%3Dg(Y_EAxp!%3DV_E*25Beq%3Dgsww_EAE!%3DV_qEW%3DVsVo_WK%3Do_*Bj5eq%3Drsj(_E*25BeB%3DjV_KqWf%3DVsVCr_EazfpeEW%3DgY_ApBBp5ea-leEW%3D%2Fgjgg%2Fq5sap55-sk-EB%2FmUkp%2FK-qpKpE5-_A2ffBzea-leEW%3DgTCVrVog_*EpZ-qEBEaz%3DVsCjgC(o_fUA%3DV_K-55Ep54W%3DV_UlqEW%3DVsVoVVVV_q!B5%3DVsVVV_A2EW%3D_WaK%3Dp2eqp_Wkkep5fk%3D!-BAp_Wkk%3Dm-5kUNz_qWfK-fW%3DV_W-Bl%3DWp!-2Ba_ENAB%3DV_AUqf%3D_makB%3Dg_WK2a%3DwV_WUlq%3DV9g_EqK%3Dg_NA8%3Dg_alA%3D(rVnjCV_qAq%3Dg_qAf%3D9g_akn%3Dor_knqIa%3DV&Na*=V&kkk=2bUAS!4P0cI%3D&EZ=(rV&EN4!5=g&qW54W=TYV&qEW=wT(VYw&kK!=Yojwr&zWAf5=g&I-af5p=g&I-aqEW=9gVw&K-WUk-EN=a8x9mXKB9X95fYtwKnz4ocutxTl1T9IZ5Ue-8.rtycv%3D&zfBf=g&EAEW=C&-W*=tz%20upAa%20yp-5KmpA&-Ka=Ru4iiu%2FS2uTlS!l5u8N05ST8-u!l0-ww2-p&flEW=fVrYCwCwooTajVjTVwgjgrVV&AABW=%7B%22AAEf%22%3A%22jgrsggTsjgosV%22%2C%22AAKK%22%3A%22Pc%22%2C%22AAAK%22%3A%22S4%22%2C%22AAKaz%22%3A%22kpp5qpKI%22%7D&makBA5K=g&sflct=8353880&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4e8b75c0a681bbed4ec5d56a391044e626022395ee65f319c0a13db0b9f8d4ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
26100
content-type
text/html
date
Tue, 12 Mar 2024 17:00:21 GMT
expires
Tue, 12 Mar 2024 17:00:21 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-ftd9
checksync.php
contextual.media.net/ Frame E9E5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
42098c4a3065cc6e878a21d3ec80c68f28238e106bc790ca9c4e80a054abf456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
5952
content-type
text/html; charset=UTF-8
date
Tue, 12 Mar 2024 17:00:21 GMT
expires
Thu, 14 Mar 2024 17:00:21 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 007D 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2249&&vgd_cdv=1180&vgd_cage=4&vgd_tsce=L436&vgd_mcf=68237&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU62MU8E&crid=155514246&vi=1710262821558311188&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785191&r=1710262821189&rrr=nSQqo5KgVCZFRKZT8UeUUWk_FrJ2YfSbU_XpgIfQ_SPG-Ke8vlrz10CqMfnU0khxCAfa-BdGmZK81zVCPUyMj00M2WRbBkjvRBkdrBwzfZJs7JDLRvZ5SKZ13Mikn0p9gjD7uQZDoRtw3XnNkZgciTvGzvRe_atUdyMt731pKd0%3D&requrl=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9W~eBMJ-Nv9.Xf~e8QMQOvfiW~ONfvu~G17v9%2C9%2C9~QNOv7w~eM1QzvAuu9A~ejfLMQOvf9fH9Aufuu~8xLjMGvuWWf.Af~xLjM7UNv9~Q7OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~j1Q7v~e8QMxLjMGv9.hF~8EvA3_m2a~kGGv9~e8QMxLjMjvH9~L88Ex1v9%2C9~J7vff~LNvu~LEQMQOvf9fH9Aufuf~e8QMGvXAF.WF~xLjMGv9.XA~ejfLMxLjMGv9~ejfLMxLjMe8vH49~xLjM7e8v9~JNEMJJLvAA~xLjMjvf9~yN17vou9~GGvuiF~eev9~jfLMGvu999~JLEYv9.9W~ejfLMxLjMUNv949~GYvu~1AEMGvh.fi%2Cf9.Hf~Q8OvuXXXuHfHF~QOv9~x8OvffOXsKktAswEEYp7DD~G7OvuFXuWuWF9iFAuFhW9HfFXiFHHWffXXiFWh9HXAuhHif9iXhhH9ff9AXHAHWWhiFfufAfffHFFh9WAX9fAifFW9uWfhFuiHfiuuFWHF9W~eBxv9.Xf~OfEMjvu9~AENkvihf.hH~x8Yv9~OYYMQ7Lyvw1LYmz5~eLMxLjMGvhXX.uF~OfEMGv9.iW~myOfEMGv9.iF~exLjMGv9.hX~QQvIK~NNvr4~x8Bvou~NJv9~LEQMGvf9.Hf~exLjMjvf9~%3DVvAufh~UGMxNvof~z7Qvu~UGMNNUQvof~N7vJLkxL7~GQQMC_pvcR%2CI4r~J-EQNmLJvou~G1Q8QfvuiF~GO7vuhu9fFfWf9~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.AA~8Q8kv9~G8Ov9.9W~ONvW~ejfLMGvh.fi~8exLjMjvf9~NGOEv9.9Xh~875EJM8OvuF~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~QxEEj5M71yM8OvuHX9h9Wu~e8JB1G8j875v9.XfuXiW~EmQv9~N1LL8JLVOv9~myG8Ov9.9W9999~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvih9-fX9~GQGvu~GQEvou~7Y-vWh~Y-GU7v9&ssld=%7B%22QQ8E%22%3A%22fuh.uuH.fuW.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22IV%22%2C%22QQN75%22%3A%22YJJLGJNU%22%7D&vgd_bid=349063&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=31103&vgd_rakh=1710262821179787298&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_pgid=p0765353884t202403121700&vgd_pgids=1&vgd_uspa=0&hvsid=00001710262821187036481827844886&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 12 Mar 2024 17:00:21 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
35
expires
Tue, 12 Mar 2024 17:00:21 GMT
checksync.php
contextual.media.net/ Frame C849 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C229%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cdaaca61ef4448c04d2af9a6568b768bf43280ac3e4557aa14a073c7c289e52c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
8461
content-type
text/html; charset=UTF-8
date
Tue, 12 Mar 2024 17:00:21 GMT
expires
Thu, 14 Mar 2024 17:00:21 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 007D 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6136&logid=awlog&lper=1&itypeid=16&itype=APPNEXUS&itype_override=APPNEXUS&cc=DE&cid=8CUH5EN48&reqid=2621654865619151449&vid=2621654865619151449&dn=49b91259c8593348.ngrok.app&rawDn=49b91259c8593348.ngrok.app&requrl_dn=49b91259c8593348.ngrok.app&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=1&sc=NI&ct=meerbeck&zip=31715&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-common-7b49d9dfdf-zp8gr.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=120&gdpr=1&gpp_present=false&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&ortb_device_id=2&asn=31103&sckfl=0&sckfl2=0&smbrid=10234&usp_status=0&usp_enf=1&mspa_enforced=true&pexid=APPNEXUS-1426641&geoll=false&is_ortb=true&s_ip=37.252.171.0&s_city=frankfurt+am+main&commit_id=125d5575&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-03-12+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=38&req_tid_present=true&pvid=460&prvAccId=155514246&prvApiId=8CU62MU8E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=101633514&prspt=headerBid&prvReqId=38147993197761_1148088328_1016335144601&size=970x250&chnl=HARMONY&bdp=0.080000&bid_uuid=2d27280343a3844303c3e037cb26c6e5&cbdp=0.057600&og_cbdp=0.080000&ogbdp=0.08&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fmybestsearches.com&dfpBd=0.06&dsrc=-2&dp=0&dbf=1&epc=155514246&s=1&snm=SUCCESS&pcrid=8CU62MU8E-155514246-11-10&tpbTkn=false&exid=218&bidflr=0.000&pbidflr=0.000&basebidflr=0.000&opbidflr=0.000&spbf=0&viewability=52&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1710262820339&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.08&dmm_erpm=true&dmm_ogerpm=false&bcrid=435408724&strg=HARMONY&stagid=14507081&vls=0&scrid=435408724&mang=1&pvdTmax=87&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&apTags%3C%3E=75&dt=O&mx_svc_mode=grpc&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_badv_count=20&mx_epbc=8CU62MU8E&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_dup_profile=0&mx_bsAlgoBucket=MARK_BLOCK&mx_dup_algo=NOT_APPLICABLE&mx_bsVerdictAlgo=V1&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_bsAlgoProfile=NOT_ENOUGH_DATA&mx_aurl_hc=0&mx_aabpc=0&mx_isLossNtf=false&mx_ssBucket=0&mx_bcat_count=0&mx_gpid_sent=true&mx_commit_id=131e56a56e&mx_exp_tokens%3C%3E=VidThrtl%3ADEFAULT%23%23RLReqTagImpAgg%3ARLReqImpAgg%23%23ctx_canonical_exp%3Atrue%23%23loss_notification_exp%3ADEFAULT%23%23NedCkflWithData%3Aall_blk%23%23duplication-actual%3ACONTROL%23%23VSIDWithFallbackDummy%3Aac1%23%23duplication%3AMODERATE%23%23BF_store%3AGCS%23%23BlacklistBidderPubExp%3Ablk%23%23IPBLOCK_DM%3AGCS%23%23RealTimeValidBid%3A1hr%23%23multi-sc%3ADEFAULT%23%23ProfileUpgradationNew%3ACURRENT_PROFILE%23%23prll_req%3Atrue&mx_sdr=false&mx_sua_cvg=0000000&mx_tid_sent=false&mx_SPRIG=0&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sid=8CU62MU8E&mx_SC=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_divid=14507081&mx_tgs=970x250&mx_cklsrc=OTHERS&mx_bsMarkingVerdict%3C%3E=V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA&mx_IAB2=0&mx_dup_bucket=NOT_APPLICABLE&mx_PC=1&mx_UCC=1&mx_gpid=14507081&mx_bsWhitelistBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_isNed=1&is_video_cmp=false&acid=b9e843859d4464f02e1a9307190f7f7e&rtime=25.0&wsip=mowx-599cf69fc7-rlxlt&ltime=30.0&act=headerBid&abs=0%7C0%7Cxtmax%3D120%7Cbrr%3D0&adtypes=0&impId=3780793948150469646&reftime=15000&reftype=0&dsid=14507081&insl=0&gpid=%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira&mowxReqId=b9e843859d4464f02e1a9307190f7f7e_1&ecp=2.64&req_size=970x90%7C970x250%7C728x90&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=0&adpos=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=14507081&supplyTagId=14507081&mnrfc=-1&v_plcmt_override=0&v_placement_override=0&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2024-03-12+17%3A00%3A20&__expireat=1710263420593&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.080000&lo_cbdp=0.057600&actltime=30&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.08~vw_exc%3D0.52~vis_sd%3D298~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dth~v_asn%3D31103~vl2r_sd%3D2024031211~iurl_b%3D1882.32~url_tkc%3D0~std%3D%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira~last%3D~vis_url_b%3D0.76~ip%3D3YToZO~fbb%3D0~vis_url_l%3D40~riipua%3D0%2C0~et%3D22~rc%3D1~rps_sd%3D2024031212~vis_b%3D536.86~url_b%3D0.53~vl2r_url_b%3D0~vl2r_url_vi%3D4E0~url_tvi%3D0~ecp_eer%3D33~url_l%3D20~gcat%3D-10~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.08~vl2r_url_kc%3D0E0~bm%3D1~a3p_b%3D7.29%2C20.42~sid%3D155514246~sd%3D0~uid%3D22d5FAfX3FhppmWtRR~btd%3D16518186096316780426596448225596870453174920957740220354348879621232224667083502392680182761942911684608~vwu%3D0.52~d2p_l%3D10~3pcf%3D972.74~uim%3D0~dmm_strg%3Dharmony~vr_url_b%3D755.16~d2p_b%3D0.98~ogd2p_b%3D0.96~vurl_b%3D0.75~ss%3DNA~cc%3DDE~uiw%3D-1~ce%3D0~rps_b%3D20.42~vurl_l%3D20~CI%3D3127~kb_uc%3D-2~nts%3D1~kb_ccks%3D-2~ct%3Derfurt~bss_KTW%3DMB%2CNED~expscore%3D-1~basis2%3D196~bdt%3D1710262820~basis1%3D196~isRef%3D0~ivurl_b%3D1.33~isif%3D0~bid%3D0.08~dc%3D8~vl2r_b%3D7.29~ivurl_l%3D20~cbdp%3D0.057%7Eitype_id%3D16%7Eseller_tag_id%3D%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira%7Esupply_tag_id%3D14507081%7Eviewability%3D0.521598%7Epos%3D0%7EcarrierId%3D0%7Eogbid%3D0.080000%7Ebflr%3D0.000%7Esuid%3D%7Edtc%3Deu_be%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Ddefault%7Einsl%3D0%7Esobp%3D%7Ehtml%3D1%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~nsz%3D1~tgs%3D970x250~bsb%3D1~bsp%3D-1~tmx%3D87~mxbkt%3D0&utime=858&sf=0&cpr=0.5153292653232115
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:21 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Mar 2024 17:00:21 GMT
rd_log
fra1-ib.adnxs.com/ Frame 007D 		0
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&e=wqT_3QKhB-ihAwAAAwDWAAUBCKSUwq8GEI6o0sOHgoW8NBgAKjYJkst_SL99rT8RC5NOyd73pD8ZAAAAYLgeBUAhCw0SACkRJPSBATEAAAAA16PQPzDJuPUGOPpPQJUJSGBQ1J7PzwFYs8FrYABo86GFAXjBhgaAAQGKAQNVU0SSAQNCUkyYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC4qNO6gJ8aHR0cHM6Ly80OWI5MTI1OWM4NTkzMzQ4Lm5ncm9rLmFwcC9UMi9kZXNrdG9wL2luaWNpby5waHA_b2s9QUdSdFZhdkNneFU4RHJSVTNUT1EwSDdLc3dBbzNsSU1ETHJKYk5yeTF6bTJWTERocXBSWVdVbW9kWm1ycnVLMYADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMjWoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAE1J7PzwGIBQGYBQCgBdnUnefcpv-wJMAFAMkFAAAAAAAA8D_SBQkJAAAAIYHQANgFAeAFAeoFFAoQVGVycmFNYWlsR2lnYW50ZRIA6gUWChJFLW1haWxjb21hbnRpdmlydXMBGUwOCgh2aWV3cG9ydBICczHqBR4KGhUqBHN1ARgoZXRlbGVmb25pY28BMlwPCgZmbGVkZ2USBWZhbHNl6gULCgd3ZWIBXgEgCBUKERVBHGFudGlzcGFtARgMCQoFZREkCBkKFRkkJGNlc3Nvc2VndXIFYBAUChBFLQEpBGNvEYEBPwgNCgkBTgB2EblUEAoKY29ubmVjdGlvbhICNGfqBRMKDwk6HHByb3RlZ2lkBVAsEgoJdGVzdGZsb29yFbMIDAoIAU4JnFzwBYybSvoFBAgAEACQBgCYBgC4BgDBBgAFASzwP9AGr_EB2gYWChAFER0BdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwYYG0gcNCREpASYI2gcGAV6gGADgBwDqBwIIAPAH384BiggCEACVCAAAgD-YCAHACADSCAYIABAAGAA.&s=03968d98790d4cff470d9c95cc78553081336d0d&bdref=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&bdtop=true&bdifs=1&bstk=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1,https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:21 GMT
an-x-request-uuid
df65feb1-8975-4701-9b4b-99a7f7dfe57f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.25; 217.114.218.25; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
pagead2.googlesyndication.com/pcs/ Frame 007D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssPL2bM50vjOxqLKJPU9PYEy9Q_nbefquoPNle-0N068m7LOBVL4cNlkFQ8yMEp2758nwEdFuQI4MhznVxw8wqqSmuAsH2D91YlzyKajLSAeDPbfywKTkfwHv0Mtk2VCN2XhUgWYlbJq9CaqduPvmm54hJG9eDfKAit-9gHXBJ6lu8uAgb7hzGMPOoNB2A0TrRoAKQeYL-Lub8npmIeYZtChyQO4W4kdXk3GL6YuTPSfTWRG_vH-WVoo0amOtpiGjI5njzfqG_ilenqABS0QVEY6u5C327QbkAMfTiEaBLQDkXHW1vyfL_rNpMWuy2lYRrHlNFgMmcEVd0_CUPVzHLny5CaiUSey5rFob0mPwFnaeZbp_0hWU3A3FvYPGM9EbivYfKoG-2ie_Qp8IoTY8Pu9K5calLmBuAPbjg&sig=Cg0ArKJSzAsgnKHxQpq2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 007D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f956aaf23064b36b182ca46c25be812025e240b57964f078896efbdd8ce6a622

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
vevent
fra1-ib.adnxs.com/ Frame 007D 		0
993 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&e=wqT_3QK0Bei0AgAAAwDWAAUBCKSUwq8GEI6o0sOHgoW8NBgAKjYJkst_SL99rT8RC5NOyd73pD8ZAAAAYLgeBUAhCw0SACkRJPQCAjEAAAAA16PQPzDJuPUGOPpPQJUJSGBQ1J7PzwFYs8FrYABo86GFAXjBhgaAAQGKAQNVU0SSAQNCUkyYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC4qNO6gJ8aHR0cHM6Ly80OWI5MTI1OWM4NTkzMzQ4Lm5ncm9rLmFwcC9UMi9kZXNrdG9wL2luaWNpby5waHA_b2s9QUdSdFZhdkNneFU4RHJSVTNUT1EwSDdLc3dBbzNsSU1ETHJKYk5yeTF6bTJWTERocXBSWVdVbW9kWm1ycnVLMYADAIgDAZADAJgDF6ADAaoDQRIYMjYyMTY1NDg2NTYxOTE1MTQ0OV9zYmlkGhMzNzgwNzkzOTQ4MTUwNDY5NjQ2Igk0MzU0MDg3MjQqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4yNagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATUns_PAYgFAZgFAKAF2dSd59ym_7AkwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFjJtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAAAAAAAAAAAQQJ0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfBhgbSBw0JASIBAQEmDNoHBggFCbjgBwDqBwIIAPAH384BiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=85df0b1d5f3a302fa5b56bb78d414562e4d8c5e1&type=nv&nvt=5&jm=1003&px=315&py=711&bw=970&bh=250&sid=1053123391653239304&vd=ct~0|rr~0&sv=243&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14507081&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/243/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:21 GMT
an-x-request-uuid
6840fad1-c492-41f8-9822-c84dfe1e3ddd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.25; 217.114.218.25; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame D841 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D841 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Semibold.woff
contextual.media.net/__media__/fonts/OpenSans_Semibold/ Frame D841 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2356&&kkdd=33%7CH%7C9n*A&555=NyO0UC1lJHM3x1Mdovpvv~Ie35Qj)!yqvebfl4!OeyRF91po*B58gVH0t!NvVImnHi!-9uWFkM1og8JHRvzt.VVtj~xquI.*xuIW5uZ8!MQArQPXx*MCy1MgwtEINVf(l.Pr2OMPUxaZwbNSIMlKEd*F8*xpe-avWztarwgf1WV%3D&*E=grgVjYjojgCCowgggoo&lWf5=g&kAf-=V&KW*=ggoV&aAKp=XTwY&KEW=oHvYjtvoc&KfKW=TW3Hb4FSCHJ0IprIvYNyBi%3D%3D&K5EW=gCCCgTjTY&AE8p=(rVnjCV&KK=Pc&AK=Lc&KmNk=Lixt7S)&fEW=oR7CyXdOT&afEW=dCr4cVH&maafA=g&NAp=C&BZ=g&2lW=T&-Wag=oHvLCcSTo&-Waj=gVgYwwCgT&qW-a-=AWj%3DN2BB_E25BeB%3DjV_Ulp5fk%3DVsVo_*ZepnK%3DVsCj_*EAeAW%3Dj(o_WKj%3Dg_q-a%3DV%2CV%2CV_AKW%3Dam_*e-AN%3DwggVw_*Bj5eAW%3DjVjTVwgjgg_E25Beq%3Dgoojswj_25BeaIK%3DV_AaW%3D%2Fgjgg%2Fq5sap55-sk-EB%2FmUkp%2FK-qpKpE5-_B-Aa%3D_*EAe25Beq%3DVsrY_Ef%3Dw)dUM7_!qq%3DV_*EAe25BeB%3DTV_5EEf2-%3DV%2CV_pa%3Djj_5K%3Dg_5fAeAW%3DjVjTVwgjgj_*EAeq%3DCwYsoY_25Beq%3DVsCw_*Bj5e25Beq%3DV_*Bj5e25Be*E%3DTcV_25Bea*E%3DV_pKfepp5%3Dww_25BeB%3DjV_lK-a%3D9gV_qq%3Dg(Y_**%3DV_Bj5eq%3DgVVV_p5fk%3DVsVo_*Bj5e25BeIK%3DVcV_qk%3Dg_-wfeq%3Drsj(%2CjVsTj_AEW%3DgCCCgTjTY_AW%3DV_2EW%3DjjWC3i!bw3mffk~axx_qaW%3DgYCgogoYV(YwgYroVTjYC(YTTojjCC(YorVTCwgrT(jV(CrrTVjjVwCTwToor(YjgjwjjjTYYrVowCVjw(jYoVgojrYg(Tj(ggYoTYVo_*Z2%3DVsCj_WjfeB%3DgV_wfK!%3D(rjsrT_2Ek%3DV_WkkeAa5l%3Dm-5kUNz_*5e25Beq%3DrCCsgY_Wjfeq%3DVs(o_UlWjfeq%3DVs(Y_*25Beq%3DVsrC_AA%3DSi_KK%3DPc_2EZ%3D9g_Kp%3DV_5fAeq%3DjVsTj_*25BeB%3DjV_H4%3Dwgjr_Iqe2K%3D9j_NaA%3Dg_IqeKKIA%3D9j_Ka%3Dp5!25a_qAAe1d~%3Dtu%2CScP_pnfAKU5p%3D9g_q-AEAj%3Dg(Y_qWa%3DgrgVjYjojV_q-AEAg%3Dg(Y_EAxp!%3DV_E*25Beq%3Dgsww_EAE!%3DV_qEW%3DVsVo_WK%3Do_*Bj5eq%3Drsj(_E*25BeB%3DjV_KqWf%3DVsVCr_EazfpeEW%3DgY_ApBBp5ea-leEW%3D%2Fgjgg%2Fq5sap55-sk-EB%2FmUkp%2FK-qpKpE5-_A2ffBzea-leEW%3DgTCVrVog_*EpZ-qEBEaz%3DVsCjgC(o_fUA%3DV_K-55Ep54W%3DV_UlqEW%3DVsVoVVVV_q!B5%3DVsVVV_A2EW%3D_WaK%3Dp2eqp_Wkkep5fk%3D!-BAp_Wkk%3Dm-5kUNz_qWfK-fW%3DV_W-Bl%3DWp!-2Ba_ENAB%3DV_AUqf%3D_makB%3Dg_WK2a%3DwV_WUlq%3DV9g_EqK%3Dg_NA8%3Dg_alA%3D(rVnjCV_qAq%3Dg_qAf%3D9g_akn%3Dor_knqIa%3DV&Na*=V&kkk=2bUAS!4P0cI%3D&EZ=(rV&EN4!5=g&qW54W=TYV&qEW=wT(VYw&kK!=Yojwr&zWAf5=g&I-af5p=g&I-aqEW=9gVw&K-WUk-EN=a8x9mXKB9X95fYtwKnz4ocutxTl1T9IZ5Ue-8.rtycv%3D&zfBf=g&EAEW=C&-W*=tz%20upAa%20yp-5KmpA&-Ka=Ru4iiu%2FS2uTlS!l5u8N05ST8-u!l0-ww2-p&flEW=fVrYCwCwooTajVjTVwgjgrVV&AABW=%7B%22AAEf%22%3A%22jgrsggTsjgosV%22%2C%22AAKK%22%3A%22Pc%22%2C%22AAAK%22%3A%22S4%22%2C%22AAKaz%22%3A%22kpp5qpKI%22%7D&makBA5K=g&sflct=8353880&ure=1
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
69.192.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2356&&kkdd=33%7CH%7C9n*A&555=NyO0UC1lJHM3x1Mdovpvv~Ie35Qj)!yqvebfl4!OeyRF91po*B58gVH0t!NvVImnHi!-9uWFkM1og8JHRvzt.VVtj~xquI.*xuIW5uZ8!MQArQPXx*MCy1MgwtEINVf(l.Pr2OMPUxaZwbNSIMlKEd*F8*xpe-avWztarwgf1WV%3D&*E=grgVjYjojgCCowgggoo&lWf5=g&kAf-=V&KW*=ggoV&aAKp=XTwY&KEW=oHvYjtvoc&KfKW=TW3Hb4FSCHJ0IprIvYNyBi%3D%3D&K5EW=gCCCgTjTY&AE8p=(rVnjCV&KK=Pc&AK=Lc&KmNk=Lixt7S)&fEW=oR7CyXdOT&afEW=dCr4cVH&maafA=g&NAp=C&BZ=g&2lW=T&-Wag=oHvLCcSTo&-Waj=gVgYwwCgT&qW-a-=AWj%3DN2BB_E25BeB%3DjV_Ulp5fk%3DVsVo_*ZepnK%3DVsCj_*EAeAW%3Dj(o_WKj%3Dg_q-a%3DV%2CV%2CV_AKW%3Dam_*e-AN%3DwggVw_*Bj5eAW%3DjVjTVwgjgg_E25Beq%3Dgoojswj_25BeaIK%3DV_AaW%3D%2Fgjgg%2Fq5sap55-sk-EB%2FmUkp%2FK-qpKpE5-_B-Aa%3D_*EAe25Beq%3DVsrY_Ef%3Dw)dUM7_!qq%3DV_*EAe25BeB%3DTV_5EEf2-%3DV%2CV_pa%3Djj_5K%3Dg_5fAeAW%3DjVjTVwgjgj_*EAeq%3DCwYsoY_25Beq%3DVsCw_*Bj5e25Beq%3DV_*Bj5e25Be*E%3DTcV_25Bea*E%3DV_pKfepp5%3Dww_25BeB%3DjV_lK-a%3D9gV_qq%3Dg(Y_**%3DV_Bj5eq%3DgVVV_p5fk%3DVsVo_*Bj5e25BeIK%3DVcV_qk%3Dg_-wfeq%3Drsj(%2CjVsTj_AEW%3DgCCCgTjTY_AW%3DV_2EW%3DjjWC3i!bw3mffk~axx_qaW%3DgYCgogoYV(YwgYroVTjYC(YTTojjCC(YorVTCwgrT(jV(CrrTVjjVwCTwToor(YjgjwjjjTYYrVowCVjw(jYoVgojrYg(Tj(ggYoTYVo_*Z2%3DVsCj_WjfeB%3DgV_wfK!%3D(rjsrT_2Ek%3DV_WkkeAa5l%3Dm-5kUNz_*5e25Beq%3DrCCsgY_Wjfeq%3DVs(o_UlWjfeq%3DVs(Y_*25Beq%3DVsrC_AA%3DSi_KK%3DPc_2EZ%3D9g_Kp%3DV_5fAeq%3DjVsTj_*25BeB%3DjV_H4%3Dwgjr_Iqe2K%3D9j_NaA%3Dg_IqeKKIA%3D9j_Ka%3Dp5!25a_qAAe1d~%3Dtu%2CScP_pnfAKU5p%3D9g_q-AEAj%3Dg(Y_qWa%3DgrgVjYjojV_q-AEAg%3Dg(Y_EAxp!%3DV_E*25Beq%3Dgsww_EAE!%3DV_qEW%3DVsVo_WK%3Do_*Bj5eq%3Drsj(_E*25BeB%3DjV_KqWf%3DVsVCr_EazfpeEW%3DgY_ApBBp5ea-leEW%3D%2Fgjgg%2Fq5sap55-sk-EB%2FmUkp%2FK-qpKpE5-_A2ffBzea-leEW%3DgTCVrVog_*EpZ-qEBEaz%3DVsCjgC(o_fUA%3DV_K-55Ep54W%3DV_UlqEW%3DVsVoVVVV_q!B5%3DVsVVV_A2EW%3D_WaK%3Dp2eqp_Wkkep5fk%3D!-BAp_Wkk%3Dm-5kUNz_qWfK-fW%3DV_W-Bl%3DWp!-2Ba_ENAB%3DV_AUqf%3D_makB%3Dg_WK2a%3DwV_WUlq%3DV9g_EqK%3Dg_NA8%3Dg_alA%3D(rVnjCV_qAq%3Dg_qAf%3D9g_akn%3Dor_knqIa%3DV&Na*=V&kkk=2bUAS!4P0cI%3D&EZ=(rV&EN4!5=g&qW54W=TYV&qEW=wT(VYw&kK!=Yojwr&zWAf5=g&I-af5p=g&I-aqEW=9gVw&K-WUk-EN=a8x9mXKB9X95fYtwKnz4ocutxTl1T9IZ5Ue-8.rtycv%3D&zfBf=g&EAEW=C&-W*=tz%20upAa%20yp-5KmpA&-Ka=Ru4iiu%2FS2uTlS!l5u8N05ST8-u!l0-ww2-p&flEW=fVrYCwCwooTajVjTVwgjgrVV&AABW=%7B%22AAEf%22%3A%22jgrsggTsjgosV%22%2C%22AAKK%22%3A%22Pc%22%2C%22AAAK%22%3A%22S4%22%2C%22AAKaz%22%3A%22kpp5qpKI%22%7D&makBA5K=g&sflct=8353880&ure=1
Origin
https://contextual.media.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Wed, 13 Mar 2024 17:00:21 GMT
date
Tue, 12 Mar 2024 17:00:21 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
21704
quic-version
0x00000001
include
p1.trrsf.com/api/includer/ 		88 B
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p1.trrsf.com/api/includer/include?component=Teams&country=br&env=prod&format=json&group=web&scheme=https&standalone=true
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:337a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
acefce6852ea3b66c75784de53d12e3dc7e494fea3409fa5c154432058eb4c77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:21 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length
86
x-includer-uuid
1faae870-bfde-4b84-8785-5062d0618ac0
bql.php
lg3.media.net/ Frame D841 		15 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6598&&vgd_canary=0&vgd_l2type=scs_newfl&fp=C8wVmqbJv6GWPcpQks8nw1L00nXTnqQLt3F62DIeLqsd4tnxRivg2uo_rHKOmFnXiyMEiUIHhWOmTsZQ-RUOqmrm0MwKCi_Y9o4d7-gJcgGKx3Bn9NEZIrlSOsFPtPf_-ovYAxsqyNDu7ZLC-oDSZkIPGjSv6AmT&cme=xRrsgTznC9WylOIvZTrsfWRQhbh0wzLOj9z2T0KWoSkRsQQxL5HmMPOuOyV6bShmysVXt2qDk7UHG9OsSnW5a-yk8B3bO3hLhyxnN3kyW_YZODSBcZwo4Xcy9nzf6sLx_HVTUH-mjcehh9fjdcQrjesY7BB_96rKjhf5f8nZ98i0ILN0ZxosdoMR-XGvyrPVCVy9oJGskdZn07gPiFIQoWxmH_3FLH_lK7Xntlg18b6d0huxQWlhuo5Qs4Dc4mUG_oJCSAz0gAQmYz-vjzccKQ%3D%3D%7C%7CRaVnA19mSZR1oWWPAwwk-sGquFEmFT64%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CdyQlH1ZL7u8-tbMAdZW0sYWxhR9-yuB1jqf-zFLD_Kfd0w8g698wAsludNWiKqUhGVyOX39LXpNrXY29pT45xOR3FY3CMekwfxo32I6SgK617CTYxgODFIK3EWpInxSPgA3xQXRaFSIYkH3vwdBSEd5jEmz-BXOK93BOctzXYNgEUrUgaXtByA%3D%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CtcNgtqpbr6anKKri6zRQbr-FiS4a1aLSsbFd5x3IkisZZvU1QwyswMm7SBF6-QAcgCvOpRZIV4QQYO-EwaCFcAuIe_1eF9C5r_bqr0mAY_4KrNe7HX9poMu2Ys6uIDAi5c22tzfDyk9vxwrRv3iL9IzkblyYc6JwNWPhWASXeEq8q2F45nvPvPA9JxkzMSZZnFQyxYRQIQ3Kr5StcxR7ZzKjAoTuv8LmzJHAY5iuSMPiHZzrrc9op4KGblCgy03HAHjNbOafuh7YSSsvvRmjmNFDZFfsjb5Fmgm6eUp6kfc%3D%7Cu8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq%7C&subBdr=196&bdrid=460&ksu=266&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Die+10+besten+Aktien&kwt[]=391&kbc[]=1262271193&kwp[]=1&kid[]=329506286&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.3091%7C7%3D0.0002%7C8%3D031208%7C13%3D0.1051%7C14%3D031212%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.388%7C1%3D1.17%7C2%3D4.30%7C7_n%3D0.0005&ktd[]=4503874522251520&kwd[]=Sparkonto+mit+5%25+Zinsen&kwt[]=391&kbc[]=1262271193&kwp[]=2&kid[]=329541714&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.3823%7C7%3D0.0002%7C8%3D031208%7C13%3D0.0842%7C14%3D031212%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.388%7C1%3D0.83%7C2%3D2.80%7C7_n%3D0.0002&ktd[]=274894881024&kwd[]=Die+besten+Krankenversicherungen&kwt[]=391&kbc[]=1262271193&kwp[]=3&kid[]=329464743&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.2999%7C7%3D0.0002%7C8%3D031208%7C13%3D0.0920%7C14%3D031212%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.388%7C1%3D0.35%7C2%3D2.12%7C7_n%3D0.0002&ktd[]=274894881024&kwd[]=Private+Krankenversicherung+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=4&kid[]=329492667&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.3278%7C7%3D0.0001%7C8%3D031208%7C13%3D0.0913%7C14%3D031212%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.388%7C1%3D0.37%7C2%3D3.84%7C7_n%3D0.0002&ktd[]=4503874522251520&kwd[]=Die+besten+E-Bike+Angebote&kwt[]=391&kbc[]=1262271193&kwp[]=5&kid[]=330266456&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.3455%7C7%3D0.0002%7C8%3D031208%7C13%3D0.0639%7C14%3D031212%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.388%7C1%3D0.49%7C2%3D1.39&ktd[]=274894881024&kwd[]=10+beste+E-Bikes+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=6&kid[]=350632923&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.3422%7C7%3D0.0002%7C8%3D031208%7C13%3D0.0526%7C14%3D031212%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.388%7C1%3D0.35%7C2%3D1.13&ktd[]=4503874522251520&kwd[]=Minijobs+f%C3%BCr+Senioren&kwt[]=391&kbc[]=1262271193&kwp[]=7&kid[]=350764953&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.3260%7C7%3D0.0002%7C8%3D031208%7C13%3D0.0439%7C14%3D031212%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.388%7C1%3D0.60%7C2%3D1.41&ktd[]=4503874522251520&kwd[]=Top+10+E-Bikes&kwt[]=391&kbc[]=1262271193&kwp[]=8&kid[]=326676038&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.3426%7C7%3D0.0002%7C8%3D031208%7C13%3D0.0587%7C14%3D031212%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.388%7C1%3D0.34%7C2%3D0.92&ktd[]=4503874522251520&v=1&gdpr=1&geo=51.23%7C9.33&dlper=20&lper=100&lpid=&tsid=15062&hint=&cc=DE&wsip=170774818&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22YJJLGJNU%22%2C%22QQ8E%22%3A%22fuh.uuH.fuW.9%22%2C%22QQQN%22%3A%22IV%22%7D&cid=8CU62MU8E&vi=1710262821558311188&vsid=DefVid&tdAdd[]=asnum%3D31103&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_act_status=1&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=4&vgd_tsce=L436-S436&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=21539&vgd_nrrmf=303000c80a&vgd_nrrsf=scrr&vgd_cty=niedenstein&vgd_ifrmode=13&sttm=1710262821187&upk=1710262821.15949&hvsid=00001710262821187036481827844886&verid=3111299&sbdrId=196&tsrc=entity&vgd_l1rakh=1710262821179787298&vgd_ecrid=435408724&vgd_isiolc=1&kbbq=%26asn%3D31103&vgde_ydsp=%7B%22QEx%22%3A%22XuWX~9%22%7D&vgd_mcf=68237&vgd_vstrid=DefVid&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9W~eBMJ-Nv9.Xf~e8QMQOvfiW~ONfvu~G17v9%2C9%2C9~QNOv7w~eM1QzvAuu9A~ejfLMQOvf9fH9Aufuu~8xLjMGvuWWf.Af~xLjM7UNv9~Q7OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~j1Q7v~e8QMxLjMGv9.hF~8EvA3_m2a~kGGv9~e8QMxLjMjvH9~L88Ex1v9%2C9~J7vff~LNvu~LEQMQOvf9fH9Aufuf~e8QMGvXAF.WF~xLjMGv9.XA~ejfLMxLjMGv9~ejfLMxLjMe8vH49~xLjM7e8v9~JNEMJJLvAA~xLjMjvf9~yN17vou9~GGvuiF~eev9~jfLMGvu999~JLEYv9.9W~ejfLMxLjMUNv949~GYvu~1AEMGvh.fi%2Cf9.Hf~Q8OvuXXXuHfHF~QOv9~x8OvffOXsKktAswEEYp7DD~G7OvuFXuWuWF9iFAuFhW9HfFXiFHHWffXXiFWh9HXAuhHif9iXhhH9ff9AXHAHWWhiFfufAfffHFFh9WAX9fAifFW9uWfhFuiHfiuuFWHF9W~eBxv9.Xf~OfEMjvu9~AENkvihf.hH~x8Yv9~OYYMQ7Lyvw1LYmz5~eLMxLjMGvhXX.uF~OfEMGv9.iW~myOfEMGv9.iF~exLjMGv9.hX~QQvIK~NNvr4~x8Bvou~NJv9~LEQMGvf9.Hf~exLjMjvf9~%3DVvAufh~UGMxNvof~z7Qvu~UGMNNUQvof~N7vJLkxL7~GQQMC_pvcR%2CI4r~J-EQNmLJvou~G1Q8QfvuiF~GO7vuhu9fFfWf9~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.AA~8Q8kv9~G8Ov9.9W~ONvW~ejfLMGvh.fi~8exLjMjvf9~NGOEv9.9Xh~875EJM8OvuF~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~QxEEj5M71yM8OvuHX9h9Wu~e8JB1G8j875v9.XfuXiW~EmQv9~N1LL8JLVOv9~myG8Ov9.9W9999~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvih9-fX9~GQGvu~GQEvou~7Y-vWh~Y-GU7v9&vgd_cfud=230710&vgd_scsver=424&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=970_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1180&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=200&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A970%3Brend_h%3A250&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001710262821187036481827844886&rc=0&rand=1710262821523&acid=b9e843859d4464f02e1a9307190f7f7e&matm=1710262821523&vgd_ltimesrc=1&vgd_ltime=663&vgd_rtime=610&vgd_etm=7&vgd_l1hcsd=Og4dd%7C1718&vgd_l1ch=1&vgd_lhl=1260&vgd_pgid=p0765353884t202403121700&vgd_csip=rtb-common-7b49d9dfdf-zp8gr.BE&vgd_sbSup=1&vgd_nrrs=21539&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira_0__container__%7CDIV-mod-footer&vgde_cdeplbl=1E8Mzm7M1e18j1GjJ&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2356&&kkdd=33%7CH%7C9n*A&555=NyO0UC1lJHM3x1Mdovpvv~Ie35Qj)!yqvebfl4!OeyRF91po*B58gVH0t!NvVImnHi!-9uWFkM1og8JHRvzt.VVtj~xquI.*xuIW5uZ8!MQArQPXx*MCy1MgwtEINVf(l.Pr2OMPUxaZwbNSIMlKEd*F8*xpe-avWztarwgf1WV%3D&*E=grgVjYjojgCCowgggoo&lWf5=g&kAf-=V&KW*=ggoV&aAKp=XTwY&KEW=oHvYjtvoc&KfKW=TW3Hb4FSCHJ0IprIvYNyBi%3D%3D&K5EW=gCCCgTjTY&AE8p=(rVnjCV&KK=Pc&AK=Lc&KmNk=Lixt7S)&fEW=oR7CyXdOT&afEW=dCr4cVH&maafA=g&NAp=C&BZ=g&2lW=T&-Wag=oHvLCcSTo&-Waj=gVgYwwCgT&qW-a-=AWj%3DN2BB_E25BeB%3DjV_Ulp5fk%3DVsVo_*ZepnK%3DVsCj_*EAeAW%3Dj(o_WKj%3Dg_q-a%3DV%2CV%2CV_AKW%3Dam_*e-AN%3DwggVw_*Bj5eAW%3DjVjTVwgjgg_E25Beq%3Dgoojswj_25BeaIK%3DV_AaW%3D%2Fgjgg%2Fq5sap55-sk-EB%2FmUkp%2FK-qpKpE5-_B-Aa%3D_*EAe25Beq%3DVsrY_Ef%3Dw)dUM7_!qq%3DV_*EAe25BeB%3DTV_5EEf2-%3DV%2CV_pa%3Djj_5K%3Dg_5fAeAW%3DjVjTVwgjgj_*EAeq%3DCwYsoY_25Beq%3DVsCw_*Bj5e25Beq%3DV_*Bj5e25Be*E%3DTcV_25Bea*E%3DV_pKfepp5%3Dww_25BeB%3DjV_lK-a%3D9gV_qq%3Dg(Y_**%3DV_Bj5eq%3DgVVV_p5fk%3DVsVo_*Bj5e25BeIK%3DVcV_qk%3Dg_-wfeq%3Drsj(%2CjVsTj_AEW%3DgCCCgTjTY_AW%3DV_2EW%3DjjWC3i!bw3mffk~axx_qaW%3DgYCgogoYV(YwgYroVTjYC(YTTojjCC(YorVTCwgrT(jV(CrrTVjjVwCTwToor(YjgjwjjjTYYrVowCVjw(jYoVgojrYg(Tj(ggYoTYVo_*Z2%3DVsCj_WjfeB%3DgV_wfK!%3D(rjsrT_2Ek%3DV_WkkeAa5l%3Dm-5kUNz_*5e25Beq%3DrCCsgY_Wjfeq%3DVs(o_UlWjfeq%3DVs(Y_*25Beq%3DVsrC_AA%3DSi_KK%3DPc_2EZ%3D9g_Kp%3DV_5fAeq%3DjVsTj_*25BeB%3DjV_H4%3Dwgjr_Iqe2K%3D9j_NaA%3Dg_IqeKKIA%3D9j_Ka%3Dp5!25a_qAAe1d~%3Dtu%2CScP_pnfAKU5p%3D9g_q-AEAj%3Dg(Y_qWa%3DgrgVjYjojV_q-AEAg%3Dg(Y_EAxp!%3DV_E*25Beq%3Dgsww_EAE!%3DV_qEW%3DVsVo_WK%3Do_*Bj5eq%3Drsj(_E*25BeB%3DjV_KqWf%3DVsVCr_EazfpeEW%3DgY_ApBBp5ea-leEW%3D%2Fgjgg%2Fq5sap55-sk-EB%2FmUkp%2FK-qpKpE5-_A2ffBzea-leEW%3DgTCVrVog_*EpZ-qEBEaz%3DVsCjgC(o_fUA%3DV_K-55Ep54W%3DV_UlqEW%3DVsVoVVVV_q!B5%3DVsVVV_A2EW%3D_WaK%3Dp2eqp_Wkkep5fk%3D!-BAp_Wkk%3Dm-5kUNz_qWfK-fW%3DV_W-Bl%3DWp!-2Ba_ENAB%3DV_AUqf%3D_makB%3Dg_WK2a%3DwV_WUlq%3DV9g_EqK%3Dg_NA8%3Dg_alA%3D(rVnjCV_qAq%3Dg_qAf%3D9g_akn%3Dor_knqIa%3DV&Na*=V&kkk=2bUAS!4P0cI%3D&EZ=(rV&EN4!5=g&qW54W=TYV&qEW=wT(VYw&kK!=Yojwr&zWAf5=g&I-af5p=g&I-aqEW=9gVw&K-WUk-EN=a8x9mXKB9X95fYtwKnz4ocutxTl1T9IZ5Ue-8.rtycv%3D&zfBf=g&EAEW=C&-W*=tz%20upAa%20yp-5KmpA&-Ka=Ru4iiu%2FS2uTlS!l5u8N05ST8-u!l0-ww2-p&flEW=fVrYCwCwooTajVjTVwgjgrVV&AABW=%7B%22AAEf%22%3A%22jgrsggTsjgosV%22%2C%22AAKK%22%3A%22Pc%22%2C%22AAAK%22%3A%22S4%22%2C%22AAKaz%22%3A%22kpp5qpKI%22%7D&makBA5K=g&sflct=8353880&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 12 Mar 2024 17:00:21 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
15
expires
Tue, 12 Mar 2024 17:00:21 GMT
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: 49b91259c8593348.ngrok.app
URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 20:18:41 GMT
content-encoding
gzip
age
74500
x-guploader-uploadid
ABPtcPoyu0wXNmbMUctZcNxdEdPH44ujwwmU8GJmO7cH-vjVEgr7eswUZLevJk6fK9uElJyLrnE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6116
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash
crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation
1694696370171925
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6116
accept-ranges
bytes
expires
Tue, 12 Mar 2024 20:18:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403070101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2d3fa7b013a87ccd03be5882b2f3e529007fafa604d644df08d935eabea6472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12280
x-xss-protection
0
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 06:34:24 GMT
content-encoding
gzip
age
37557
x-guploader-uploadid
ABPtcPoRXg-wd2VFzHW07urK1OBU-ls6x4hc7POrXz6RFGI_eQrVuKQADKMH5-pLdJyKBeGXWFch-4CI4A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8334
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash
crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation
1694696370056280
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8334
accept-ranges
bytes
expires
Wed, 13 Mar 2024 06:34:24 GMT
trk
tt-10969-0.seg.t.tailtarget.com/ 		70 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-10969-0.seg.t.tailtarget.com/trk?tA=TT-10969-0&tJ=_channel:bratargettecinformaticaapple:1|_channel:bratargetdiversidade:1&tK=1710262822&tM=direct&tL=direct&tN=direct&tY=3&tZ=13589299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:21 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Mar 2024 17:00:21 GMT
u
b.t.tailtarget.com/ 		72 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttqtt_terra
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
18cee4cb868066cf6c2b07c93298b6380528a61a9da82512bce107485ed2e3d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:21 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E061 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Mar 2024 15:12:23 GMT
expires
Wed, 12 Mar 2025 15:12:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9DEA 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fa2ca7118540f40d85ed260f1e521bac016c93fa7100127f7b55e8861b660ad7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vkdBuDAT7mVoQAiCh5mu5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-vkdBuDAT7mVoQAiCh5mu5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Mar 2024 17:00:21 GMT
expires
Tue, 12 Mar 2024 17:00:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js
pagead2.googlesyndication.com/bg/ Frame E061 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:47:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
11593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15541
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Mar 2025 13:47:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DA2A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKNo9QXwWUHG5Y0nRq2BtecSfleJQxHGL3lru5y9xV2SA99P9Tc4XsNILHR__Y7AlmW2puQ2qV73rQ9HE12j2kQtdG047WG4VslSmArnTIgO8EO1FajrEIWtyzzrkA2GDIrqyH6wEeZ5Mle9j5SbRNcCp_pDvZTz5xiUE_mw&sig=Cg0ArKJSzEekzBOFf6jJEAE&id=lidar2&mcvt=1000&p=446,333,696,633&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240306&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3904963271&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=619562000&rst=1710262820583&rpt=198&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9DEA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403070101&jk=3040261295794108&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E061 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hQTpvQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
b
b.t.tailtarget.com/ 		128 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-10969-0&tY=1&tS=4&tU=0100007F258AF065A506133C02A1A613&tX=b.52&tZ=640643901&env=_ttqtt_terra
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
7795e9457d8fd91cbfa206995b0417ad58fd88ab781420559a94f2181934c652

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:21 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ca
tt-10969-0.seg.t.tailtarget.com/ 		99 B
134 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10969-0.seg.t.tailtarget.com/ca?tZ=496313357&env=_ttqtt_terra
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
9056af0a955be2882d5737ee702342783a1f1c72f8558a2becaa7b40b34fa8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:22 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
hblg.media.net/ Frame 007D 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAABAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQGI5ZTg0Mzg1OWQ0NDY0ZjAyZTFhOTMwNzE5MGY3Zjdl1Lf2YJgHBERFNDQ5YjkxMjU5Yzg1OTMzNDgubmdyb2suYXBwEjhDVUg1RU40OBAxNDUwNzA4MQ45NzB4MjUwCmV1X2JlMjhDVTYyTVU4RS0xNTU1MTQyNDYtMTEtMTAEMjMQQVBQTkVYVVMSOFBSMTEzSkdDDkJJRF9BUEkAEDE0NTA3MDgxAjA8cnRiLWNvbW1vbi03YjQ5ZDlkZmRmLXpwOGdyLkJFEjQzNTQwODcyNAIwACABEEVYQ0hBTkdFAgJi&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:22 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Mar 2024 17:00:22 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 007D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQXCNpt-fr_u0JD7n7JvcwuZ3obk2kyU6-Zhn1FAyp5nk1ZegQ_s2odhZ-rWozbSRXewex50DTtGDrsZDYBRUYnVJ0wIa1QJHF1dioSrB3ZRkcU1GhiIkW7f_cr62vM1jB7QkDiY_hN66Ns6xgdEgCTvo0Sw_G3OWMWYjy0A&sig=Cg0ArKJSzB81farNyXAiEAE&id=lidar2&mcvt=1000&p=711,315,965,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240306&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3023070111&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=619562100&rst=1710262820702&rpt=552&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 007D 		0
993 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&e=wqT_3QK0Bei0AgAAAwDWAAUBCKSUwq8GEI6o0sOHgoW8NBgAKjYJkst_SL99rT8RC5NOyd73pD8ZAAAAYLgeBUAhCw0SACkRJPQCAjEAAAAA16PQPzDJuPUGOPpPQJUJSGBQ1J7PzwFYs8FrYABo86GFAXjBhgaAAQGKAQNVU0SSAQNCUkyYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC4qNO6gJ8aHR0cHM6Ly80OWI5MTI1OWM4NTkzMzQ4Lm5ncm9rLmFwcC9UMi9kZXNrdG9wL2luaWNpby5waHA_b2s9QUdSdFZhdkNneFU4RHJSVTNUT1EwSDdLc3dBbzNsSU1ETHJKYk5yeTF6bTJWTERocXBSWVdVbW9kWm1ycnVLMYADAIgDAZADAJgDF6ADAaoDQRIYMjYyMTY1NDg2NTYxOTE1MTQ0OV9zYmlkGhMzNzgwNzkzOTQ4MTUwNDY5NjQ2Igk0MzU0MDg3MjQqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4yNagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATUns_PAYgFAZgFAKAF2dSd59ym_7AkwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFjJtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAAAAAAAAAAAQQJ0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfBhgbSBw0JASIBAQEmDNoHBggFCbjgBwDqBwIIAPAH384BiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=85df0b1d5f3a302fa5b56bb78d414562e4d8c5e1&type=pv&jm=1003&px=315&py=711&bw=970&bh=250&sf=1&sid=1053123391653239304&vd=ct~0|rr~5&sv=243&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14507081&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/243/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:22 GMT
an-x-request-uuid
2634e70b-00fb-45fd-a0f8-1c34dc69f050
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.25; 217.114.218.25; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403070101&jk=3040261295794108&bg=!YGOlYyzNAAZsmiNCTJo7ADQBe5WfOD3Lt0AZS-3ros_UMJi7_Y7MB5DGWSdWlR0QekgxG2IdpgNSM5rlm5aW6Zs1VxM_AgAAAC1SAAAAAWgBB5kC0SlW3ajiq5nBYI4-S697N-YbGOyQPNKiSDe4YkPTW6sIiQnr_FuseGUjBAinB-uHIsC9D9tajVoD6zRuI-EK9ZMJosvOtbdngYc2Q5zz9T0WitkvU4Oq-LP8Wg5Z2meQIDlayO-D5D8tofi2-7_uIB5klXME3hCGEwn04pmQoEXd_rjesIYmkI-wA3wv_7-lhp4RtLnqlYksTEc4i9a7QqprxnTHtZjdML8hvSVojT8N6aiBUx2r2NYRm84qkvqnLf0uePYohu-ST0zxZ9G9AtVEIyqlZFHicY8NrVmXfLaTqg3hjwNqctEHRQEgQQMzqEa3_IJuCnRUHOtB0hwoTo9X7sQ_glktOK4LGXG91NQlaN0mHEizBK6oN-DuR_FOLkMHAqkjeyucG8nFdoeMfiRVP6HCtsScUsyp03__Ob0VmiZhDfOO84e6kqhNzt-qJSB9x3h6MoEQ3DzGggj5AOer7Mi5tbhaWrgYQ-GkcW2fBjtgsvHYWrGxKApCs4se4nC_6VIl-llipq1YccHtgKNoTZ01n_k4zdPrnMnC7Jv_La6z7cO0Bm0FsE1uIY9iOy4Vs5nGMhIq8cWANJjpTnTUN90JCi45-rRd46lNd3l_DNrvK3FCj4uEs__qwtjM7v57df31JPL-SSfXia8k9mrvAV0hAkbieyCdC5XOKyEcCLhM-Q_oKz5FsPHb6AXd1I4xFuidsYCdYAOqicPtk-Y0CJmWF-7NH2EnhGhBZajKLvkLAetgYnq9ub9V1dYkyCHWBYIz0ECw3RMJ8apfT6UFY62CTnp_QdyyS_JtQ5DfFFAj0hlcalcszi1-gWjuBGql3DgXzoHn-j0d99CAZlpV4WA-BIPPQMzKB5UK3i_1Ya8uYXS6CTLIfKNbjhgVGLQlamVIg67AfBOpGuOVTurm23OosbRiSjEjXWqEyXX9FBSbQSoB-vsNHrq_vi9PBgo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers
__tt.gif
t.tailtarget.com/ 		43 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10969-0&tE=0&tF=&tI=___de_1710262821989_3648182809&tJ=CA6935,CA4723,CA4729&tQ=bratargettecinformaticaapple,bratargetdiversidade&tU=0100007F258AF065A506133C02A1A613&tX=b.52&tY=1&tZ=532667574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:22 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
bqi.php
lg3.media.net/ Frame 007D 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2322&lf=3&&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_tsce=L436&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349063&vgd_cdv=1180&vgd_cage=4&vgd_rensize=970_250&vgd_ren_page_h=1200&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9W~eBMJ-Nv9.Xf~e8QMQOvfiW~ONfvu~G17v9%2C9%2C9~QNOv7w~eM1QzvAuu9A~ejfLMQOvf9fH9Aufuu~8xLjMGvuWWf.Af~xLjM7UNv9~Q7OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~j1Q7v~e8QMxLjMGv9.hF~8EvA3_m2a~kGGv9~e8QMxLjMjvH9~L88Ex1v9%2C9~J7vff~LNvu~LEQMQOvf9fH9Aufuf~e8QMGvXAF.WF~xLjMGv9.XA~ejfLMxLjMGv9~ejfLMxLjMe8vH49~xLjM7e8v9~JNEMJJLvAA~xLjMjvf9~yN17vou9~GGvuiF~eev9~jfLMGvu999~JLEYv9.9W~ejfLMxLjMUNv949~GYvu~1AEMGvh.fi%2Cf9.Hf~Q8OvuXXXuHfHF~QOv9~x8OvffOXsKktAswEEYp7DD~G7OvuFXuWuWF9iFAuFhW9HfFXiFHHWffXXiFWh9HXAuhHif9iXhhH9ff9AXHAHWWhiFfufAfffHFFh9WAX9fAifFW9uWfhFuiHfiuuFWHF9W~eBxv9.Xf~OfEMjvu9~AENkvihf.hH~x8Yv9~OYYMQ7Lyvw1LYmz5~eLMxLjMGvhXX.uF~OfEMGv9.iW~myOfEMGv9.iF~exLjMGv9.hX~QQvIK~NNvr4~x8Bvou~NJv9~LEQMGvf9.Hf~exLjMjvf9~%3DVvAufh~UGMxNvof~z7Qvu~UGMNNUQvof~N7vJLkxL7~GQQMC_pvcR%2CI4r~J-EQNmLJvou~G1Q8QfvuiF~GO7vuhu9fFfWf9~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.AA~8Q8kv9~G8Ov9.9W~ONvW~ejfLMGvh.fi~8exLjMjvf9~NGOEv9.9Xh~875EJM8OvuF~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~QxEEj5M71yM8OvuHX9h9Wu~e8JB1G8j875v9.XfuXiW~EmQv9~N1LL8JLVOv9~myG8Ov9.9W9999~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvih9-fX9~GQGvu~GQEvou~7Y-vWh~Y-GU7v9&vgd_lbt=200&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU62MU8E&crid=155514246&rrr=nSQqo5KgVCZFRKZT8UeUUWk_FrJ2YfSbU_XpgIfQ_SPG-Ke8vlrz10CqMfnU0khxCAfa-BdGmZK81zVCPUyMj00M2WRbBkjvRBkdrBwzfZJs7JDLRvZ5SKZ13Mikn0p9gjD7uQZDoRtw3XnNkZgciTvGzvRe_atUdyMt731pKd0%3D&requrl=https%3A%2F%2F49b91259c8593348.ngrok.app%2FT2%2Fdesktop%2Finicio.php%3Fok%3DAGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1&vi=1710262821558311188&ugd=4&cc=DE&sc=HE&bdrid=460&subBdr=196&startTime=1710262821182&l1ch=1&l1hcsd=l1!Og4dd|1718&mmm=uXosNfIDqEk=&buid=349063&sttm=1710262821187&upk=1710262821.15949&hvsid=00001710262821187036481827844886&acid=b9e843859d4464f02e1a9307190f7f7e&verid=3111299&infr=1&stime=1710262820924&tsrc=entity&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1710262821179787298&vgd_sc=HE&vgd_ecrid=435408724&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p0765353884t202403121700&vgd_pgids=1&vgd_end=1
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.32.100.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 12 Mar 2024 17:00:22 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
15
expires
Tue, 12 Mar 2024 17:00:22 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Mar 2024 17:00:23 GMT
syncframe
gum.criteo.com/ Frame 1963 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=49b91259c8593348.ngrok.app
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Mar 2024 17:00:23 GMT
server
Kestrel
server-processing-duration-in-ticks
379844
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://49b91259c8593348.ngrok.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 17:00:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Mar 2024 17:00:23 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F49b91259c8593348.ngrok.app%2F&domain=49b91259c8593348.ngrok.app&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://49b91259c8593348.ngrok.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 12 Mar 2024 17:00:23 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
187593
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F49b91259c8593348.ngrok.app%2F&domain=49b91259c8593348.ngrok.app&cw=1&pbt=1&lsw=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://49b91259c8593348.ngrok.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://49b91259c8593348.ngrok.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
236995
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame EAAB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 12 Mar 2024 17:00:23 GMT
ETag
"623de86a-cf34"
Expires
Wed, 13 Mar 2024 17:00:25 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame A01D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDV2PQ3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
69.192.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf209b6217e3f4330b5cec73d9c9466fa995c8ad1bf5d8e2975265733c848bf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
8064
content-type
text/html; charset=UTF-8
date
Tue, 12 Mar 2024 17:00:23 GMT
expires
Thu, 14 Mar 2024 17:00:23 GMT
quic-version
0x00000001
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame B298 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-162-113.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://49b91259c8593348.ngrok.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Mar 2024 17:00:23 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sid
mug.criteo.com/ Frame 1963
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=49b91259c8593348.ngrok.app&sn=ChromeSyncframe&so=0&topUrl=49b91259c8593348.ngrok.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=iimdqXxXUmU4TGJPVUFkVURKMTI5M2dkcUJtcXprYWFHL2l4cll5S0YvVnRNQjR5MW10UStxYjE5eEVsV3YwQmVrOUdGVWgvaXViQS9GaHZrUXMybHdHZzlaL3VTOHdkU0hpVTBHZkZ0dDhSRHh5YmMwNk1hMmpkZVhtYV...
422 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=iimdqXxXUmU4TGJPVUFkVURKMTI5M2dkcUJtcXprYWFHL2l4cll5S0YvVnRNQjR5MW10UStxYjE5eEVsV3YwQmVrOUdGVWgvaXViQS9GaHZrUXMybHdHZzlaL3VTOHdkU0hpVTBHZkZ0dDhSRHh5YmMwNk1hMmpkZVhtYVBCdU9IRXZJdVlXUm1udGtrWkx0TVlkZ2FYb0ZMQXBvQ2dhbDRjSHdDQzB5ZDJvN0ZodmJ2K0oxK2FxWTZ4VUczREFZdjBzWUtOd0Rtemg5dTl2Y3FIZU9UOGJpMGNIeHVKODdlSmp5cS9RVllQcjVJSWN0QzZ2L3JIVWtQQnBKNkp5STRBdDFJdGM4d1Y0cjJ1bG1hWUlwNVlVYjJZWndkQXpGbFhta0lYZjRpSTlIbSsyTzN0L3VFU1pwYjIzdUdQSytMN1pVdXw&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6d705f13ae9991e9cd3ba1be1a58d78c9a077e3fac7c5213473200ef05dce96b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1318029
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=iimdqXxXUmU4TGJPVUFkVURKMTI5M2dkcUJtcXprYWFHL2l4cll5S0YvVnRNQjR5MW10UStxYjE5eEVsV3YwQmVrOUdGVWgvaXViQS9GaHZrUXMybHdHZzlaL3VTOHdkU0hpVTBHZkZ0dDhSRHh5YmMwNk1hMmpkZVhtYVBCdU9IRXZJdVlXUm1udGtrWkx0TVlkZ2FYb0ZMQXBvQ2dhbDRjSHdDQzB5ZDJvN0ZodmJ2K0oxK2FxWTZ4VUczREFZdjBzWUtOd0Rtemg5dTl2Y3FIZU9UOGJpMGNIeHVKODdlSmp5cS9RVllQcjVJSWN0QzZ2L3JIVWtQQnBKNkp5STRBdDFJdGM4d1Y0cjJ1bG1hWUlwNVlVYjJZWndkQXpGbFhta0lYZjRpSTlIbSsyTzN0L3VFU1pwYjIzdUdQSytMN1pVdXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
250511
content-length
0
expires
0
usync.js
eus.rubiconproject.com/ Frame B298 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-162-113.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d18371accba71e9178972d25243a6cabdd2fd1db8e72c6efffb1935059987b2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Tue, 12 Mar 2024 17:00:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Mar 2024 22:26:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19601
Connection
keep-alive
Content-Length
10989
Expires
Tue, 12 Mar 2024 22:27:04 GMT
khaos.json
token.rubiconproject.com/ Frame B298 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
async_usersync
ib.adnxs.com/ Frame EAAB 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:23 GMT
an-x-request-uuid
cd702a10-6e85-4aa5-9ec9-03cfe9a1c318
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.25; 217.114.218.25; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EAAB 		0
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 17:00:24 GMT
an-x-request-uuid
1bf2ee56-2bf6-414b-b082-0dc7b5ffee1b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.25; 217.114.218.25; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13911

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 string| tgmKey function| $ function| jQuery function| LoginClass function| HypnoticDaisy object| secondLogin object| trr function| AdManager object| googletag string| deviceType undefined| objNavbarPre undefined| objNavbarPreBC string| zazMode object| zaz string| terra_info_service string| terra_info_channel string| terra_info_type string| terra_info_id number| terra_stats_idCrtfc number| terra_stats_regCLK string| terra_stats_uv_c string| _ts_ss object| contextData function| ApplicationError object| nunjucks string| osThemeColor object| tga function| gaTerra string| _ts_U undefined| _ts_s object| _ts_C object| _ts_O object| _ts_PV object| _ts_CLK number| gid string| terra_info_classification string| terra_info_category string| terra_info_channeldetail string| terra_info_pagetype string| terra_info_customgroup string| terra_info_source string| terra_info_author string| terra_info_pubdate string| terra_info_objembd string| terra_info_clssfctn string| terra_info_abtest number| terra_info_isifrm number| terra_stats_isPar string| terra_stats_dvctype string| terra_stats_phnt string| terra_stats_phnid string| terra_stats_search string| terra_stats_acsrch number| terra_stats_sysCLK number| terra_stats_idPageCLK number| terra_stats_isLndng number| terra_stats_regPV number| terra_stats_regMV number| terra_stats_regTD number| terra_stats_regTDS number| terra_stats_regMM object| terra_stats_regExt object| _ttconversion function| _ts_iV function| udm_ function| init function| unld function| terra_stats_metrics function| terra_stats_regTraffic function| terra_stats_regGadgetPV function| terra_stats_regEvent function| terra_stats_initGadgetCLK string| GoogleAnalyticsObjectT object| gaplugins string| k object| gaGlobal object| ns_p object| pbjs object| keywords function| searchInStringByArray object| blockedPages boolean| isBlockedPage undefined| keywordsii function| getAudCookie function| getBlocklist function| keyGen function| sizeGen string| keyword object| customCriteria object| _ttprofilescache undefined| dc object| foundList object| customCriteriaArray2 string| adSizes object| slotSize string| adserver boolean| reloadKey number| reloadTime string| reloadViewable object| mediatype string| googleTag string| googleTag_area object| bidders object| TTTagManager function| TTTagManagerError object| _ttqtt_terra object| pbjsChunk object| _pbjsGlobals object| mnet object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue undefined| google_measure_js_timing object| _aps boolean| apstagLOADED object| apstag number| google_unique_id object| apscustom object| Criteo function| GlobalStorage object| _jsonpCallbacks object| _mNDetails number| lnt_z string| n string| nq object| cmds object| tt_terra object| ttcNamespace object| valid function| callback function| validar string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace object| GoogleGcLKhOms function| TTBase function| ttBaseE object| _ttqHolder object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

30 Cookies

Domain/Path Name / Value
.49b91259c8593348.ngrok.app/ Name: _ga
Value: GA1.3.1016849997.1710262819
.49b91259c8593348.ngrok.app/ Name: _gat
Value: 1
49b91259c8593348.ngrok.app/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: LTOMBPV2-C-BMUQ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqIVhLkHGbYnLU1ZxogGjlwOA+xFj1I9se7SBgs1/kytYL2HzJJYofELPdcv8LsTNQtKrwE8iiusJkuuBFuuUjisw5/CoIf7FftRNbrq0LAISMEUisUVOu9Io8tEQuGXfHQD5U7tEfUTQ==
.yandex.ru/ Name: yandexuid
Value: 3560973391710262820
.adnxs.com/ Name: XANDR_PANID
Value: Jyj3W4bdsq9bVnvByiduJdOmgE7ZwTgT7NB-g-DRzpd80nfmeijhCbet0pyPvox1z92BuWXhrsVFdhLoxGGka-zxjDvlpB8YB_1SuKqjsQE.
.adnxs.com/ Name: icu
Value: ChgI0YlXEAoYASABKAEwpJTCrwY4AUABSAEQpJTCrwYYAA..
.adnxs.com/ Name: uuid2
Value: 1360952534663277560
49b91259c8593348.ngrok.app/ Name: tt_c_vmt
Value: 1710262822
49b91259c8593348.ngrok.app/ Name: tt_c_c
Value: direct
49b91259c8593348.ngrok.app/ Name: tt_c_s
Value: direct
49b91259c8593348.ngrok.app/ Name: tt_c_m
Value: direct
49b91259c8593348.ngrok.app/ Name: _ttuu.s
Value: 1710262821681
.t.tailtarget.com/ Name: _ssc
Value: y
49b91259c8593348.ngrok.app/ Name: tt.u
Value: 0100007F258AF065A506133C02A1A613
.tt-10969-0.seg.t.tailtarget.com/ Name: trk
Value: xFt8p5z7xq3XNtnckTOfDXPM2nTqFHDvK22AfFXVwvaGUF3g4FnGUksaf+rtohnnRSck4I1OkG8smHuDNPAVtQ==
.t.tailtarget.com/ Name: u
Value: fwAAAWXwiiWndgbHBKBeAgB=
.t.tailtarget.com/ Name: ttbprf
Value: ___de_1710262821989_3648182809
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
49b91259c8593348.ngrok.app/ Name: tt.nprf
Value:
.tt-10969-0.seg.t.tailtarget.com/ Name: ttca
Value: CA6935,CA4723,CA4729_1710262822
.t.tailtarget.com/ Name: n
Value: 1710262822
49b91259c8593348.ngrok.app/ Name: _lr_retry_request
Value: true
49b91259c8593348.ngrok.app/ Name: _lr_env_src_ats
Value: false
.criteo.com/ Name: uid
Value: d4db378e-c92d-4913-bc02-e892c8e307cd
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.49b91259c8593348.ngrok.app/ Name: cto_bundle
Value: 0APBbl9oWEJXNlBtMFBSZ2R4eE1KbFR3ZUxwd29xb3hXWVVnaExRSkR6SHFvVW5kR3Z1MlZITnRycGtLdzloM1JWNjZDV3lLOXRMUm1La0prJTJGRmlFSElLYWNQNWxoSXdpNlpWcktPVE5jcWZGMjRGNWRRZVVFSXlXYW93JTJCb1VzNFZ1VEV4SXgyeXlHYXglMkZuWUdDazA0dFI0Z0ElM0QlM0Q

80 Console Messages

Source Level URL
Text
network error URL: https://s1.trrsf.com/fe/zaz-cerebro/prd/scripts/zaz.inline.min9df2.js?standalone=true?v=5
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s1.trrsf.com.br/terramail/_js/jquery-3.5.1.min.js(Line 1)
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://p1.trrsf.com/cengine/igniter/script?s=navbar&r=ad&r=breadcrumb&r=breakingNews&r=cookie-message&r=footer&r=navbar-email&r=search&r=ticker&r=socialpanel&r=shortcuts&r=under18-message&rs=email&p=fixed
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.trrsf.com/update-1704722707/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://p1.trrsf.com/cengine/igniter/script?s=navbar&r=ad&r=breadcrumb&r=breakingNews&r=cookie-message&r=footer&r=navbar-email&r=search&r=ticker&r=socialpanel&r=shortcuts&r=under18-message&rs=email&p=fixed
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.trrsf.com/update-1704722707/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://s1.trrsf.com.br/metrics/js/br/content.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.trrsf.com/metrics/inc/br/202203110000a.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://s1.trrsf.com.br/metrics/js/br/content.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.trrsf.com/metrics/inc/br/202203110000a.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://bs.yandex.ru/prebid/3612118?imp-id=1&target-ref=49b91259c8593348.ngrok.app&ssp-id=10500
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bs.yandex.ru/prebid/3612118?imp-id=1&target-ref=49b91259c8593348.ngrok.app&ssp-id=10500
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.terra.com.br/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13911' from origin 'https://49b91259c8593348.ngrok.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13911
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://49b91259c8593348.ngrok.app/T2/desktop/inicio.php?ok=AGRtVavCgxU8DrRU3TOQ0H7KswAo3lIMDLrJbNry1zm2VLDhqpRYWUmodZmrruK1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ff0b4e5e3b55639f57df6094e0d9603.safeframe.googlesyndication.com
49b91259c8593348.ngrok.app
aax.amazon-adsystem.com
acdn.adnxs.com
api.rlcdn.com
b.t.tailtarget.com
bidder.criteo.com
bs.yandex.ru
c.amazon-adsystem.com
cdn.adnxs.com
cdn.jsdelivr.net
config.aps.amazon-adsystem.com
contextual.media.net
d.tailtarget.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fra1-ib.adnxs.com
gum.criteo.com
hblg.media.net
ib.adnxs.com
lg3.media.net
mug.criteo.com
p1.trrsf.com
pagead2.googlesyndication.com
prebid.media.net
prg.smartadserver.com
qsearch-a.akamaihd.net
s.seedtag.com
s1.trrsf.com
s1.trrsf.com.br
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
t.tailtarget.com
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tt-10969-0.seg.t.tailtarget.com
warp.media.net
www.google-analytics.com
www.google.com
www.terra.com.br
api.rlcdn.com
108.138.6.136
13.33.175.168
151.101.65.108
178.250.1.8
18.244.18.38
208.84.244.97
23.216.77.36
23.32.100.25
23.35.236.188
2602:803:c003:200::31
2606:4700::6810:5614
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:827::200e
2a00:1450:400c:c0b::9b
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:ab00::b819:336a
2a02:26f0:ab00::b819:337a
2a02:6b8::90
2a05:d014:21b:8e01::6e:1
34.102.185.99
34.120.63.153
34.149.50.64
35.201.123.184
37.252.171.53
69.173.144.139
69.192.160.23
69.192.162.113
81.17.55.99
99.86.4.39
001155829992323f9aa2589ff5b587783ac9f594e287f77471a1769b1272b814
0442c95ddc83162ac9b126fbc73882a437803a7ebef2718bc7ed897ba44950fe
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0721ad7146d2649e46ffc2526cf8c3a89ae2da0dec664fa9e5685d9a34298917
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
0f959222ac5827d10e5cb09093bde3ff4c7e0fcdcb2e0e06c8e39a0e3983ed36
13a2cb2317563370598fb8cceb4cc05696591397b5d4f6ad8600d25469f05941
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
166720721c833cecfeb03d4dc92c707c7855430f2a3caf2fd60a736400e6e251
189d97907f24a96a47f040fbdacb4f930d1ff41675ac96b659d2cb3eb607d095
18cee4cb868066cf6c2b07c93298b6380528a61a9da82512bce107485ed2e3d9
1c121844f01c8abb42eb2dfe4273e2b43b69269484c79290af05dfdc1d71f501
20976fc8fe202fef3f3b01a7068bc9512b8c82162c61e6e2403f8b4eabcb54aa
22934f9ae4631aa91dcca236943099a2bf3d394c4ef3cf7dee1fbbbfa46b577f
27cb8604c55b980c9694cdacebb2235305db75c5961b718b2b92558022cacd24
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2a6177f86499d167337ecff6e3e9eaa1b2b7f013209086fa6ac372afd2d9f919
2aef9d5cd3b7f763135c7a2e5065923c4c69e2b8112679206d0aba6fb862bff9
2bdc242f8afad2131cb05e2e3288c34d1f6a677452331c1f5b478193f754b9e0
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
348b67f2de749b5738ecd616db955265833e209759167e23c17054c0fbd6549e
395f429b22143aabe3d4074171e93386772ed7f858ede030ba1cf42254a6997c
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3d325dd246dfeaad4e6ccca70d572764fe927472ef47609d4be8bce6c5a43f0f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dff9efd4a6d72287b4d30593d1592b349cd42eeda64ce35af90dc46d90166eb
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42098c4a3065cc6e878a21d3ec80c68f28238e106bc790ca9c4e80a054abf456
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48b02510a238c5e7a2a7c1ff436fb73a2d0bdae1f52a47f359dd7278a3ed0cf0
4983fe395b8e45ac9cb85522272bfa2e00283a1b17e9ee591a1e7a4c213949c8
4a894b0c4a2f4c3fff8bc316a7ad3527f61464b0f7b70d211fefbf52e0b765ee
4cfd43a86ebd2744f3e33bef0a180da38832b0aa7ee2012af05caeca8410feef
4df9034923d3e506779565e6d79fbd16b8bd3fc7cb6aa3345dcdb0076f7f059f
4e8b75c0a681bbed4ec5d56a391044e626022395ee65f319c0a13db0b9f8d4ee
513a6866e48ea8e16265464bf3f99aea0289c53007b57221dfd0dd5e64cb6985
519e320636787ae7d9ad48648687a78f9c57a9f0160aabb4820546cbf0ee18b4
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562003ec2a8e3f8395e2b490fb8ee1bf321c5c6d0e9edd1f0c3e8ef89fa2d82c
57425ffa63cfde72a41bfccb7102329aa38d2702abc780e494dc07e87e902a9e
5751a159888cd311c9ae2bf2c9f6025a1c22ed8dc78b4d48b6a7174d8110409b
5b55292cb19be85439b763dd346ac0e0304ea5f90f244660e554d9384c50bda3
5c5a9efd1aaf8622dba343cc8a028336cddb7fed5c8ec2b4c6df1b918006f333
5f3fe6682c31fbff40aa193c0d3554e2e69c800e40ad758ab6783ce184d8b4ca
60030481be95c8052a5043bd0ebb13ef16e6254b6e86b8dfe5001590cfafc681
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62aead83b721830f4ae3ea138ca2bcdae8a7b9c69d1b921834c3a8088ba4d2b9
663f70e65e2eb7f65ebe67512f26aba6633027a184560dc0727ecc3f50fb96af
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
6bf3af8edb147958a9e0734d3f9068c0cedea42a2514ca20a24eb2fb64313dfa
6d705f13ae9991e9cd3ba1be1a58d78c9a077e3fac7c5213473200ef05dce96b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76c2b9a887e2be6c58753422ddc93663051846fcd9955f7a82e9318a9eb4b076
7795e9457d8fd91cbfa206995b0417ad58fd88ab781420559a94f2181934c652
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8204db637b326d64e43b3e7e9fc20fcd37aa3b52c3ba69e62262c3e48b7a8ff9
82da873956888d3a0a1db331a301c9b95de6937c0acf64c33a2c9fc711b7fb54
83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8b5ebddde78bfa2bc096c6099a06089fc35a8884b1034c8df7bc6636df0558ca
8caf47115848935c02d92cccf91aac4c8deca1890cd34c73a697b9254fa1db60
8dcb0fcb98f857932586111ae076aa46c7f403fa58107f183ca5b074af3b78dd
8f48d0578ed7d15c448fbba7e2439b135a938a2aa28ff207cb36f53c8c58e68c
9056af0a955be2882d5737ee702342783a1f1c72f8558a2becaa7b40b34fa8cc
946eb995c70a4877c4e5b4ae1d6fe72973c93fb55e93e8ac999aa4cf784e8533
99e6be2e6f35c44979f78f70cb06a47b84150d0d8e9945fce11b9665b4a085f5
9aa7e7037c03e20ffa24aa11807553d1fb0de02cde3fbe30090aa046fac24760
a2a07c6ecbecbc2a84021c2b2ee1502483b401523a6b6bb6f5f709aa5bd1f720
a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5
a5dc8ebb7a2dbe62e6c45ad27873474b89dfdb5d5c633e2eecae08bad0dcce6d
a7e24f0533599f142ce5fa24301b330a5bb8546cdbebca6a885196e80f5e5a00
aa3b66cc46e7b15d1cdf78e3dc02b9088bc39ed3f230eec1e0678e7e3dd6488b
abdfabd3bdc79d4892487c7a172e6081a2c240c50aa908799dea10f28eb7e428
acefce6852ea3b66c75784de53d12e3dc7e494fea3409fa5c154432058eb4c77
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b9f1fc7792b82313e253595fe6756b5d35511d7ef2c907c385c0f2b99b355751
bc03d253ae8bd556dae288f329158a063063e30afa0e8ea7ea13edec2063dd76
bc6e9696c1fef9221482f92961d9e6fc1198177ac8a3bf967266cf9c259862c0
c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4
c742fe1454397b333346b9fe2ce4b097418f7403a3150261a904a2b54b89e005
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
ca5b5aa2408b136ad722846fa8c541ec73c8eaf2fe0a1c4a2ba2a65a3647479e
cce5b207bafcac198b067c60c7899be700fc0780fa46b7d75773d0f360a45e9e
cdaaca61ef4448c04d2af9a6568b768bf43280ac3e4557aa14a073c7c289e52c
cf209b6217e3f4330b5cec73d9c9466fa995c8ad1bf5d8e2975265733c848bf8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18371accba71e9178972d25243a6cabdd2fd1db8e72c6efffb1935059987b2f
d26480a38c1de148603009f902429433aa8ca95a8af1b72be0fae1e3ada0d002
d2d3fa7b013a87ccd03be5882b2f3e529007fafa604d644df08d935eabea6472
d894ed9a1549033e73fe4e7310c644303763703a961c784918bfef910d23ab27
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e2759ae13ee76196b834eb8481f6631370d0bbf8c08ba2dfb0c40e6957a3e0cd
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c16773695082bff1986622d1321bfe386d2855789da8136527d4cb76c0dc58
e5d85771b1d7819b5173f95fa79262187bfd076ffb273be015e774c747d4e112
eb784ac3d8f6b7e1af85aaf341a248344a9dd8ef874442fc3db40efda6ce9d03
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ee16646a1d7cd367a3c839e09a0459feb2a6509a29b7e69ab15d334d0d23d1b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f3e271b44a4874258fc6302e7996e949e760208bc02850938bb38a9ad626f2c4
f4270cd8aaa654b7ff6c695b82ce3f8b19464e05ac2f889612c8dd5c54c54936
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f956aaf23064b36b182ca46c25be812025e240b57964f078896efbdd8ce6a622
fa2ca7118540f40d85ed260f1e521bac016c93fa7100127f7b55e8861b660ad7
fd038a3b5887a7211da38f300f043f190119b3d194cccbfc109d10d41ea42a81
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876