Submitted URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5Y...
Effective URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Submission Tags: falconsandbox
Submission: On August 23 via api from US — Scanned from DE

Summary

This website contacted 86 IPs in 16 countries across 79 domains to perform 595 HTTP transactions. The main IP is 54.36.217.27, located in Zaventem, Belgium and belongs to OVH, FR. The main domain is www.arnolds.com.br.
TLS certificate: Issued by R3 on July 12th 2022. Valid for: 3 months.
This is the only time www.arnolds.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 102 54.36.217.27 16276 (OVH)
39 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:21e... 16509 (AMAZON-02)
5 2600:9000:206... 16509 (AMAZON-02)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
21 142.250.186.162 15169 (GOOGLE)
9 65.9.71.118 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
16 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
1 162.19.138.119 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 141.95.98.67 16276 (OVH)
6 13.32.121.81 16509 (AMAZON-02)
2 139.45.197.237 9002 (RETN-AS)
40 2606:4700::68... 13335 (CLOUDFLAR...)
2 158.69.139.238 16276 (OVH)
1 67.202.114.212 32748 (STEADFAST)
2 37.157.4.39 198622 (ADFORM)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 185.86.138.121 201081 (SMARTADSE...)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 5 185.89.210.20 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 51.38.120.206 16276 (OVH)
2 212.77.99.29 12827 (WIRTUALNA...)
1 178.250.0.165 44788 (ASN-CRITE...)
1 147.75.85.234 54825 (PACKET)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
2 2 148.69.64.76 12353 (VODAFONE-...)
1 173.237.60.36 7979 (SERVERS-COM)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.36.173 13335 (CLOUDFLAR...)
6 143.204.215.64 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 37.48.117.210 60781 (LEASEWEB-...)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
8 67.202.105.33 32748 (STEADFAST)
2 2606:4700:303... 13335 (CLOUDFLAR...)
12 2606:4700:303... 13335 (CLOUDFLAR...)
1 23.111.115.244 39134 (UNITEDNET)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 5.226.179.19 209242 (CLOUDFLAR...)
28 178.162.194.134 28753 (LEASEWEB-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 52.214.225.206 16509 (AMAZON-02)
1 9 142.250.181.226 15169 (GOOGLE)
1 2 69.173.144.165 26667 (RUBICONPR...)
1 1 54.74.12.230 16509 (AMAZON-02)
2 2 76.223.111.18 16509 (AMAZON-02)
1 1 124.146.215.48 2514 (INFOSPHER...)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 3 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
2 35.71.131.137 16509 (AMAZON-02)
1 23.35.236.188 16625 (AKAMAI-AS)
1 9 104.22.69.131 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 212.77.98.32 12827 (WIRTUALNA...)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 35.172.59.108 14618 (AMAZON-AES)
1 3.127.77.238 16509 (AMAZON-02)
1 72.251.249.14 32475 (SINGLEHOP...)
1 1 2.21.184.22 16625 (AKAMAI-AS)
2 2 18.156.0.31 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
2 3 104.18.19.126 13335 (CLOUDFLAR...)
1 213.19.147.44 26120 (RHYTHMONE)
2 23.35.236.201 16625 (AKAMAI-AS)
1 2 52.46.143.56 16509 (AMAZON-02)
1 4 104.18.18.126 13335 (CLOUDFLAR...)
1 54.243.198.75 14618 (AMAZON-AES)
1 1 34.111.151.213 15169 (GOOGLE)
1 1 54.210.33.215 14618 (AMAZON-AES)
1 3.122.40.23 16509 (AMAZON-02)
1 1 193.108.153.21 20940 (AKAMAI-ASN1)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 185.86.137.110 201081 (SMARTADSE...)
2 2 18.195.147.193 16509 (AMAZON-02)
2 2 185.94.180.126 35220 (SPOTX-AMS)
44 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
8 23.47.212.127 16625 (AKAMAI-AS)
2 2600:9000:236... 16509 (AMAZON-02)
2 23.35.237.151 16625 (AKAMAI-AS)
595 86
Apex Domain
Subdomains
Transfer
77 arnolds.com.br
www.arnolds.com.br
2 MB
44 streamix.tv
www.streamix.tv
2 MB
42 demand.supply
live.demand.supply — Cisco Umbrella Rank: 35713
api.demand.supply — Cisco Umbrella Rank: 66689
106 KB
40 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 33040
ui.cleverwebserver.com — Cisco Umbrella Rank: 33131
lp.cleverwebserver.com — Cisco Umbrella Rank: 62986
272 KB
34 ftd.agency
cdn.ftd.agency — Cisco Umbrella Rank: 99290
z.cdn.ftd.agency — Cisco Umbrella Rank: 104887
f2.cdn.ftd.agency — Cisco Umbrella Rank: 177347
316 KB
33 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
417 KB
31 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
739 KB
28 gstatic.com
fonts.gstatic.com
www.gstatic.com
535 KB
22 futebolistasonline.club
futebolistasonline.club
1015 KB
16 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
177 KB
16 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
translate.googleapis.com — Cisco Umbrella Rank: 957
106 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
325 KB
12 megacdn.top
megacdn.top — Cisco Umbrella Rank: 282370
596 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 304
s.amazon-adsystem.com — Cisco Umbrella Rank: 282
92 KB
9 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 9045
ic.tynt.com — Cisco Umbrella Rank: 4312
de.tynt.com — Cisco Umbrella Rank: 1475
9 KB
9 smilewanted.com
prebid.smilewanted.com Failed
csync.smilewanted.com — Cisco Umbrella Rank: 5093
static.smilewanted.com — Cisco Umbrella Rank: 11178
17 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 88
translate.google.com — Cisco Umbrella Rank: 1239
www.google.com — Cisco Umbrella Rank: 9
28 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
370 KB
8 consensu.org
optad360.mgr.consensu.org — Cisco Umbrella Rank: 117575
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2530
495 KB
8 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 47240
get.optad360.io — Cisco Umbrella Rank: 27697
1 MB
7 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
r.casalemedia.com — Cisco Umbrella Rank: 778
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525
dsum.casalemedia.com — Cisco Umbrella Rank: 1387
7 KB
7 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 11194
sync.quantumdex.io — Cisco Umbrella Rank: 5026
2 KB
6 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1532
433 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 759
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2790
3 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
acdn.adnxs.com — Cisco Umbrella Rank: 604
30 KB
6 lomadee.com
ad.lomadee.com
32 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1301
id5-sync.com — Cisco Umbrella Rank: 508
39 KB
6 lomadee.fun
ad.lomadee.fun
109 KB
4 datatables.net
cdn.datatables.net — Cisco Umbrella Rank: 5021
63 KB
4 awscloudfront.ml
awscloudfront.ml
10 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
743 B
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 492
image6.pubmatic.com — Cisco Umbrella Rank: 634
12 KB
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6497
creativecdn.com — Cisco Umbrella Rank: 668
907 B
3 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1497
sync.smartadserver.com — Cisco Umbrella Rank: 1678
757 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2218
mp.4dex.io — Cisco Umbrella Rank: 2814
25 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
1 KB
3 adssuper.com
www.adssuper.com
adssuper.com
3 KB
2 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1726
2 KB
2 moatads.com
z.moatads.com — Cisco Umbrella Rank: 423
2 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 521
1 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1893
644 B
2 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4289
sync-eu.connectad.io — Cisco Umbrella Rank: 3142
897 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
548 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2016
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
656 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 418
1 KB
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 327
500 B
2 bet365.de
members.bet365.de
2 KB
2 adtrue.fun
adtrue.fun — Cisco Umbrella Rank: 295017
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
56 KB
2 viadata.store
amer.viadata.store
logs.viadata.store — Cisco Umbrella Rank: 226393
3 KB
2 clevernt.com
sender.clevernt.com — Cisco Umbrella Rank: 60362
548 B
2 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 7896
635 B
2 adform.net
adx.adform.net — Cisco Umbrella Rank: 3944
411 B
2 dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 15345
3 KB
2 rotumal.com
rotumal.com
23 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
3 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 652
650 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
220 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1369
374 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1774
348 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1195
35 B
1 unrulymedia.com
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3180
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 740
240 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1697
422 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 654
277 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 544
35 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2420
217 B
1 wpcdn.pl
std.wpcdn.pl — Cisco Umbrella Rank: 8352
16 KB
1 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5540
233 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1000
1 KB
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 681
502 B
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 3074
419 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194 Failed
44 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1232
278 B
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 15946
146 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1638
332 B
1 waust.at
waust.at — Cisco Umbrella Rank: 43871
7 KB
0 statistcdn.com Failed
statistcdn.com Failed
595 79
Domain Requested by
77 www.arnolds.com.br 1 redirects adssuper.com
www.arnolds.com.br
optad360.mgr.consensu.org
44 www.streamix.tv www.adssuper.com
www.streamix.tv
39 live.demand.supply www.arnolds.com.br
live.demand.supply
futebolistasonline.club
36 lp.cleverwebserver.com www.adssuper.com
lp.cleverwebserver.com
28 f2.cdn.ftd.agency z.cdn.ftd.agency
f2.cdn.ftd.agency
24 fonts.gstatic.com fonts.googleapis.com
22 futebolistasonline.club www.arnolds.com.br
futebolistasonline.club
21 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
www.adssuper.com
www.arnolds.com.br
www.streamix.tv
20 tpc.googlesyndication.com www.arnolds.com.br
securepubads.g.doubleclick.net
cdn.ampproject.org
c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
tpc.googlesyndication.com
16 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
ad.lomadee.com
www.arnolds.com.br
www.streamix.tv
15 cdn.ampproject.org securepubads.g.doubleclick.net
14 fonts.googleapis.com www.arnolds.com.br
futebolistasonline.club
securepubads.g.doubleclick.net
lp.cleverwebserver.com
c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
f2.cdn.ftd.agency
www.streamix.tv
12 megacdn.top ad.lomadee.fun
megacdn.top
www.adssuper.com
11 pagead2.googlesyndication.com live.demand.supply
c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
www.adssuper.com
www.arnolds.com.br
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9 cm.g.doubleclick.net 1 redirects www.arnolds.com.br
c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
r.casalemedia.com
9 c.amazon-adsystem.com live.demand.supply
c.amazon-adsystem.com
9 www.googletagmanager.com www.arnolds.com.br
www.googletagmanager.com
futebolistasonline.club
www.streamix.tv
8 csync.smilewanted.com 1 redirects get.optad360.io
csync.smilewanted.com
7 ic.tynt.com www.arnolds.com.br
6 s7.addthis.com www.streamix.tv
s7.addthis.com
6 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
r.casalemedia.com
6 optad360.mgr.consensu.org cmp.optad360.io
optad360.mgr.consensu.org
6 ad.lomadee.com ad.lomadee.fun
ad.lomadee.com
futebolistasonline.club
6 ad.lomadee.fun www.arnolds.com.br
ad.lomadee.fun
futebolistasonline.club
5 www.google.com www.arnolds.com.br
c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 ib.adnxs.com 1 redirects get.optad360.io
csync.smilewanted.com
5 get.optad360.io www.arnolds.com.br
get.optad360.io
futebolistasonline.club
4 cdn.datatables.net www.streamix.tv
4 awscloudfront.ml www.adssuper.com
awscloudfront.ml
4 www.gstatic.com c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
futebolistasonline.club
translate.googleapis.com
4 z.cdn.ftd.agency cdn.ftd.agency
www.arnolds.com.br
futebolistasonline.club
4 onetag-sys.com 1 redirects get.optad360.io
sync.quantumdex.io
3 dsum-sec.casalemedia.com 1 redirects r.casalemedia.com
3 gum.criteo.com 1 redirects static.criteo.net
3 id5-sync.com cdn.id5-sync.com
sync.quantumdex.io
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 cdn.id5-sync.com www.adssuper.com
securepubads.g.doubleclick.net
3 api.demand.supply live.demand.supply
3 cmp.optad360.io www.arnolds.com.br
futebolistasonline.club
2 v1.addthisedge.com s7.addthis.com
2 z.moatads.com s7.addthis.com
2 quantcast.mgr.consensu.org www.streamix.tv
2 sync.search.spotxchange.com 2 redirects
2 ice.360yield.com 2 redirects
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 creativecdn.com 2 redirects
2 s.amazon-adsystem.com 1 redirects r.casalemedia.com
2 ads.pubmatic.com sync.quantumdex.io
csync.smilewanted.com
2 ssum-sec.casalemedia.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 match.adsrvr.org get.optad360.io
r.casalemedia.com
2 mug.criteo.com www.arnolds.com.br
2 eb2.3lift.com 2 redirects
2 pixel.rubiconproject.com 1 redirects csync.smilewanted.com
2 translate.googleapis.com
2 members.bet365.de lp.cleverwebserver.com
2 adtrue.fun ad.lomadee.fun
2 static.criteo.net get.optad360.io
static.criteo.net
2 cdn.ftd.agency www.arnolds.com.br
futebolistasonline.club
2 sender.clevernt.com 2 redirects
2 ui.cleverwebserver.com www.adssuper.com
2 ssp.wp.pl get.optad360.io
2 script.4dex.io get.optad360.io
script.4dex.io
2 adx.adform.net get.optad360.io
2 t.dtscout.com waust.at
t.dtscout.com
2 scripts.cleverwebserver.com www.arnolds.com.br
futebolistasonline.club
2 rotumal.com www.arnolds.com.br
2 c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cdn.jsdelivr.net get.optad360.io
2 adssuper.com www.adssuper.com
www.arnolds.com.br
1 sync-eu.connectad.io cdn.connectad.io
1 cdn.connectad.io csync.smilewanted.com
1 image6.pubmatic.com ads.pubmatic.com
1 ads.stickyadstv.com 1 redirects
1 x.bidswitch.net r.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 dsum.casalemedia.com r.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 rtb.adentifi.com r.casalemedia.com
1 usermatch.targeting.unrulymedia.com sync.quantumdex.io
1 r.casalemedia.com sync.quantumdex.io
1 s.ad.smaato.net sync.quantumdex.io
1 hbx.media.net 1 redirects
1 ap.lijit.com sync.quantumdex.io
1 match.sharethrough.com sync.quantumdex.io
1 ssp.disqus.com sync.quantumdex.io
1 static.smilewanted.com csync.smilewanted.com
1 std.wpcdn.pl ssp.wp.pl
1 acdn.adnxs.com get.optad360.io
1 rtb2-useast.e-volution.ai c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
1 tg.socdm.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 logs.viadata.store futebolistasonline.club
1 de.tynt.com cdn.tynt.com
1 cdn.tynt.com waust.at
1 translate.google.com futebolistasonline.club
1 amer.viadata.store futebolistasonline.club
1 www.googletagservices.com securepubads.g.doubleclick.net
c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
1 prebid-eu.creativecdn.com get.optad360.io
1 prebid.a-mo.net get.optad360.io
1 bidder.criteo.com get.optad360.io
1 mp.4dex.io get.optad360.io
1 useast.quantumdex.io get.optad360.io
1 prg.smartadserver.com get.optad360.io
1 whos.amung.us waust.at
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 waust.at www.arnolds.com.br
1 www.adssuper.com
0 statistcdn.com Failed ad.lomadee.com
0 prebid.smilewanted.com Failed get.optad360.io
595 114

This site contains links to these domains. Also see Links.

Domain
www.optad360.com
futebolistasonline.club
whos.amung.us
Subject Issuer Validity Valid
adssuper.com
R3
2022-07-03 -
2022-10-01
3 months crt.sh
arnolds.com.br
R3
2022-07-12 -
2022-10-10
3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3
2022-03-21 -
2023-03-21
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.optad360.io
Amazon
2021-11-17 -
2022-12-15
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-10-01 -
2022-09-30
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-03-21 -
2023-04-22
a year crt.sh
*.eu-1-id5-sync.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
*.google.de
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.id5-sync.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
*.lomadee.com
Amazon
2022-01-31 -
2023-03-01
a year crt.sh
futebolistasonline.club
R3
2022-07-05 -
2022-10-03
3 months crt.sh
rotumal.com
R3
2022-07-01 -
2022-09-29
3 months crt.sh
*.dtscout.com
Sectigo RSA Domain Validation Secure Server CA
2021-10-28 -
2022-11-27
a year crt.sh
*.amung.us
Sectigo RSA Domain Validation Secure Server CA
2022-05-18 -
2023-06-17
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-10 -
2023-03-15
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.a-mo.net
R3
2022-07-04 -
2022-10-02
3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.viadata.store
Sectigo RSA Domain Validation Secure Server CA
2021-11-26 -
2022-11-28
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-23 -
2022-09-30
a year crt.sh
optad360.mgr.consensu.org
Amazon
2022-05-23 -
2023-06-21
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.cdn.ftd.agency
Go Daddy Secure Certificate Authority - G2
2021-12-28 -
2022-12-28
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
*.megacdn.top
E1
2022-08-10 -
2022-11-08
3 months crt.sh
bet365.de
Cloudflare Inc ECC CA-3
2022-01-13 -
2023-01-12
a year crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA
2021-09-13 -
2022-10-14
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-12-10 -
2022-12-09
a year crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-05-13 -
2023-05-15
a year crt.sh
ssp.disqus.com
Amazon
2021-12-20 -
2023-01-18
a year crt.sh
*.sharethrough.com
Amazon
2022-07-14 -
2023-08-12
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
s.ad.smaato.net
Amazon
2022-08-22 -
2023-09-20
a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2022-05-09 -
2023-05-09
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
adentifi.com
Amazon
2022-08-05 -
2023-09-03
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3
2022-04-15 -
2023-04-15
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-27 -
2023-02-28
a year crt.sh
*.cmp.quantcast.com
R3
2022-08-22 -
2022-11-20
3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-11-27 -
2022-11-29
a year crt.sh

This page contains 64 frames:

Primary Page: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Frame ID: 01F9AD1E724373090F7A4EB701C69FDB
Requests: 129 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220818/r20190131/zrt_lookup.html
Frame ID: 1BD9D4AC78131A76F823A779FB5E415D
Requests: 1 HTTP requests in this frame

Frame: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 33F28CF500EA9D597DCBCDC1D388D718
Requests: 1 HTTP requests in this frame

Frame: https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
Frame ID: 741A79162E41D6DCAFD121AF043FC217
Requests: 4 HTTP requests in this frame

Frame: https://futebolistasonline.club/
Frame ID: FBB7890A8D435F3D2897F94E5181ACC3
Requests: 69 HTTP requests in this frame

Frame: https://www.arnolds.com.br/
Frame ID: 11680AA247B6F91BBADD2D566A6F9FD2
Requests: 91 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuv7KcZf4bHezOt00Kmm_hb8vyDSe6pGxysmNoYeoArM-BMVl-Krf3cydxDggBBzY0JVa9BwOH-uFsj20TrUao18EGnrWk8Nj8T9rFyLHwJDcAd9tGgjIWJLz21dmsBN1NCFZ5Em7iL0p13t5639EYe0O7Yjgvb7GQasFrTpYYTZmcHqOXnogZq-Ke08ss-4qc5OkuUNwjH9crIUl7fKCpIjYXklv5FIn-oATmplCUZZvtaDZady3D7F-lXKJddUZydK8EO_xX1KPYUOZZAxHjrmu_4cJr34pR_1PcmUAs0EgyzX0kxrm20SYUKq8DvQoC2r41ELsa6_k0-O_nEKNFcEh8ZY0k3LI4c2mLbvHIxIoZRjTO1xMGYSdWBKA-AXsTTWxc3x7ZCc6tBcg&sai=AMfl-YSl8H1MttIiNqmsRUS9vuMLw4vRQzDptwLZWOPVwYEf4jsQC6R60YkyLaISg-97FcS3GC_nex99LbRyGZRB9PcD-QvbwIoKe5Z09M8KkN9VAU4PLiDSdIClbqF6MUfMEpw&sig=Cg0ArKJSzNPLwb79BlOQEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C4AF32302E0117858E42FFD1F148ECE6
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssF9kxd4VJKMW01lAXV1Wacz-8uQ_BWUM3rb-08Ra7BIvG-MWjKgImKWvRT1K0spkwwiPRK7bYarnl_zcldosCxKmVhI21zAjIA3tWMxKm4SwM7ivu4Q2gvnHY_DIuQXohR0lS3FWGqz0xox-56f8tWyJLGtBoVt8aRsGnrTkfNblwdCLleDnzUrqK7R_YTKcWkuqSYOCXpBVln4hecMRzKDkUiggt6oJNHoouA5se26yADNh8BDgJ1waxFMf7FUJ6mWcsAkIm-t0VgDs9vUeHF8blmSCbFRL4_O4ZRCyPM9vL0GTK0PBz70f0CdF172MxDn8WgtRuS_uNUukw2wSZSv5qXIguTa9WCfVp0rdCrZUNRdvQCV4lftSPV8TzXKl3blbWAOtOQwvtLrA&sai=AMfl-YRcToes5vdJpTgyIqONcWd3t0tsiifc9Um3OOcbG_F-XJhAR9XOT3NCe1jpBG9MjViUAQPawds1A42DPh2WZHmYdfzOPFnhkIJLqzvTo4UHRqrFPVSN22RPpt5eGvgfqKY&sig=Cg0ArKJSzIrbRuwHm92eEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D5105A3BF38A8D11F79772516B152F77
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh1bfXoOd7OYp1KYmyGpl446ljEIulyplO52A6WrJvYp4bZcIBhO62LQrjtx1wVaAeVN28GPK1_BMx83Btaf9514LINEzgU2lGEsyiagiLj9499nnZmQvMqcE-qQuIwesWXKFnxBP0gXntr_8lDhXuf8C9UjdLw1BcO1ZeLIKNnKNBOagiyXjE7857hhZk6p9Y2nvN4tLl9Pvn8JtJvzafXOkzc9y6229khhVcb_bIqo-hc2vRoNdp3BDKQPbkYapP9YEjSaILF_XG0q_tVOWDoR3I8pdMhg0uH179_Tiomz4-HAX-HtXjuqRU8wtJPKU32Sp1BylXOvt5d5Mb4RZkxcjiGet_1B-QbhW44FlSs9LC4JeYA8pMRK0i9eSHImUE1YDFcwuEs-XitQ&sai=AMfl-YSzkdiNPkU4awdbQ8PSMPvzqpjSwy-pnO-5fZMk6n0fA5EIKX45iAHcOV_-pR8dahAlFT3Kq0L42tbIDyAJ063HqfeFMTKPzFYvt70sNcINXpx7Bkzn65w_a6eMToj2eQ&sig=Cg0ArKJSzN4vkts2B0OZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 58D9E8E8245BC8A19860B3B5F8588615
Requests: 2 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Frame ID: DAC15C16B7D39DD6A0225F8B8F8427D4
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: FD5DB5749E46D39065E67EFED1F135D8
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: 7B61999EF5AA8D28182A09DEBAA91F90
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: D7E1BB26091DB1E1948997FF7CD4BDFC
Requests: 18 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.2.2.min.js
Frame ID: EE5FBDE512B887085CEE2B58A4C7722B
Requests: 3 HTTP requests in this frame

Frame: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2FC45F6425847BFA62531990277F4E78
Requests: 18 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.2.2.min.js
Frame ID: 05682447854D37BC39B474C15146DC87
Requests: 3 HTTP requests in this frame

Frame: https://megacdn.top/
Frame ID: 69D4F602DB0A9F3E90D82DC9D32C34CD
Requests: 5 HTTP requests in this frame

Frame: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01003470
Frame ID: C0356B0422423AF60B12CD137A8E6A8A
Requests: 1 HTTP requests in this frame

Frame: https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
Frame ID: BD2EBA7AEC33A51C74F118A888FE5E4D
Requests: 14 HTTP requests in this frame

Frame: https://ad.lomadee.com/banner/view?sourceId=37069243&dimension=19&width=320&height=50&method=0&advertisers=&tags=
Frame ID: 6C57E90384A509882EA2A76D9E4388A9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D657297C97AAA0A391E5177B9E2EFC06
Requests: 9 HTTP requests in this frame

Frame: https://ad.lomadee.com/banner/view?sourceId=37069243&dimension=19&width=320&height=50&method=0&advertisers=&tags=
Frame ID: 732ECB0CDB8DED903D5BD651C07DE35C
Requests: 4 HTTP requests in this frame

Frame: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1846439634&m=1680563004&c=1417763096&p0=1456549755&u=5ef09e5661d8cb51&t=1661279999&n=1226501152221287135&h=256252826
Frame ID: 7B57E62944868F1D465B31181F299514
Requests: 20 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1FCD4D18F7BC4CA58D9E8845FA0C4FC5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: 22070055370B781A4434AA78659608B5
Requests: 1 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Frame ID: BB796E121EF1BF76591F8927274516C5
Requests: 20 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 03EB89C199AF3A10A40F2176F8AD8B19
Requests: 10 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 999CB56F4949193A8C03E09905FC9E87
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5BC7B9090CA51C68A36730BA184E9F97
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661279997644&gdpr=0
Frame ID: 9F4C86525929FEC3BDA66133AA3C4417
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 6588F013EFE63220A055284A1E0FA069
Requests: 2 HTTP requests in this frame

Frame: https://awscloudfront.ml/
Frame ID: 309F531D600A04A01F9C7B72F77E3EDE
Requests: 2 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 5500FC8DBF8C6E26C05DDA88E5AC87AA
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 56EC0516CB712D0D7BB19F3955957AFD
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: FF1C273151F6BF7FB611C364C87A8D48
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: BC8546DBE5E5F410F1EAF40F5C9CBBB4
Requests: 2 HTTP requests in this frame

Frame: https://megacdn.top/
Frame ID: F158621C316887E6A016BF1C8DAFDB53
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 05B0EE8B78912424C76720774FE9487F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/3ad2c3d5e5e070bc42afe323123f4d
Frame ID: 81875473EEBCCF79988902ACECED862A
Requests: 1 HTTP requests in this frame

Frame: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01003470
Frame ID: CDC238C79B62E9FE8F716D429C69F65C
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.arnolds.com.br/410fba9f-e7bc-41ef-89cf-68176df5a45a
Frame ID: C28DAAEA49ADF9FBC85EB3C58E2CEE63
Requests: 1 HTTP requests in this frame

Frame: https://awscloudfront.ml/
Frame ID: A27DD0D32E6D47710DE13A967C3B1D2F
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/9hR33K4x2U0Fu1ts6IZn?pi=smilewanted&tc=1
Frame ID: AFF530D7E3AE1F41A9BC218B78604D4C
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=da7423b3d0695eaa08b99a96541fcc66
Frame ID: 65BD391F2A80B54FEB4AF177C97AC85E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 9C97519A53E2D81DAD12E605D36BC8C3
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 56A65DC132158D5DA02D4AE64692C050
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/20779243-bafd-4a06-a00e-6e2e982d349e&partner_id=1010
Frame ID: 5A0B0AAE55FC4F2FC3BC62AD8930321E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 8B12485CDAA7DD89566FB68079B89C4F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: B0D02544EFC6E5EC56196351375208AA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YwUfAesU1WSG9FdQd0vHDgAA%261107
Frame ID: 6973D24D87826EA711EA816407798C58
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/ff9650ad-2312-11ed-8199-1d34abdd0306
Frame ID: F6F41ED18C7B1705B9B81B4F6ED93EEF
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 37D4137B41E125511A740FAACB4EE779
Requests: 1 HTTP requests in this frame

Frame: blob://https://futebolistasonline.club/b70fc085-6eb7-4192-9d8f-f9dc27afa424
Frame ID: 23EC4FF20AA8203F9B9D053B20DE68C8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.arnolds.com.br&gdpr=1&gdpr_consent=
Frame ID: A043C1F816693800ED450B8739867AEE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1B9DB0F28F7C906EB69EBEA297D1B483
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F0DD5212804FEE30A0CDC0680C279F04
Requests: 2 HTTP requests in this frame

Frame: https://www.streamix.tv/
Frame ID: F9AB243B6054758EE239631B7EBF88B4
Requests: 2 HTTP requests in this frame

Frame: https://www.streamix.tv/
Frame ID: B059EC616A09E9B8C6981981996DE78E
Requests: 2 HTTP requests in this frame

Frame: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Frame ID: 47BD0C345EF22C59935F5625F5883408
Requests: 34 HTTP requests in this frame

Frame: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Frame ID: C38451FA58E0B9D1F5CA82441BFD87E5
Requests: 33 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7EB167BF9031B3C9A30A9E99D44E3E94
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7ECB1E4AECAE4AE2A426FF57328089A4
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: BF2A6E537E55EF7949F48A39B4B0F417
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 4062D2B68D488604C167F4D52F35BB51
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

5 Filme de Terror para dar Muito Medo

Page URL History Show full URLs

  1. https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzU... Page URL
  2. https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkj... Page URL
  3. https://www.arnolds.com.br/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1W... Page URL
  4. http://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar... HTTP 307
    https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar... Page URL
  5. https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo//?utm_source=facebook&utm_medium=socia... HTTP 301
    https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • dataTables.*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

595
Requests

95 %
HTTPS

38 %
IPv6

79
Domains

114
Subdomains

86
IPs

16
Countries

12049 kB
Transfer

24497 kB
Size

83
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk Page URL
  2. https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos Page URL
  3. https://www.arnolds.com.br/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos Page URL
  4. http://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F HTTP 307
    https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F Page URL
  5. https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo//?utm_source=facebook&utm_medium=social&utm_campaign=fanpages HTTP 301
    https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F HTTP 307
  • https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F
Request Chain 144
  • https://sender.clevernt.com/transporter/43452.php?ppuc=1&ppu=0&id=452644&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8%2FdXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM%3D&ruri=aHR0cHM6Ly9hZHNzdXBlci5jb20vc29jaWFsLnBocD9zcmM9aHR0cHMlM0ElMkYlMkZ3d3cuYXJub2xkcy5jb20uYnIlMkY1LWZpbG1lLWRlLXRlcnJvci1wYXJhLWRhci1tdWl0by1tZWRvJTJG&r=497329658&tok=33419711310201791433&cmpId=&fb=0&iv=-1&ctr=DE&sz=1200&landing=1&hei=360&mode=topscroll HTTP 302
  • https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Request Chain 386
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4DohXmQx6rjiuNHpxojgQufZNi9heaYvBueGOC48p0wrQBV46MvQPAn6uQBeAdMo1iRf_sUIfHtjpQHtV4mX8K_Us2ieDWWIChEbAl44g-rpoXdujuGhmRbifQ2SAdFKyD76HYRj58&google_gid=CAESEKGk6ZtW_I5UJSRGd0HuK4o&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdVZkFBQUFBWFg3N0ZhcA&google_push=AehlK4DohXmQx6rjiuNHpxojgQufZNi9heaYvBueGOC48p0wrQBV46MvQPAn6uQBeAdMo1iRf_sUIfHtjpQHtV4mX8K_Us2ieDWWIChEbAl44g-rpoXdujuGhmRbifQ2SAdFKyD76HYRj58
Request Chain 387
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFHpjq6r6JX-sCiKrsIq-nw&google_cver=1&google_push=AehlK4DA2l364CROYgF326n6KrIiuiMta-MXaxqvV7jKzIFkGI5YwD4kZRH99uFqmfvhJrP59AJtrU5XNrIMWTFOwosZi4XZfhbmNeKKm80bT4ya2JOLbhm1HoB_XQdK4g6WBjVE58k0C5s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc2SjdXMVItMjYtSjBE&google_push=AehlK4DA2l364CROYgF326n6KrIiuiMta-MXaxqvV7jKzIFkGI5YwD4kZRH99uFqmfvhJrP59AJtrU5XNrIMWTFOwosZi4XZfhbmNeKKm80bT4ya2JOLbhm1HoB_XQdK4g6WBjVE58k0C5s
Request Chain 388
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGbzcXcCH9zsUPbpjk0mzN0&google_cver=1&google_push=AehlK4CrwFEp1xspGAN8bjJkaHT_aEqIGV9mXbvuCtWoa3DlwDMQfY1rqclgJyGPMiapMP0p_lMEub7rktkUCXDIKCsmUtHoco9a5OUqTXTKUceVQLjtxQdmBiYG6Kk53Z_mp6kyBwBl2So HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CrwFEp1xspGAN8bjJkaHT_aEqIGV9mXbvuCtWoa3DlwDMQfY1rqclgJyGPMiapMP0p_lMEub7rktkUCXDIKCsmUtHoco9a5OUqTXTKUceVQLjtxQdmBiYG6Kk53Z_mp6kyBwBl2So
Request Chain 389
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPSf-DugJzSedxbiWkFOTys&google_cver=1&google_push=AehlK4BdJxWUnyjfvV4MZ5ds0lMxzaaO6sCpaMI-CWl-5OYgo7OU-24c_dHLUOl-GPf8ErFP6nZM0CD0kCds204OVZld_3m23nsDdp9Tz3vfpJvZi4pHThZidXgFMS0BVH2GifBcCbWj6tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4BdJxWUnyjfvV4MZ5ds0lMxzaaO6sCpaMI-CWl-5OYgo7OU-24c_dHLUOl-GPf8ErFP6nZM0CD0kCds204OVZld_3m23nsDdp9Tz3vfpJvZi4pHThZidXgFMS0BVH2GifBcCbWj6tk&google_hm=Z2E1OWIwNGI4MmNlNDY5YTk4Mjg=
Request Chain 390
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGq3wi3WqqXOAqbD1FV4CLI&google_cver=1&google_push=AehlK4CNbq0KNYXtnqV-w9ke-FyOUYsL2Iv7XQy2VSQdd0DZozHAISiCSqlr46iwVYBaIlbEpVH3w5A7qwPZsZbrG3vVYPGO-T36YVmt74qnnvcmeGt7JUKim2OXhBrsYO5zBh0nL5gKU7o HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4CNbq0KNYXtnqV-w9ke-FyOUYsL2Iv7XQy2VSQdd0DZozHAISiCSqlr46iwVYBaIlbEpVH3w5A7qwPZsZbrG3vVYPGO-T36YVmt74qnnvcmeGt7JUKim2OXhBrsYO5zBh0nL5gKU7o&google_gid=CAESEGq3wi3WqqXOAqbD1FV4CLI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkwMjY4MzI5MTA0OTQ4NjkyNjY1OQ%3D%3D&google_push=AehlK4CNbq0KNYXtnqV-w9ke-FyOUYsL2Iv7XQy2VSQdd0DZozHAISiCSqlr46iwVYBaIlbEpVH3w5A7qwPZsZbrG3vVYPGO-T36YVmt74qnnvcmeGt7JUKim2OXhBrsYO5zBh0nL5gKU7o
Request Chain 391
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDciNlZcKFfipyA0NztqCJw&google_cver=1&google_push=AehlK4BGc-mTA6CY5MvIwRBZM3bwK5Wvua0H4Zee9U3BtPM4geCD2AtqDTJ0KwM1GM4YkoHM3tZCWWLHBtPeP54dmfgAuFxq86zut52Zw2zl0uYEXtRVjUuWNmaMM0ofNu4kg18KaEUNMaY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4BGc-mTA6CY5MvIwRBZM3bwK5Wvua0H4Zee9U3BtPM4geCD2AtqDTJ0KwM1GM4YkoHM3tZCWWLHBtPeP54dmfgAuFxq86zut52Zw2zl0uYEXtRVjUuWNmaMM0ofNu4kg18KaEUNMaY&google_hm=WXdVZkFNQ284WU1BQUo1U0s4VUFBQUFB
Request Chain 419
  • https://sender.clevernt.com/transporter/43452.php?ppuc=1&ppu=0&id=452644&ref=aHR0cHM6Ly9mdXRlYm9saXN0YXNvbmxpbmUuY2x1Yi8%3D&ruri=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8%2FdXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM%3D&r=609665132&tok=33419711310201791433&cmpId=&fb=0&iv=-1&ctr=DE&sz=2000&landing=1&hei=600&mode=topscroll HTTP 302
  • https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Request Chain 441
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.arnolds.com.br%2F&domain=www.arnolds.com.br&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=D_g4sHxNOUlEa2xidnpMR00vd2dvbkVML3BPVXpKczNxaU9VeFFtaG9KMjJtQ29nblNyYnkzQkt2SFc5UWNKd0pEdTVsZElkMXg4and6NFRQUkMzMGRYYWwraWhEYllQNVJZNnlWOHpHOHdoYkErU2p5TVE5WjVINU1tTEliT0Q1bHBiK1JoY3ZpT0lzRm1iNXQzZXozbU1wWHc3eWFaWGVKTFpWRjZ2bDEyVG5idU9KRmxjY1V2T0lFYjIyQm1jUXRDMGtNd0ZtN0xzSjRvSTliRkxZOHBGOTBvejlCbmNGQ0lHNGxSekNnU3lRNEVXMmhEcXRzSjFBQkZMQTFhQWRJOGxnfA&cppv=2
Request Chain 467
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5275872984954526629
Request Chain 468
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=2f151b34-eece-52eb-9a2e-d5f2f92bcaf3
Request Chain 473
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 474
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QLf9BpRE2uGWLs6oCjrTkaW4NNRB8voLJmgqUzk-~A
Request Chain 476
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 492
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwUfAesU1WSG9FdQd0vHDgAABFMAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwUfAesU1WSG9FdQd0vHDgAABFMAAAIB&dcc=t
Request Chain 493
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwUfAesU1WSG9FdQd0vHDgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPN5XSrQ8Wxl38LBguL71Dg&google_cver=1&gdpr=1
Request Chain 495
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e5247e8b-6245-6855-a8d3702f
Request Chain 496
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=22eddc2b-71dd-40c0-ab33-167894863214&expiration=1692816001
Request Chain 499
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/3ad2c3d5e5e070bc42afe323123f4d
Request Chain 505
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/9hR33K4x2U0Fu1ts6IZn?pi=smilewanted&tc=1
Request Chain 506
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=da7423b3d0695eaa08b99a96541fcc66
Request Chain 509
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 510
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/20779243-bafd-4a06-a00e-6e2e982d349e&partner_id=1010
Request Chain 513
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YwUfAesU1WSG9FdQd0vHDgAA%261107
Request Chain 514
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=ff9650ef-2312-11ed-8199-1d34abdd0306 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/ff9650ad-2312-11ed-8199-1d34abdd0306

595 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
campanha.php
www.adssuper.com/instagram/
872 B
1 KB
Document
General
Full URL
https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 15:40:27 GMT
protected
by MS22081202
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-xss-protection
1; mode=block
/
adssuper.com/facebook/
2 KB
1 KB
Document
General
Full URL
https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 15:40:27 GMT
link
<https://adssuper.com/wp-json/>; rel="https://api.w.org/", <https://adssuper.com/wp-json/wp/v2/pages/12>; rel="alternate"; type="application/json", <https://adssuper.com/?p=12>; rel=shortlink
protected
by MS22081202
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-xss-protection
1; mode=block
/
www.arnolds.com.br/facebook-ads/
247 B
1 KB
Document
General
Full URL
https://www.arnolds.com.br/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Requested by
Host: adssuper.com
URL: https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 15:40:28 GMT
link
<https://www.arnolds.com.br/wp-json/>; rel="https://api.w.org/", <https://www.arnolds.com.br/wp-json/wp/v2/pages/11717>; rel="alternate"; type="application/json", <https://www.arnolds.com.br/?p=11717>; rel=shortlink
protected
by MS22081202
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-xss-protection
1; mode=block
social.php
adssuper.com/
Redirect Chain
  • http://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F
  • https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F
277 B
662 B
Document
General
Full URL
https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 15:40:28 GMT
link
<https://adssuper.com/wp-json/>; rel="https://api.w.org/"
protected
by MS22081202
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F
Non-Authoritative-Reason
HSTS
Primary Request /
www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/
Redirect Chain
  • https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo//?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
  • https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
67 KB
23 KB
Document
General
Full URL
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Requested by
Host: adssuper.com
URL: https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
e0c11b77797b37f998d256d54e7fd425dd0582f5e257676eafcc2a7932c82435
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 15:40:28 GMT
link
<https://www.arnolds.com.br/wp-json/>; rel="https://api.w.org/", <https://www.arnolds.com.br/wp-json/wp/v2/posts/11786>; rel="alternate"; type="application/json", <https://www.arnolds.com.br/?p=11786>; rel=shortlink
protected
by MS22081202
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-pingback
https://www.arnolds.com.br/xmlrpc.php
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 15:40:28 GMT
location
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
protected
by MS22081202
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-pingback
https://www.arnolds.com.br/xmlrpc.php
x-redirect-by
WordPress
x-xss-protection
1; mode=block
main.css
www.arnolds.com.br/facebook/css/
16 KB
4 KB
Stylesheet
General
Full URL
https://www.arnolds.com.br/facebook/css/main.css
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
db1f2f4de4a134a2c6da8be0bf4f997c02d446699f4ae7e12821b90fbd583b84
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:28 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5fc480a5-4084"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
jquery-3.4.0.min.js
www.arnolds.com.br/facebook/js/
86 KB
32 KB
Script
General
Full URL
https://www.arnolds.com.br/facebook/js/jquery-3.4.0.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:28 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5f7629aa-15857"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
cookie.js
www.arnolds.com.br/facebook/js/
1 KB
749 B
Script
General
Full URL
https://www.arnolds.com.br/facebook/js/cookie.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
bec35833fdefd9f00dea8ea4453556d725b2c2368792502677410c6f72699636
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:28 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5f7629aa-418"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
cache.js
www.arnolds.com.br/facebook/js/
2 KB
890 B
Script
General
Full URL
https://www.arnolds.com.br/facebook/js/cache.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
b5633cefe7c581879292959bcb7039b1a41dad5d474103f166aa10669d54e0fe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:28 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5f7629a9-716"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
up.js
live.demand.supply/
9 KB
5 KB
Script
General
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61ef4b57e3c5e6779d4c9927bf6e317ed075026191be53a918cbc0f2d264c6e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01GA7C4CYSWXH6JVYCHRT7RMC9
date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
br
cf-cache-status
HIT
age
460
cf-polished
origSize=9326
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"5578b9d9399dad1ea255d5befd5fac63-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
73f5f949dec89088-FRA
link
<https://live.demand.supply/impl.v15.2.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/d3d3LmFybm9sZHMuY29tLmJyLzUtZmlsbWUtZGUtdGVycm9yLXBhcmEtZGFyLW11aXRvLW1lZG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz>; rel=preload; as=script
js
www.googletagmanager.com/gtag/
106 KB
42 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8eb18d47449e835bb90b5b734945d763437bcb322ba44f59422afcf43708ce7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42033
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Aug 2022 18:39:56 GMT
918e1eea-b7af-45da-a987-49a1ce4b265a.min.js
cmp.optad360.io/items/
254 KB
72 KB
Script
General
Full URL
https://cmp.optad360.io/items/918e1eea-b7af-45da-a987-49a1ce4b265a.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21eb:f000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
633a066024a0832bae3a7b2846bb9514f5b495c649bf5ce359beb6745b710e95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
gzip
last-modified
Tue, 26 Apr 2022 14:09:17 GMT
server
AmazonS3
x-amz-cf-pop
LAX3-C4
etag
W/"80ca6ccda5b7483741ff59732ca7c9fd"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 fe837f35c008063fe28d7f6bd9b1c62a.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-id
GTmYOMUGCJJ0Pk_hg5TdS0h5lNm3TD_a8E6BMpSZxd_W3XrbFNWPxA==
plugin.min.js
get.optad360.io/sf/db271296-3d68-4d58-aebf-31ea11eb6243/
268 KB
58 KB
Script
General
Full URL
https://get.optad360.io/sf/db271296-3d68-4d58-aebf-31ea11eb6243/plugin.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a9de94c9023f2e9a9e60e817685551dee65e694a1dfba8e00234278a8729f89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:27:09 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 08:26:27 GMT
server
AmazonS3
age
768
etag
W/"ec5f0d273afe32a27f0f6c3eb975bb96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
bVAt4m5JVAZ-t_HowFRKlvSh4lTnv2ewyilbfbnGJH60webnD5MZfg==
carregando.gif
www.arnolds.com.br/instagram/
6 KB
6 KB
Image
General
Full URL
https://www.arnolds.com.br/instagram/carregando.gif
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:29 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5f7629b0-16fe"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/gif
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
5886
x-content-type-options
nosniff
protected
by MS22081202
download.gif
www.arnolds.com.br/facebook/img/
5 KB
6 KB
Image
General
Full URL
https://www.arnolds.com.br/facebook/img/download.gif
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
3baee6b91d41cdf1f6876a21a763e66bd5ef64b156af02da2a1b2291f9a2b584
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:29 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5f7629a0-151f"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/gif
x-xss-protection
1; mode=block
cache-control
no-cache
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
5407
x-content-type-options
nosniff
protected
by MS22081202
script.js
ad.lomadee.fun/banners/
141 KB
48 KB
Script
General
Full URL
https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1156a0afa36a72524e02ba5aa358173381ccaee59285c97fa84fbf81aeac361c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHFSlXI71K7XjhGwM7WZ4KFq6AdqcnfvE1GTzKuuL6Ag2WJ5jq1OnAOGvB0zdOhcjrXTI%2Fg%2BczmZBFYjYfDiHBSMVsl7YPz17XjwQ7siFiDqEQyKhdXhmH5fR%2Bqj%2FcgKOwJG0IBu%2BiVNKYFsEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f94b6d71bbf2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
d.js
waust.at/
14 KB
7 KB
Script
General
Full URL
https://waust.at/d.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95c9628c1b9999a708886345c166c5234c9e0f4e8f540939a0e2fe66168d320c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
689
last-modified
Mon, 08 Aug 2022 16:39:43 GMT
server
cloudflare
etag
W/"62f13c4f-397a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yesC11k2gJ%2Fn1B8FaF7J1W2ZNSmjkhZbSvN2iz7s4S3msfzqU88zYoSIqRJ8iG8XJiuoN%2Fi2gNOm%2BwKeGbseybvrL3Si%2BGiK6N76%2FIyKFxbK%2BUpVLyMT69%2ByvBmFk1cef0%2BUHn0z"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
73f5f94b28216987-FRA
expires
Wed, 24 Aug 2022 18:28:27 GMT
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/facebook/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56392a97bf35956d4a099fbf3c764a01ee1f2cf2e070a0d8aacf458dbecca0a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/facebook/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:39:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:39:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:39:56 GMT
css
fonts.googleapis.com/
5 KB
740 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/facebook/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/facebook/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:38:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:39:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:39:56 GMT
impl.v15.2.0.js
live.demand.supply/
78 KB
25 KB
Script
General
Full URL
https://live.demand.supply/impl.v15.2.0.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73201cd61d120c36fd747444793aa5ccffcfdbb92b0168fe316b8d2a9520dce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01GA74AH5PM44ZFP6ZBTP879AC
date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
br
cf-cache-status
HIT
age
1035621
cf-polished
origSize=80095
cf-ray
73f5f94a8f8d9088-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"e392b9d0ccb1968e28d6d403bc0f2521-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
d3d3LmFybm9sZHMuY29tLmJyLzUtZmlsbWUtZGUtdGVycm9yLXBhcmEtZGFyLW11aXRvLW1lZG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz
live.demand.supply/p4/v14-3-0/
156 B
225 B
Script
General
Full URL
https://live.demand.supply/p4/v14-3-0/d3d3LmFybm9sZHMuY29tLmJyLzUtZmlsbWUtZGUtdGVycm9yLXBhcmEtZGFyLW11aXRvLW1lZG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
73f5f94a8f8f9088-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bg_1.png
www.arnolds.com.br/instagram/img/
262 B
553 B
Image
General
Full URL
https://www.arnolds.com.br/instagram/img/bg_1.png
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/facebook/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
815fd8cd1ff4fb8f036b23e556f20ad5f7bf54f8cfee11c9c609de72765d3441
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/facebook/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:29 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5f7629bd-106"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
262
x-content-type-options
nosniff
protected
by MS22081202
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 18:50:34 GMT
x-content-type-options
nosniff
age
85762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:50:34 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/
31 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 04:47:18 GMT
x-content-type-options
nosniff
age
568358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31760
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:54:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 04:47:18 GMT
e.js
live.demand.supply/e/
0
401 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?e=ll&d=180&cs=c&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4T3N5TFYTCNCKTENT950AYC
date
Tue, 23 Aug 2022 18:39:56 GMT
cf-cache-status
HIT
age
829030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f94b1a7390be-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
164 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc78df34cfc8b76a3a91c57c029977b84840175ae6c973fc70e7aa207e2fd583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57072
x-xss-protection
0
server
cafe
etag
13803145673684624051
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:39:56 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
83 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
a9f28d75598bbee6fefc3cc88da757614b15661b2531e42b9033eec8611c305e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28591
x-xss-protection
0
server
sffe
etag
"1312 / 893 of 1000 / last-modified: 1661252780"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 18:39:56 GMT
ds.2.html
live.demand.supply/
413 B
469 B
XHR
General
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G41WAEP1HEHKVXZ5999VHJHV
date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
5092
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
73f5f94b1a7090be-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/
159 KB
41 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 23 Aug 2022 17:45:37 GMT
via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront), 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified
Mon, 15 Aug 2022 16:12:00 GMT
server
AmazonS3
age
3260
etag
W/"52a6bc60961c702869c58b9d159c8e37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-C1
content-encoding
gzip
x-amz-cf-id
TD3HvyWWw4AIIF3nUJpne3F2Pk0tqrcr4uuftk0xx-4971ZTVsOFgA==
uamp.1.json
live.demand.supply/
8 KB
3 KB
XHR
General
Full URL
https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4K260EWW36GB2F5Z0JC5A9M
date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
334229
etag
W/"011e5e31e2a3f38b0144a3f8ebd2c638-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
73f5f94b1a7290be-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
arnolds.com.br_fluid_sq
api.demand.supply/v14-3-0/a/
313 B
276 B
XHR
General
Full URL
https://api.demand.supply/v14-3-0/a/arnolds.com.br_fluid_sq?&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1138bfb8d54fa09dccb43ee5fde94bc36179857c2a6ed2d8a9222870e0f265

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"139-Phh8iddaQwkRowb/Z6cE4iIHBKo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
73f5f94b7883bbb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
arnolds.com.br_fluid_sq
api.demand.supply/v14-3-0/a/
313 B
272 B
XHR
General
Full URL
https://api.demand.supply/v14-3-0/a/arnolds.com.br_fluid_sq?&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1138bfb8d54fa09dccb43ee5fde94bc36179857c2a6ed2d8a9222870e0f265

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
br
cf-cache-status
UPDATING
server
cloudflare
age
7859
etag
W/"139-Phh8iddaQwkRowb/Z6cE4iIHBKo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
73f5f94b7888bbb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
arnolds.com.br_fluid_sq
api.demand.supply/v14-3-0/a/
313 B
575 B
XHR
General
Full URL
https://api.demand.supply/v14-3-0/a/arnolds.com.br_fluid_sq?&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1138bfb8d54fa09dccb43ee5fde94bc36179857c2a6ed2d8a9222870e0f265

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
br
cf-cache-status
UPDATING
server
cloudflare
age
7859
etag
W/"139-Phh8iddaQwkRowb/Z6cE4iIHBKo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
73f5f94b788abbb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
config
c.amazon-adsystem.com/cdn/prod/
386 B
737 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.arnolds.com.br&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:55 GMT
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
386
x-amz-cf-id
gbbesUe6-qa7hJtU8Gvn-xFG7wsbbvGMe0UGcZHHefPHUMBFOeWtUA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 03:45:14 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
53683
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 22:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
JXufo2ctue2uysHllG2MRpKE8F0E4.a0
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
XKJaENvKmV7Um0LAluDbQ2zqu-AbCgvH8Z2QDq8CjzpOhV6ly-EfxQ==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5876
date
Tue, 23 Aug 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 23 Aug 2022 19:02:00 GMT
arnolds.com.br_fluid_sq
live.demand.supply/cp/
28 B
256 B
XHR
General
Full URL
https://live.demand.supply/cp/arnolds.com.br_fluid_sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37d1ff365dfe111d205d6c9cfa642dfc1b53f33039ac9409fab11936b210a911

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
73f5f94bdaf590be-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28
arnolds.com.br_fluid_sq
live.demand.supply/cp/
28 B
256 B
XHR
General
Full URL
https://live.demand.supply/cp/arnolds.com.br_fluid_sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37d1ff365dfe111d205d6c9cfa642dfc1b53f33039ac9409fab11936b210a911

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
73f5f94bdafe90be-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28
pubads_impl_2022082201.js
securepubads.g.doubleclick.net/gpt/
384 KB
131 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
a94d87084ea9ec639ee261ba747db90b2f3992bbbd100c1f5009680ad744be6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133634
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 08:35:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Aug 2023 14:44:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
144 B
131 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2357313c85ed63b21d668505ae655a505e5ddbc3058e365a1270015a89acb83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Tue, 23 Aug 2022 18:39:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220818/r20190131/ Frame 1BD9
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220818/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14003
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:46:33 GMT
etag
8616628553774171045
expires
Tue, 06 Sep 2022 14:46:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
arnolds.com.br_fluid_sq
live.demand.supply/cp/
28 B
256 B
XHR
General
Full URL
https://live.demand.supply/cp/arnolds.com.br_fluid_sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37d1ff365dfe111d205d6c9cfa642dfc1b53f33039ac9409fab11936b210a911

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
73f5f94c4b5190be-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1510125464&t=pageview&_s=1&dl=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&dr=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&ul=en-us&de=UTF-8&dt=5%20Filme%20de%20Terror%20para%20dar%20Muito%20Medo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=838304183&gjid=731262592&cid=776207754.1661279997&tid=UA-108875794-3&_gid=943460006.1661279997&_r=1&gtm=2ou8m0&z=1168415573
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:39:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid6.13.0.js
get.optad360.io/sf/
527 KB
528 KB
Script
General
Full URL
https://get.optad360.io/sf/prebid6.13.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/db271296-3d68-4d58-aebf-31ea11eb6243/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
710bf3b3a54e164c3bde1c64dd239d2e8cafb6277fecfcfff4bda901d81d377b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 22:53:49 GMT
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified
Wed, 02 Mar 2022 11:37:42 GMT
server
AmazonS3
age
2922368
etag
"9880469287264dec1b2db80d6f0c4c98"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
539768
x-amz-cf-id
FyNHHz_QKIRDwPK5BVuDiCEWuc_nBuhN5XmJTTn1qO05iUosfHnFLQ==
id5-api.js
cdn.id5-sync.com/api/1.0/
43 KB
13 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49907fa8e3c67675f143d2d13940ac5ebe29522c5feb70c570aab1e0c1fba2e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:56 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
1259
x-amz-server-side-encryption
AES256
x-amz-request-id
B5CNQBM2GD83601J
x-amz-id-2
TceJDHOjfEdh1N+JNnLeCLBhLNp9LPylyAT8z8H6Q6/HTmu7RM7XgcHIzCwbiNPyLLynRNXLck0=
last-modified
Tue, 23 Aug 2022 08:57:12 GMT
server
cloudflare
etag
W/"bc3c521f89b11aa48366adef8a4f24e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
73f5f94cc9436933-FRA
e.js
live.demand.supply/e/
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=arnolds.com.br_fluid_sq&pdc=0.531055443056703&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4T3N5TFYTCNCKTENT950AYC
date
Tue, 23 Aug 2022 18:39:56 GMT
cf-cache-status
HIT
age
829030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f94cfc1790be-FRA
e.js
live.demand.supply/x/
0
364 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=da&r=arnolds.com.br_fluid_sq&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4ND3SBEQG2V10BFPH9CQ9EF
date
Tue, 23 Aug 2022 18:39:56 GMT
cf-cache-status
HIT
age
1470225
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f94cfc1890be-FRA
e.js
live.demand.supply/e/
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=arnolds.com.br_fluid_sq&pdc=0.531055443056703&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4T3N5TFYTCNCKTENT950AYC
date
Tue, 23 Aug 2022 18:39:56 GMT
cf-cache-status
HIT
age
829030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f94d0c1990be-FRA
e.js
live.demand.supply/x/
0
364 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=da&r=arnolds.com.br_fluid_sq&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4ND3SBEQG2V10BFPH9CQ9EF
date
Tue, 23 Aug 2022 18:39:56 GMT
cf-cache-status
HIT
age
1470225
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f94d0c1a90be-FRA
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220823
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6cb31466abd327f67436b68da439bae3aa414bdc41872972fdd8f90dba365c87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
13137
x-jsd-version
1.0.1441
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
915
etag
W/"666-sZAR3d10B49a/ZZ188bLk+3iKvE"
x-served-by
cache-fra19160-FRA, cache-hhn4059-HHN
x-jsd-version-type
version
date
Tue, 23 Aug 2022 18:39:57 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
bid
c.amazon-adsystem.com/e/dtb/
23 B
493 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&pr=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&pid=37aqOd7pwXAki&cb=0&ws=1600x1200&v=22.8.42053&t=2000&slots=%5B%7B%22sd%22%3A%22arnolds.com.br_fluid_sq%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
CA1EEVY1WE971Y1GXQ25
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
vNvqvwp13pu3J62cpsp0NZbm9hzmLAgqJKnZOv88IulSLYWXQpPV1Q==
bid
c.amazon-adsystem.com/e/dtb/
23 B
496 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&pr=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&pid=37aqOd7pwXAki&cb=1&ws=1600x1200&v=22.8.42053&t=2000&slots=%5B%7B%22sd%22%3A%22arnolds.com.br_fluid_sq%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
X4FE9HZFNHD0BCFJKJP5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
83HwEPgCAiLe2GMaU4iWxE_PPZ0-QADOqrQHX-E9lSL9jeTV6R5jLw==
v1
lb.eu-1-id5-sync.com/lb/
33 B
332 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
b7b660b1e1668d289a122e144bcea58f20bc4cc55418ee662c52659e7d53ed92

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.arnolds.com.br
date
Tue, 23 Aug 2022 18:39:56 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
e.js
live.demand.supply/e/
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=arnolds.com.br_fluid_sq&pdc=0.531055443056703&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4T3N5TFYTCNCKTENT950AYC
date
Tue, 23 Aug 2022 18:39:57 GMT
cf-cache-status
HIT
age
829031
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f94d6c6890be-FRA
e.js
live.demand.supply/x/
0
364 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=da&r=arnolds.com.br_fluid_sq&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4ND3SBEQG2V10BFPH9CQ9EF
date
Tue, 23 Aug 2022 18:39:57 GMT
cf-cache-status
HIT
age
1470226
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f94d6c6990be-FRA
bid
c.amazon-adsystem.com/e/dtb/
23 B
495 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&pr=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&pid=37aqOd7pwXAki&cb=2&ws=1600x1200&v=22.8.42053&t=2000&slots=%5B%7B%22sd%22%3A%22arnolds.com.br_fluid_sq%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
TN8A1WQ87RZ9C2RVQ1D6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
YZzvHRL1fpSSuc4X9dylbQFXM5i2nAryJq5RJxDErAP6cgCflPA_vA==
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
20 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=992353446576962&correlator=1651288283767882&eid=31068928%2C31069092%2C31067826&output=ldjh&gdfp_req=1&vrg=2022082201&ptt=17&impl=fif&iu_parts=44890869%3A22579995370%2Cca-pub-3831894559014614-tag%2Cf5df9001-d77c-4313-8061-7b23276728af&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&ifi=1&adks=3167140796&sfv=1-0-38&fsapi=false&prev_scp=ti%3Db04c5544-c1b5-4af5-808d-b92d317676be%26pof%3D0%26bid%3D0.37%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1661279997083&lmt=1661279997&dlt=1661279996373&idt=557&adxs=410&adys=890&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=305&ga_vid=776207754.1661279997&ga_sid=1661279997&ga_hid=1510125464&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b8d9be0db1f8874af5c06b8c7c7fe5b4e5000472fb9a7f8d89c160c65bc5c4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10020
x-xss-protection
0
google-lineitem-id
5563951840
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 33F2
6 KB
4 KB
Document
General
Full URL
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 18:39:57 GMT
expires
Wed, 23 Aug 2023 18:39:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
20 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=992353446576962&correlator=1341107719945793&eid=31068928%2C31069092%2C31067826&output=ldjh&gdfp_req=1&vrg=2022082201&ptt=17&impl=fif&iu_parts=44890869%3A22579995370%2Cca-pub-3831894559014614-tag%2Cf5df9001-d77c-4313-8061-7b23276728af&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&ifi=2&adks=2986731193&sfv=1-0-38&fsapi=false&prev_scp=ti%3Db04c5544-c1b5-4af5-808d-b92d317676be%26pof%3D0%26bid%3D0.37%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1661279997101&lmt=1661279997&dlt=1661279996373&idt=557&adxs=992&adys=890&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=301&ga_vid=776207754.1661279997&ga_sid=1661279997&ga_hid=1510125464&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a97483aef08d5011466f13f84e6ec38a1b4e595c3a72dda37993b9cae2bf7db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9819
x-xss-protection
0
google-lineitem-id
5563951840
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
20 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=992353446576962&correlator=214867392099535&eid=31068928%2C31069092%2C31067826&output=ldjh&gdfp_req=1&vrg=2022082201&ptt=17&impl=fif&iu_parts=44890869%3A22579995370%2Cca-pub-3831894559014614-tag%2Cf5df9001-d77c-4313-8061-7b23276728af&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&ifi=3&adks=3224277703&sfv=1-0-38&fsapi=false&prev_scp=ti%3Db04c5544-c1b5-4af5-808d-b92d317676be%26pof%3D0%26bid%3D0.37%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1661279997113&lmt=1661279997&dlt=1661279996373&idt=557&adxs=410&adys=279&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=305&ga_vid=776207754.1661279997&ga_sid=1661279997&ga_hid=1510125464&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
27fdb5636ffbcaf7ca8df47c9e26cb62d24bd2f4f383b597d6cd4b4258c2df8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9835
x-xss-protection
0
google-lineitem-id
5563951840
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1113.json
id5-sync.com/g/v2/
216 B
628 B
XHR
General
Full URL
https://id5-sync.com/g/v2/1113.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216533.ip-141-95-98.eu
Software
/
Resource Hash
a9e251d76f34521d9b9c85b010b77e45060974ee3e4be9b222ca6e88bc0058d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.arnolds.com.br
date
Tue, 23 Aug 2022 18:39:56 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
p1ee4c174b3b485049176b5ff8cbbe10e.otf
ad.lomadee.fun/fonts/
424 B
1 KB
XHR
General
Full URL
https://ad.lomadee.fun/fonts/p1ee4c174b3b485049176b5ff8cbbe10e.otf
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9789e4a25fa23efe97512b4c8d286347f1c0320e319a3b12c14d6b4c3aa116f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
424
pragma
no-cache
server
cloudflare
etag
0aca38ddc466eb728161828763789138
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtUhZM%2BBkcnBRL5K40mmOdDL62cZo2Y%2BUmjguyR8m5WcvEObq2DGFWq52ngLO6d5doukCfyLt%2FQpRFPaGN2oQsrxfE4fn68kiIOTKlpJMspfEj5Ii6kotTyaQ3So4D%2BibEIWssUk1iYglO8d4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f94edbb5bb7a-FRA
expires
0
script.js
ad.lomadee.com/banners/
433 B
595 B
Script
General
Full URL
https://ad.lomadee.com/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
ad9f9715cc466d6b47c51f9bf3f3a86fd2796fff2e553f9cb67d7a6f4058f743

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 03 Apr 2022 06:59:55 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
age
12310801
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-language
en-US
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-type
text/html;charset=UTF-8
content-length
281
x-amz-cf-id
ahqvyLKVcIK-WzJwAdlH3bt3G5sAZStbiLwJYnA4zWjLK8VUa2T0SA==
view
ad.lomadee.com/banner/ Frame 741A
1 KB
983 B
Document
General
Full URL
https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
b09c8f21fb8b53a6e355b9c415e1faef94f5dcab16f138261b0b76f6fb816432

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-language
en-US
content-type
text/html;charset=UTF-8
date
Tue, 23 Aug 2022 18:39:57 GMT
server
Apache-Coyote/1.1
vary
Accept-Encoding
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
x-amz-cf-id
LIpeDbyKWHo-6Izgo6Q_b7H8isPHAMvlm-NYKAPuGz2IsJ0SPaQHtA==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
/
futebolistasonline.club/ Frame FBB7
57 KB
12 KB
Document
General
Full URL
https://futebolistasonline.club/
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
ce7b79859a6195c80419b4f4579f58ee0711a518a77d7d9aeed696711691c273
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 15:40:30 GMT
link
<https://futebolistasonline.club/wp-json/>; rel="https://api.w.org/"
protected
by MS22081202
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-xss-protection
1; mode=block
/
www.arnolds.com.br/ Frame 1168
160 KB
21 KB
Document
General
Full URL
https://www.arnolds.com.br/
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
76396a34f5d4643509dae1874c6ed62e489e1ae35c79e88d2df30acbaae3af0e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 15:40:30 GMT
link
<https://www.arnolds.com.br/wp-json/>; rel="https://api.w.org/", <https://www.arnolds.com.br/wp-json/wp/v2/pages/4212>; rel="alternate"; type="application/json", <https://www.arnolds.com.br/>; rel=shortlink
protected
by MS22081202
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-xss-protection
1; mode=block
/
rotumal.com/5/2748187/
45 B
542 B
XHR
General
Full URL
https://rotumal.com/5/2748187/?oo=1
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0a470dcb63b27b351e85c01df2baa667e440210e5f461497cb70cec4086bb606

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-trace-id
6444f2cae740d9e87941ec3880703868
pragma
no-cache, no-cache
date
Tue, 23 Aug 2022 18:39:57 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
content-length
45
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
rotumal.com/
70 KB
23 KB
Script
General
Full URL
https://rotumal.com/tag.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
dc2d5ec0504dd07cad1a7672b019d8774f26817e5f057ce31ca984a6819fe8af
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
x-content-type-options
nosniff
access-control-max-age
86400
content-length
22842
x-trace-id
861f1b08e0bc6af28fe6f68244d959bb
pragma
no-cache
last-modified
Mon, 22 Aug 2022 09:49:17 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
5d3f73c8fb54cf51fc0b674c3e2841fc.js
scripts.cleverwebserver.com/
137 KB
48 KB
Script
General
Full URL
https://scripts.cleverwebserver.com/5d3f73c8fb54cf51fc0b674c3e2841fc.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1246117fa3ba322c04e6667bb6c05513eb5bb67cb7ade261cfadc3ceff154d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 02 Aug 2022 09:11:17 GMT
server
cloudflare
x-amz-request-id
85ZQG34EYRYR7SQM
etag
W/"ef39f1b2bb49d5c871dd1e062b70c01f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
Lh_y.vJ2VkBCLN07wYGh7HOmZ2BXykev
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
73f5f9500d049c0a-FRA
x-amz-id-2
izmL5itEve836EPx9jJsBXVehjoY/a8impEqptZJAl71KypZg18VWMbWNFTAjXEb1PakuDmeRis=
expires
Tue, 23 Aug 2022 19:09:57 GMT
/
t.dtscout.com/i/
2 KB
3 KB
Script
General
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&j=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip238.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:39:57 GMT
X-T
0.67
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl2
Expires
Tue, 23 Aug 2022 18:39:56 GMT
e.js
live.demand.supply/x/
0
364 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4ND3SBEQG2V10BFPH9CQ9EF
date
Tue, 23 Aug 2022 18:39:57 GMT
cf-cache-status
HIT
age
1470226
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f94fceba90be-FRA
/
whos.amung.us/pingjs/
30 B
146 B
Script
General
Full URL
https://whos.amung.us/pingjs/?k=0hpugnb9nc&t=5%20Filme%20de%20Terror%20para%20dar%20Muito%20Medo&c=d&x=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&y=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&a=0&v=27&r=1524
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.114.212 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
8bdf934b5f60330dfa865a2b4b3a2c7aacb6aca219aa93ee0c88e01a8d1a9bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.arnolds.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.arnolds.com.br
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 23 Aug 2022 18:39:57 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
localstore.js
script.4dex.io/
483 B
940 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1316404
x-amz-request-id
tx2c2a7f1003e44e2d861b5-00629f4bc7
x-amz-id-2
tx2c2a7f1003e44e2d861b5-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wcuKQQtaJCUveQmYYR0rDMRzuT4%2Fvghi4rfUUsigRdSml27KtfTTXQFFEPSgYIPfP%2FsCTbrPVK7CKiczLTFPoqXwD602TMiGuVTEr8wIqFWSxSB0LP5lwq9mmhu%2BNMnCtYXrKmG0g8YctwF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
73f5f9505ff0699b-FRA
v1
prg.smartadserver.com/prebid/
0
340 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:39:57 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
apacdex
useast.quantumdex.io/auction/
0
340 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.arnolds.com.br
access-control-allow-credentials
true
cf-ray
73f5f9506e4c900c-FRA
prebid
ib.adnxs.com/ut/v3/
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4e79ce6cfe4b1b75453cf26227e1e117f89ad1824c4fadf78fc87b726cae2cac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 18:39:57 GMT
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
c0bc24d5-4e2f-4cce-8e66-dbae97f59655
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.arnolds.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/
114 B
944 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915536d330e7c5a41ed2b2915aaa5d820e81144812ec17c3be1153ccb03d6859

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Process Shapings. Seat shared_improvedigital: No adunits with mapping rule and shaping, Process Shapings. Seat shared_onetag: No adunits with mapping rule and shaping, Process Shapings. Seat shared_drbanner: No adunits with mapping rule and shaping, Process Shapings. Seat shared_rubicon: No adunits with mapping rule and shaping, Process Shapings. Seat shared_pubmatic: No adunits with mapping rule and shaping, Process Shapings. Seat shared_indexexchange: No adunits with mapping rule and shaping
content-encoding
gzip
x-err
Shapings: no adunits with size and seat and mapping
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
73f5f9508c4490dc-FRA
expires
0
/
prebid.smilewanted.com/
0
0

prebid-request
onetag-sys.com/
15 B
365 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
ssp.wp.pl/bidder/
0
225 B
XHR
General
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://www.arnolds.com.br
access-control-allow-credentials
true
uber-trace-id
00000000000000004cc34a9d3a784833:ca4fd0631589eba6:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7f7c95b4185b6fe7197d1a4886c70cf2da945c8373820ae9efb8616c90853974
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 18:39:57 GMT
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
e4efb48a-4948-4c28-8a0d-dfd00ab60fe2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.arnolds.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/
18 B
316 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=84888473286
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.arnolds.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
openrtb
adx.adform.net/adx/
0
411 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:39:57 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/
17 KB
9 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c69db9a8989359cc8f3a482a0e5ba97e93eac62670d13b114e6ddd4f7a584b3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 23 Aug 2022 18:39:57 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c6ac072d-2f96-4930-a0cb-a9c7e9c3230c
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.arnolds.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/
0
278 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.arnolds.com.br
date
Tue, 23 Aug 2022 18:39:57 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
4
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
180 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.arnolds.com.br
date
Tue, 23 Aug 2022 18:39:57 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
adagio.js
script.4dex.io/
72 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1314512
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx827fe523a266417399c2a-00629f4c02
x-amz-id-2
tx827fe523a266417399c2a-00629f4c02
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HECC7Hc1ay8Qg1y0cYYt0XHdse%2F43BartNhhBldrSBIef4DK4ncrmE9OQbu81GxDGW3MjevRsfQUlirU0xzqca82TH0y9CkC%2BN8aVWvU0wD7wY7ewpPOMsEoSXVMHd8OxyU3%2FI3qRf%2FScu68"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
73f5f950daf19193-FRA
access-control-allow-headers
Authorization
/
ui.cleverwebserver.com/
145 B
187 B
Script
General
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b039b6808272d4dfd72be37f6cc9fc230a865f6c1425fca9d14f4797cff02b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73f5f950eebe9c0a-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
esp.js
cdn.id5-sync.com/api/1.0/
44 KB
13 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8cd6a935771c335b708ce50bb07ff972f1e8d65185231435365bb0a66062411
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
2780
x-amz-server-side-encryption
AES256
x-amz-request-id
3TJKJKH50N75X8N4
x-amz-id-2
X2lhm/JrkRnnVr1aXNCxg4kWaQ/opoad+WYCH760qjIUm6VHsYUpQTrHP2UVRUUUQBkmAtw1fyI=
last-modified
Tue, 23 Aug 2022 08:57:12 GMT
server
cloudflare
etag
W/"c812189e503819b30a1ac4c9187a58eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
73f5f95128766933-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame C4AF
0
0

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C4AF
0
0

integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
49 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=992353446576962&correlator=2720618103714739&eid=31068928%2C31069092%2C31067826&output=ldjh&gdfp_req=1&vrg=2022082201&ptt=17&impl=fif&iu_parts=44890869%3A22579995370%2Cca-pub-3831894559014614-tag%2Cfcffe6e0-a98b-4f5f-8c84-c371027b44c4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&ifi=4&adks=2054813637&sfv=1-0-38&fsapi=false&prev_scp=ti%3Db04c5544-c1b5-4af5-808d-b92d317676be%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie=ID%3Df51e2ade12608f09-2255a1a4f5d40095%3AT%3D1661279997%3AS%3DALNI_MZQa3Mrn9nTz-27qmvwoGYVJCcSyA&abxe=1&dt=1661279997635&lmt=1661279997&dlt=1661279996373&idt=557&adxs=992&adys=890&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=301&ga_vid=776207754.1661279997&ga_sid=1661279997&ga_hid=1510125464&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a51efe1131eac39d9174b557408284b43b4b3aec5d32425c3748de853598b75e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12474
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D510
0
0

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D510
0
0

ads
securepubads.g.doubleclick.net/gampad/
51 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=992353446576962&correlator=3394577769722587&eid=31068928%2C31069092%2C31067826&output=ldjh&gdfp_req=1&vrg=2022082201&ptt=17&impl=fif&iu_parts=44890869%3A22579995370%2Cca-pub-3831894559014614-tag%2Cfcffe6e0-a98b-4f5f-8c84-c371027b44c4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&ifi=5&adks=2146717074&sfv=1-0-38&fsapi=false&prev_scp=ti%3Db04c5544-c1b5-4af5-808d-b92d317676be%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie=ID%3D8843393bba60c810-225ee287f5d40000%3AT%3D1661279997%3AS%3DALNI_MaYm2nhxAJgQ_hXpuigFIzuq1_LOA&abxe=1&dt=1661279997678&lmt=1661279997&dlt=1661279996373&idt=557&adxs=410&adys=890&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=305&ga_vid=776207754.1661279997&ga_sid=1661279997&ga_hid=1510125464&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
61edc138c98b6cb8178ddefe414cf8e80147009cdfc951f8a1caafe6322c2232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12693
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 58D9
0
0

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 58D9
0
0

ads
securepubads.g.doubleclick.net/gampad/
51 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=992353446576962&correlator=769282024302203&eid=31068928%2C31069092%2C31067826&output=ldjh&gdfp_req=1&vrg=2022082201&ptt=17&impl=fif&iu_parts=44890869%3A22579995370%2Cca-pub-3831894559014614-tag%2Cfcffe6e0-a98b-4f5f-8c84-c371027b44c4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&ifi=6&adks=3146323343&sfv=1-0-38&fsapi=false&prev_scp=ti%3Db04c5544-c1b5-4af5-808d-b92d317676be%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie=ID%3D2fa5b062e9108904-22f788adf5d400b7%3AT%3D1661279997%3AS%3DALNI_MYgt8DmKox3YSnxm65fXP4B-XLADQ&abxe=1&dt=1661279997714&lmt=1661279997&dlt=1661279996373&idt=557&adxs=410&adys=279&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=305&ga_vid=776207754.1661279997&ga_sid=1661279997&ga_hid=1510125464&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6c4f6bd31140286dcbd3b2a63dec4ddaae6e27a053bf86f8e1370c640187931e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12684
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.min.css
www.arnolds.com.br/wp-includes/css/dist/block-library/ Frame 1168
81 KB
12 KB
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-includes/css/dist/block-library/style.min.css?ver=b185e48851cfc9e116efc01f36b7895c
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"624d17e4-145db"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
styles.css
www.arnolds.com.br/wp-content/plugins/contact-form-7/includes/css/ Frame 1168
3 KB
1 KB
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"61e84444-aab"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
front-flex.min.css
www.arnolds.com.br/wp-content/plugins/siteorigin-panels/css/ Frame 1168
1 KB
770 B
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.16.0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
9043986fde648c179ce63d202242b956fe5bae1cbba32612c721e28aeeae65ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"61e84448-56b"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
frontend.min.css
www.arnolds.com.br/wp-content/plugins/wp-user-avatar/assets/css/ Frame 1168
72 KB
11 KB
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.2.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
3a03eec8b6b8f7367f1b66ff53ac880713e88c910b739e00c7c022534c179e57
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"61e8444a-11e7c"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
flatpickr.min.css
www.arnolds.com.br/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame 1168
16 KB
3 KB
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.2.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"61e8444a-3e52"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
select2.min.css
www.arnolds.com.br/wp-content/plugins/wp-user-avatar/assets/select2/ Frame 1168
15 KB
2 KB
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=b185e48851cfc9e116efc01f36b7895c
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"61e8444a-3a75"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
style.min.css
www.arnolds.com.br/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ Frame 1168
438 B
727 B
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.17
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
referrer-policy
no-referrer-when-downgrade
etag
"60f608ad-1b6"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
438
x-content-type-options
nosniff
protected
by MS22081202
screen.min.css
www.arnolds.com.br/wp-content/plugins/easy-table-of-contents/assets/css/ Frame 1168
5 KB
2 KB
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.17
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"60f608ad-13ef"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
css
fonts.googleapis.com/ Frame 1168
1003 B
420 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A%2C400%7CPoppins%3A%2C400%7CPoppins%3A%2C400%2C%2C400&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Cvietnamese&ver=1.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:39:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:39:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:39:57 GMT
bootstrap.css
www.arnolds.com.br/wp-content/themes/disto/css/ Frame 1168
221 KB
35 KB
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-content/themes/disto/css/bootstrap.css?ver=1.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
6c38dc17dbebb7e00014f3ea1025d5bb245baff733b50069eff5403b5dfaeeb8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5e32df22-373fb"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
style.css
www.arnolds.com.br/wp-content/themes/disto/ Frame 1168
733 KB
101 KB
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-content/themes/disto/style.css?ver=1.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
64dc3aa672761a3eb22acb210bbd442a25f360b80d60c3d4135e971600fb27eb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5e32df22-b75fb"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
responsive.css
www.arnolds.com.br/wp-content/themes/disto/css/ Frame 1168
93 KB
10 KB
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-content/themes/disto/css/responsive.css?ver=1.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
dc94b334bdbade3c6e278dcb6568556f0ce413d97a49d046e94a67f56472f0ff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5e32df22-17598"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
style.css
www.arnolds.com.br/wp-content/plugins/meks-easy-ads-widget/css/ Frame 1168
705 B
994 B
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/meks-easy-ads-widget/css/style.css?ver=2.0.5
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
4b0e2c1c8e6d92b9083cd952cea6a065485827df78fae548752352da136c3540
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
referrer-policy
no-referrer-when-downgrade
etag
"60329f60-2c1"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
705
x-content-type-options
nosniff
protected
by MS22081202
default.min.css
www.arnolds.com.br/wp-content/plugins/tablepress/css/ Frame 1168
5 KB
3 KB
Stylesheet
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"6155c3ec-13e4"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
jquery.min.js
www.arnolds.com.br/wp-includes/js/jquery/ Frame 1168
87 KB
32 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"621a764a-15db1"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
jquery-migrate.min.js
www.arnolds.com.br/wp-includes/js/jquery/ Frame 1168
11 KB
5 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"621a764a-2bd8"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
flatpickr.min.js
www.arnolds.com.br/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame 1168
49 KB
15 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=b185e48851cfc9e116efc01f36b7895c
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
587e022b442a0d7013a27f5fd2db035e28a74318d44dac1ac431f124c615bb37
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"61e8444a-c205"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
select2.min.js
www.arnolds.com.br/wp-content/plugins/wp-user-avatar/assets/select2/ Frame 1168
69 KB
21 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=b185e48851cfc9e116efc01f36b7895c
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"61e8444a-114c3"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
js
www.googletagmanager.com/gtag/ Frame 1168
106 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
807aad5832e9c4c12d40084288218c84c8103c827d377f5c65b42866eeb21c4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42035
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Aug 2022 18:39:58 GMT
up.js
live.demand.supply/ Frame 1168
9 KB
5 KB
Script
General
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23da15d35a5d620b1f3387b0d1fd6458166be04496de9d653ba0b22c4f542c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01GA7C4CYSWXH6JVYCHRT7RMC9
date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
cf-cache-status
HIT
age
461
cf-polished
origSize=9326
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"5578b9d9399dad1ea255d5befd5fac63-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
73f5f95209379bd4-FRA
link
<https://live.demand.supply/impl.v15.2.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/d3d3LmFybm9sZHMuY29tLmJyLw==>; rel=preload; as=script
918e1eea-b7af-45da-a987-49a1ce4b265a.min.js
cmp.optad360.io/items/ Frame 1168
254 KB
72 KB
Script
General
Full URL
https://cmp.optad360.io/items/918e1eea-b7af-45da-a987-49a1ce4b265a.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21eb:f000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
633a066024a0832bae3a7b2846bb9514f5b495c649bf5ce359beb6745b710e95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
gzip
last-modified
Tue, 26 Apr 2022 14:09:17 GMT
server
AmazonS3
age
1
etag
W/"80ca6ccda5b7483741ff59732ca7c9fd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fe837f35c008063fe28d7f6bd9b1c62a.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
LAX3-C4
x-amz-cf-id
iwW8awsO23-Fi1LN2YI_6eCygBGYS_RtpjzCwJvfbvFJiDsV9Zp27Q==
plugin.min.js
get.optad360.io/sf/db271296-3d68-4d58-aebf-31ea11eb6243/ Frame 1168
268 KB
58 KB
Script
General
Full URL
https://get.optad360.io/sf/db271296-3d68-4d58-aebf-31ea11eb6243/plugin.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a9de94c9023f2e9a9e60e817685551dee65e694a1dfba8e00234278a8729f89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:27:09 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 08:26:27 GMT
server
AmazonS3
age
770
etag
W/"ec5f0d273afe32a27f0f6c3eb975bb96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
J3ris_34mAbRNxCYd4hbiaD04vZLUhyHEXhKFNVPdQ4M6UO6yjySWw==
arnolds.png
www.arnolds.com.br/wp-content/uploads/2020/02/ Frame 1168
7 KB
7 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2020/02/arnolds.png
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
f363908fbfdcea7ae886b072d6bb21b190edd172d8322a1868c670d54e85dcfb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5e5411e0-1a2f"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
6703
x-content-type-options
nosniff
protected
by MS22081202
pp-120x120.jpg
www.arnolds.com.br/wp-content/uploads/2020/09/ Frame 1168
4 KB
4 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2020/09/pp-120x120.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
49d4222bdd4270b8b892b7b9bd568bb646673ecd9a8e2ea644e07c0ff4301525
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5f755dc6-e32"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
3634
x-content-type-options
nosniff
protected
by MS22081202
maxresdefault1-4-780x450.jpg
www.arnolds.com.br/wp-content/uploads/2022/07/ Frame 1168
38 KB
38 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/07/maxresdefault1-4-780x450.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
87e8633079fc9f56ea63ce2a1002d1568db21825cf35bb56820309f1b44df045
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62e34280-9760"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
38752
x-content-type-options
nosniff
protected
by MS22081202
post-like.js
www.arnolds.com.br/wp-content/plugins/disto-function/ Frame 1168
918 B
1 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/disto-function/post-like.js?ver=1.0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
f278bf82a64ac1a5ae8f69e06890047a914b3d0100bf856aabd758d2e15edf36
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5e3420e6-396"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
918
x-content-type-options
nosniff
protected
by MS22081202
comment-reply.min.js
www.arnolds.com.br/wp-includes/js/ Frame 1168
3 KB
2 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-includes/js/comment-reply.min.js?ver=b185e48851cfc9e116efc01f36b7895c
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"621a764a-ba3"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
regenerator-runtime.min.js
www.arnolds.com.br/wp-includes/js/dist/vendor/ Frame 1168
6 KB
3 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"621a764a-195e"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
wp-polyfill.min.js
www.arnolds.com.br/wp-includes/js/dist/vendor/ Frame 1168
19 KB
8 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"621a764a-4b3d"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
index.js
www.arnolds.com.br/wp-content/plugins/contact-form-7/includes/js/ Frame 1168
12 KB
4 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"61e84444-2e56"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
frontend.min.js
www.arnolds.com.br/wp-content/plugins/wp-user-avatar/assets/js/ Frame 1168
9 KB
3 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.2.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
8e252a29ade56d616f537aac3504b3a80c903fce646c464bb900f7e2f0f0f59b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"61e8444a-23b6"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
fluidvids.js
www.arnolds.com.br/wp-content/themes/disto/js/ Frame 1168
1 KB
990 B
Script
General
Full URL
https://www.arnolds.com.br/wp-content/themes/disto/js/fluidvids.js?ver=1.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
d9ce958515e4c42199afa5f6f985d7038047c2ca5821147d68fe3604b138e5aa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5e32df22-484"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
infinitescroll.js
www.arnolds.com.br/wp-content/themes/disto/js/ Frame 1168
10 KB
4 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-content/themes/disto/js/infinitescroll.js?ver=1.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
aaadde89b0db2f97f270379b4762e025c85a1a4d8a4c9ae2421ab48198cc3ae6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5e32df22-2971"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
justified.js
www.arnolds.com.br/wp-content/themes/disto/js/ Frame 1168
37 KB
13 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-content/themes/disto/js/justified.js?ver=1.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
25fdc7a17a7b3884e86c6f6b72b60288025980e5bcfff6b736f077902c1697ef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5e32df22-94e2"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
slick.js
www.arnolds.com.br/wp-content/themes/disto/js/ Frame 1168
42 KB
11 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-content/themes/disto/js/slick.js?ver=1.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
2c55dea800c7c131d9f3e3ac8a411abf3ca2b4fa836a7376aba3e99c43a621ba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5e32df22-a77b"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
theia-sticky-sidebar.js
www.arnolds.com.br/wp-content/themes/disto/js/ Frame 1168
5 KB
2 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-content/themes/disto/js/theia-sticky-sidebar.js?ver=1.5
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
ad386e83074906780dfa1feec2070ff6e11f15c07953ac3d8431300ae0ba175b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5e32df22-1509"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
aos.js
www.arnolds.com.br/wp-content/themes/disto/js/ Frame 1168
14 KB
5 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-content/themes/disto/js/aos.js?ver=1.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5e32df22-379f"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
custom.js
www.arnolds.com.br/wp-content/themes/disto/js/ Frame 1168
18 KB
3 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-content/themes/disto/js/custom.js?ver=1.6
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
c0a71ca2c2b80121a9db00dd745294b6a10f3904add5781197d3f6db69e4a574
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5e32df22-48ce"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
styling.min.js
www.arnolds.com.br/wp-content/plugins/siteorigin-panels/js/ Frame 1168
1 KB
953 B
Script
General
Full URL
https://www.arnolds.com.br/wp-content/plugins/siteorigin-panels/js/styling.min.js?ver=2.16.0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
6c125a51c16a7a29fa000a083e121b94ee8e192aa9d71f691d729f17cb9d0df2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"61e84448-527"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
js
www.googletagmanager.com/gtag/
107 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-139883519-66&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c30eb04d73951db5ec316ce436f1a59a31d5a1ad1b1c78203134582d1f90a5ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42041
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Aug 2022 18:39:57 GMT
js
www.googletagmanager.com/gtag/
107 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-135425005-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f70e6fbd5a8d9520b5d0cddb9c1ef46594fa6196d377aaa5a4c673509576179f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42060
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Aug 2022 18:39:57 GMT
bootstrap.js
ad.lomadee.fun/
16 KB
5 KB
Script
General
Full URL
https://ad.lomadee.fun/bootstrap.js
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74a494a17b4aa1290e6e7d1cb4c2f7ba4476673e4c9d29376abaee8e6278b36a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFi5VZQvYPAwYHF51DQi1N51c6BIJ2P9JAh%2FArUzh7kZgbofEInGb9G9nd%2BdPrUxnTBTy4ZYA%2B%2BhsaPbVAVtiyEwi%2BLw4PkoiGo5rVR91hzoLKI%2FyvV85Sw3o%2ByOWV2D1a9hlk1CdEKttwc3Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f95278909be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
/
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame DAC1
Redirect Chain
  • https://sender.clevernt.com/transporter/43452.php?ppuc=1&ppu=0&id=452644&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8%2FdXRtX3NvdXJjZT1mYWNlYm9vayZ1dG...
  • https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
4 KB
975 B
Document
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4affbd45b8fc138a38bbd00f4bd7fa70a542404b54c44126819a49a9d0ec7d32

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=1800
cf-cache-status
REVALIDATED
cf-ray
73f5f9543c789c0a-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 18:39:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 23 Aug 2022 19:09:58 GMT
last-modified
Sun, 24 Jul 2022 21:41:21 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
eOBYCaTuvoG4m/sg4som/txLJ3KqsWsboRn88ENGhvhXgj8ArMHilKdti0M3uS1pDaXqsGr62OA=
x-amz-request-id
KAE7P3GT3MVQ475B

Redirect headers

cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:39:58 GMT
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Tue, 23 Aug 2022 18:39:58 GMT
location
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
pragma
no-cache
server
nginx
truncated
/
655 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
wp-emoji-release.min.js
www.arnolds.com.br/wp-includes/js/ Frame 1168
18 KB
5 KB
Script
General
Full URL
https://www.arnolds.com.br/wp-includes/js/wp-emoji-release.min.js?ver=b185e48851cfc9e116efc01f36b7895c
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"621a764a-4705"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
increment
id5-sync.com/api/esp/
0
327 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216533.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.arnolds.com.br
date
Tue, 23 Aug 2022 18:39:57 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
style.min.css
futebolistasonline.club/wp-includes/css/dist/block-library/ Frame FBB7
81 KB
12 KB
Stylesheet
General
Full URL
https://futebolistasonline.club/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"624cf88f-145db"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
cookie-law-info-public.css
futebolistasonline.club/wp-content/plugins/cookie-law-info/public/css/ Frame FBB7
3 KB
1 KB
Stylesheet
General
Full URL
https://futebolistasonline.club/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"627922bc-c22"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
cookie-law-info-gdpr.css
futebolistasonline.club/wp-content/plugins/cookie-law-info/public/css/ Frame FBB7
27 KB
5 KB
Stylesheet
General
Full URL
https://futebolistasonline.club/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"627922bc-6a71"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
style.css
futebolistasonline.club/wp-content/themes/styleblog3/ Frame FBB7
15 KB
5 KB
Stylesheet
General
Full URL
https://futebolistasonline.club/wp-content/themes/styleblog3/style.css?ver=5.9.3
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
bcd020990e85c35214d11bdfc48a41e0082d614e681d9d38451b389090e4d4d2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5f6bff0f-3b6a"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
css
fonts.googleapis.com/ Frame FBB7
14 KB
950 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.9.3
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c367c622b7cc9eb103173aeaafa45b78179e4d795294fb3f32acb50ba4dc93c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:39:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:39:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:39:57 GMT
main.min.css
futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/css/ Frame FBB7
234 KB
43 KB
Stylesheet
General
Full URL
https://futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/css/main.min.css?ver=5.9.3
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
3e1609acbb7aa6a33b8c40d478ec96b0a0003924be4961258a9d7850084cfc23
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5f6bff0f-3a90c"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
jquery.min.js
futebolistasonline.club/wp-includes/js/jquery/ Frame FBB7
87 KB
32 KB
Script
General
Full URL
https://futebolistasonline.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"621a7675-15db1"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
jquery-migrate.min.js
futebolistasonline.club/wp-includes/js/jquery/ Frame FBB7
11 KB
5 KB
Script
General
Full URL
https://futebolistasonline.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"621a7675-2bd8"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
cookie-law-info-public.js
futebolistasonline.club/wp-content/plugins/cookie-law-info/public/js/ Frame FBB7
33 KB
8 KB
Script
General
Full URL
https://futebolistasonline.club/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"627922bc-8583"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
up.js
live.demand.supply/ Frame FBB7
4 KB
2 KB
Script
General
Full URL
https://live.demand.supply/up.js
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87b9c3f2b4fef4924d72457dd213a8b320a05dd2090742ba368ae8ed7f45be82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01GA743V388P9F93HGKZHC4PFA
date
Tue, 23 Aug 2022 18:39:59 GMT
content-encoding
br
cf-cache-status
HIT
age
445
cf-polished
origSize=3935
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"99391899477f7d0487b771bbb9e17014-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
73f5f959ff179bd4-FRA
link
<https://live.demand.supply/impl.v15.2.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/ZnV0ZWJvbGlzdGFzb25saW5lLmNsdWIv>; rel=preload; as=script
js
www.googletagmanager.com/gtag/ Frame FBB7
106 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-108875794-2
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc47fe76a727b19e2809cf536e50aba67ecdf9e9a772c78abc9d5164d220bf20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42036
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Aug 2022 18:39:59 GMT
5942983f-31d2-426b-8fd7-4a4be6e19fbb.min.js
cmp.optad360.io/items/ Frame FBB7
497 B
850 B
Script
General
Full URL
https://cmp.optad360.io/items/5942983f-31d2-426b-8fd7-4a4be6e19fbb.min.js
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21eb:f000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 03:09:18 GMT
via
1.1 fe837f35c008063fe28d7f6bd9b1c62a.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
55842
etag
"7acdc116a0830ba0aef5e087010246ba"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
LAX3-C4
accept-ranges
bytes
content-length
497
x-amz-cf-id
Su6RUrt4u4R2dEzBjcl20ZlfUMxDDKOPmC-XFXa9rPbsnxNsTSpyow==
plugin.min.js
get.optad360.io/sf/b673a0d0-2fd8-411b-885b-35ee33ab22a4/ Frame FBB7
367 KB
88 KB
Script
General
Full URL
https://get.optad360.io/sf/b673a0d0-2fd8-411b-885b-35ee33ab22a4/plugin.min.js
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89f7966aa12b0c194008a474ec52c9c7af040662d5aceaae4b5eed1006d7e87d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 11:05:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"8b4bf08342f4aeb1dd06fce58a1883d6"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-id
IdfLEAYnBDjhNix8QyLKvbPA9boOV8TwePOG4uqII0meAdx11HhC0A==
load.js
amer.viadata.store/tag/ Frame FBB7
8 KB
3 KB
Script
General
Full URL
https://amer.viadata.store/tag/load.js?sid=104413
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.237.60.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
de619fbe12252ff30c18076b7118fff32d2d52e506b16d21f5962af3162649d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
logo.png
futebolistasonline.club/wp-content/uploads/2020/05/ Frame FBB7
8 KB
8 KB
Image
General
Full URL
https://futebolistasonline.club/wp-content/uploads/2020/05/logo.png
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
2fe2c11fe13c383ed7dfca019b5bfe487027e3e934e3b2cedf953226d17cd427
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5eadf0d4-1eee"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
7918
x-content-type-options
nosniff
protected
by MS22081202
hamilton-brasil1-680x450.png
futebolistasonline.club/wp-content/uploads/2022/08/ Frame FBB7
495 KB
495 KB
Image
General
Full URL
https://futebolistasonline.club/wp-content/uploads/2022/08/hamilton-brasil1-680x450.png
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
b6f6a80d4cf098237600a886d7c70a9ae3f0bbf95691e09b490a106207678955
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62f30f01-7ba93"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
506515
x-content-type-options
nosniff
protected
by MS22081202
script.js
ad.lomadee.fun/banners/ Frame FBB7
141 KB
48 KB
Script
General
Full URL
https://ad.lomadee.fun/banners/script.js?sourceId=37069243&dimension=19&height=50&width=320&method=0
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1156a0afa36a72524e02ba5aa358173381ccaee59285c97fa84fbf81aeac361c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e48iphXgbJftAn%2BPzzMF7k00Ib0EU%2BgEGKtXA8wMxBDHBOsU3gaWMxSgwqSA9PmWggaub%2FL61SQECMoZmTRVnW8De0EnPlfedEidxuwrgdb%2FTcBSk5jihjaoDC2%2FH%2F5p9HPHI5SgQmvFUKP%2BUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f9547c4f9be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
element.js
translate.google.com/translate_a/ Frame FBB7
76 KB
27 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d6549eddaa0efc629edbc038f67e861410a7bb1ede893ca82b8a5527ad0f4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
navigation.js
futebolistasonline.club/wp-content/themes/styleblog3/js/ Frame FBB7
3 KB
1 KB
Script
General
Full URL
https://futebolistasonline.club/wp-content/themes/styleblog3/js/navigation.js?ver=20151215
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5f6bff0f-b97"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
skip-link-focus-fix.js
futebolistasonline.club/wp-content/themes/styleblog3/js/ Frame FBB7
685 B
1008 B
Script
General
Full URL
https://futebolistasonline.club/wp-content/themes/styleblog3/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5f6bff0f-2ad"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
685
x-content-type-options
nosniff
protected
by MS22081202
bundle.min.js
futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/js/ Frame FBB7
203 KB
56 KB
Script
General
Full URL
https://futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/js/bundle.min.js?ver=20151215
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
51a086065e926db0fbeecbed095737061fb511e1764a5c4a019195b2bc9032b4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"5f6bff0f-32c29"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
300x250
ad.lomadee.com/banners/superofertas/ Frame 741A
19 KB
19 KB
Image
General
Full URL
https://ad.lomadee.com/banners/superofertas/300x250
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3bf9a688b9ca3ba16c7e43c5ee8af2ad0f619c3a098c7ba12a14ed8975333bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 13:07:41 GMT
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jul 2019 16:40:03 GMT
server
AmazonS3
age
23520737
etag
"db5956f7a62675d44627e54cfdeeb29d"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
19203
x-amz-cf-id
VVYOamSziThMKAbGvbpPiMipvolrCBRiZG174aVoKXSGADAtKxL6ww==
analyze.js
statistcdn.com/ Frame 741A
0
0

integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
86 KB
32 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=992353446576962&correlator=769282024302203&eid=31068928%2C31069092%2C31067826&output=ldjh&gdfp_req=1&vrg=2022082201&ptt=17&impl=fif&iu_parts=121764058%3A22650171930%2Carnolds.com.br%2Carnolds.com.br_stat_S1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=7&adks=3523648189&sfv=1-0-38&fsapi=false&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D300x250%26hb_pb_oftmedia%3D0.08%26hb_adid_oftmedia%3D27b88c38fef99cf%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.08%26hb_adid%3D27b88c38fef99cf%26hb_bidder%3Doftmedia&cust_params=pubcid%3D2f26ed19-4609-468d-accb-343cd904be6e&sc=1&cookie=ID%3D2fa5b062e9108904-22f788adf5d400b7%3AT%3D1661279997%3AS%3DALNI_MYgt8DmKox3YSnxm65fXP4B-XLADQ&abxe=1&dt=1661279997929&lmt=1661279997&dlt=1661279996373&idt=557&adxs=992&adys=656&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&frm=20&vis=1&psz=0x-1&msz=300x-1&fws=644&ohw=301&ga_vid=776207754.1661279997&ga_sid=1661279997&ga_hid=1510125464&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRjAn4TgrDBIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
eb0eb94ace7a4c722452ddf6b069b300d25ff3b82ac2884e23be46a810be5f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32558
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl.v15.2.0.js
live.demand.supply/ Frame 1168
78 KB
25 KB
Script
General
Full URL
https://live.demand.supply/impl.v15.2.0.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73201cd61d120c36fd747444793aa5ccffcfdbb92b0168fe316b8d2a9520dce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01GA74AH5PM44ZFP6ZBTP879AC
date
Tue, 23 Aug 2022 18:39:57 GMT
content-encoding
br
cf-cache-status
HIT
age
1035622
cf-polished
origSize=80095
cf-ray
73f5f9534b589bd4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"e392b9d0ccb1968e28d6d403bc0f2521-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
d3d3LmFybm9sZHMuY29tLmJyLw==
live.demand.supply/p4/v14-3-0/ Frame 1168
156 B
355 B
Script
General
Full URL
https://live.demand.supply/p4/v14-3-0/d3d3LmFybm9sZHMuY29tLmJyLw==
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
73f5f9534b5a9bd4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tc.js
cdn.tynt.com/
17 KB
7 KB
Script
General
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Jul 2022 14:57:10 GMT
server
cloudflare
age
13333
etag
W/"62d96946-4599"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
73f5f953dfa09066-FRA
expires
Fri, 26 Aug 2022 18:39:58 GMT
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
wp-emoji-release.min.js
futebolistasonline.club/wp-includes/js/ Frame FBB7
18 KB
5 KB
Script
General
Full URL
https://futebolistasonline.club/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"621a7675-4705"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
protected
by MS22081202
analytics.js
www.google-analytics.com/ Frame 741A
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lomadee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5877
date
Tue, 23 Aug 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 23 Aug 2022 19:02:00 GMT
/
t.dtscout.com/pv/
51 B
319 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=arnolds.com.br&_ss=3d7s0zbd7j&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=2ztf&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&j=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip238.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f6021f132e8dba8615c182c58926ef50ea7b7a8aec7afb255a874d03853446e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:39:58 GMT
X-T
0.171
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Tue, 23 Aug 2022 18:39:57 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1510125464&t=pageview&_s=1&dl=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&dr=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&ul=en-us&de=UTF-8&dt=5%20Filme%20de%20Terror%20para%20dar%20Muito%20Medo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1271628354&gjid=667692087&cid=776207754.1661279997&tid=UA-139883519-66&_gid=943460006.1661279997&_r=1&gtm=2ou8m0&z=851158511
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:39:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139883519-66&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5878
date
Tue, 23 Aug 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 23 Aug 2022 19:02:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1510125464&t=pageview&_s=1&dl=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&dr=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&ul=en-us&de=UTF-8&dt=5%20Filme%20de%20Terror%20para%20dar%20Muito%20Medo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=2136701033&gjid=112506411&cid=776207754.1661279997&tid=UA-135425005-2&_gid=943460006.1661279997&_r=1&gtm=2ou8m0&z=1482877388
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:39:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
optad360.mgr.consensu.org/cmp/v2/translations/v4/
4 KB
2 KB
XHR
General
Full URL
https://optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/918e1eea-b7af-45da-a987-49a1ce4b265a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
gzip
last-modified
Thu, 29 Oct 2020 12:24:15 GMT
server
AmazonS3
age
18811
etag
W/"e3fe984dfb883f99b54c331403be617b"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
S7tpdTqIbGNeOb4Y_Zc2QqtAHsJRcjDeP0a3yRUtC3OzZ2NapYhzJg==
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
e.js
live.demand.supply/e/ Frame 1168
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?e=ll&d=73&cs=c&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4T3N5TFYTCNCKTENT950AYC
date
Tue, 23 Aug 2022 18:39:58 GMT
cf-cache-status
HIT
age
829032
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f9548b7790be-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1168
165 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c91536a14a996705216a0c69db31f262ef8bf3bb1139ea724c76ddb8357076a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57411
x-xss-protection
0
server
cafe
etag
6837941007071792559
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:39:58 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1168
83 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
96aee9dbacc39790de499f7aadfdeba71acf0f202bcd674c268ea377f97bb103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28565
x-xss-protection
0
server
sffe
etag
"1312 / 888 of 1000 / last-modified: 1661252780"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 18:39:58 GMT
ds.2.html
live.demand.supply/ Frame 1168
413 B
469 B
XHR
General
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G41WAEP1HEHKVXZ5999VHJHV
date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
5094
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
73f5f9548b7d90be-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ Frame 1168
159 KB
41 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 23 Aug 2022 17:45:37 GMT
via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront), 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified
Mon, 15 Aug 2022 16:12:00 GMT
server
AmazonS3
age
3262
etag
W/"52a6bc60961c702869c58b9d159c8e37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-C1
content-encoding
gzip
x-amz-cf-id
NhckAt-qfKmYBdZ1XLg2W3zqnaRBO0qlav5UJtOa746R2S6N_Lue6w==
uamp.1.json
live.demand.supply/ Frame 1168
8 KB
3 KB
XHR
General
Full URL
https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G9SNYJGAY9A3R7PB3RA2QZEK
date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1262711
etag
W/"1fc8f68f3ba466af63e5051421ce91a0-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
73f5f9548b7f90be-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 1168
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A%2C400%7CPoppins%3A%2C400%7CPoppins%3A%2C400%2C%2C400&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Cvietnamese&ver=1.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 19:25:00 GMT
x-content-type-options
nosniff
age
515698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 19:25:00 GMT
fontawesome-webfont.woff2
www.arnolds.com.br/wp-content/themes/disto/css/fonts/ Frame 1168
65 KB
65 KB
Font
General
Full URL
https://www.arnolds.com.br/wp-content/themes/disto/css/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/wp-content/themes/disto/css/bootstrap.css?ver=1.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arnolds.com.br/wp-content/themes/disto/css/bootstrap.css?ver=1.6
Origin
https://www.arnolds.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:30 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5e32df22-10440"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
font/woff2
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
66624
x-content-type-options
nosniff
protected
by MS22081202
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame FD5D
220 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame FD5D
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame FD5D
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame FD5D
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame FD5D
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
css
fonts.googleapis.com/ Frame FD5D
4 KB
621 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 16:50:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:39:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:39:58 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FD5D
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 17:19:51 GMT
x-content-type-options
nosniff
server
cafe
age
4807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7735524722462771930
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Wed, 24 Aug 2022 17:19:51 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FD5D
344 B
806 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 16:47:30 GMT
x-content-type-options
nosniff
server
cafe
age
6748
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 24 Aug 2022 16:47:30 GMT
l
www.google.com/ads/measurement/ Frame FD5D
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJmrBbU9Hui50Hs9tLpPa2pHOtUhA4qPKiklBDLDRadpNhyMV_HVGpvKMZWvtqWzY6ruxk-7eSXm9mIHYbOY8-mTIESQ
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame FD5D
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqalR_R4FY6jiLJ6K9fgPyOiP2AO2mrnGa_2qv__aD9CtjLORDhABIJWbyiFgleqdgqwHoAGPjP3sAsgBCakCwV0WPDTNsD7gAgCoAwHIAwqqBLICT9DMOkIpLHkDPj5W74xR6Cd0Ev-L9zXiGkdNtliLGGxwM_OVKnRh0Gs7RnQl-md-T65YYGGnl5XSRysZNtQX9NjMyRs4tEXD_j9rMiVBo0zF9aZm6G5tZC6iCMQKOx2GMwvKgQ8eTUSScPSJ90DCXzZtzCUeWBqZrS-iLCT8vzKMQoUrFVXcgiKQIpSH2eti3DwRXCVNozOScion5J4er_V9E8WyHSVuhai_UD2d84V3vy_oNbOefHsRZa1blKcCsJOvTA4IschxD0JFPTmOjN4IRekwO2KPfri6eGlDSXKLXmpRIfiAYTnlid7mMlr3rbzeNrBnWiuXQNJsMWxii0rV3-zoYNnQFGY2hWk8vzj-eHoLP-OyOT3OGME63pbjbSzO4tT6USmDU6hDg9Um_ZGCwASJj7HYiATgBAGSBQQIBBgBkgUECAUYBKAGLoAH2fOCkwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDknQLSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzU5Nzk4Mzg2ODg4NDM2MIAKA8gLAdgTC9AVAZgWAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=jyfe_UT02ko&uach_m=[UACH]&template_id=5000
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

e.js
live.demand.supply/e/
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=arnolds.com.br_fluid_sq&pn=2&sn=3&pc=0.531055443056703&ds=true&bv=0&e=wdp&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4T3N5TFYTCNCKTENT950AYC
date
Tue, 23 Aug 2022 18:39:58 GMT
cf-cache-status
HIT
age
829032
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f954ebd890be-FRA
e.js
live.demand.supply/e/
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=arnolds.com.br_fluid_sq&sy=22d5cd2e-cefd-4f4c-99a3-b62c55c461a6&ts=83&cd=2&pud=180&pus=c&pue=671&pid=44&pis=c&pie=715&ppd=88&pps=a&ppe=760&pad=178&pas=c&pae=910&pcl=1516&ttc=884&tti=2330&ttif=0&lca=760&lcak=ppe&lct=910&lctk=pae&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.arnolds.com.br&mlre=adssuper.com&mlin=0&mlsi=300x280&mlbw=4g&mlcs=NaN&mltp=b04c5544-c1b5-4af5-808d-b92d317676be&e=lm&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4T3N5TFYTCNCKTENT950AYC
date
Tue, 23 Aug 2022 18:39:58 GMT
cf-cache-status
HIT
age
829032
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f954ebd990be-FRA
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame 7B61
220 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 7B61
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 7B61
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 7B61
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 7B61
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
css
fonts.googleapis.com/ Frame 7B61
6 KB
672 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 16:49:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:39:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:39:58 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7B61
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 17:19:51 GMT
x-content-type-options
nosniff
server
cafe
age
4807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7735524722462771930
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Wed, 24 Aug 2022 17:19:51 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7B61
344 B
402 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 16:47:30 GMT
x-content-type-options
nosniff
server
cafe
age
6748
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 24 Aug 2022 16:47:30 GMT
l
www.google.com/ads/measurement/ Frame 7B61
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfQLAfD7BTAPddgQLHX0RePpX-CPLUzPnvcjEPYvFJAO6lWdovQ5I_JISpTIlJ-ABKfjsvpx0rVpTOF7jtbJSQmUHCKQ
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 7B61
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHPHl_R4FY9yvKpSN9fgPpM6uqA-2mrnGa6Wrv__aD5iKltOPDhABIJWbyiFgleqdgqwHoAGPjP3sAsgBCakCwV0WPDTNsD7gAgCoAwHIAwqqBKwCT9DGykFkHeDllQIcxCNFPgi5nbHerUSA4QFVM2g-kPnTDcl0ub7hm3yXZzethldMoAL--uUlnPl2qj7llonhBh1zJhwgCIDhOJSfzernmqks3bxfw-m6i9dHw_wSsp5J5jpxXwkdh7nU8b17AzMWU7SR2YrAlGwrwx3y_NpM8eU3b03lLh-AZOmNs0GG6q23QMKQ4M1KZEndJZBQLR4XXO_eMZfrhR0Lvi-ASwJmAzWAnhn6pPyzf7bGsnpxGgLvnKzfYd-32GLi1KoSRbp_3sar5uxVWn8GiK6lsQdQtZjtvWeqRaJPzuGxqSr-fIyWiEjYhO2pJO3wr2QE7Oy6puS87BSATfhFnpXokk26HWjClBYFnK6QuOud2m5KhAoytGJ5eTVHSU31WfTLwASJj7HYiATgBAGSBQQIBBgBkgUECAUYBKAGLoAH2fOCkwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDymgLSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzU5Nzk4Mzg2ODg4NDM2MIAKA8gLAbgT5APYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=ukMvtnBcQ8A&uach_m=[UACH]&template_id=484
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

e.js
live.demand.supply/e/
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=arnolds.com.br_fluid_sq&pn=2&sn=3&pc=0.531055443056703&ds=true&bv=0&e=wdp&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4T3N5TFYTCNCKTENT950AYC
date
Tue, 23 Aug 2022 18:39:58 GMT
cf-cache-status
HIT
age
829032
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f9555c5290be-FRA
e.js
live.demand.supply/e/
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=arnolds.com.br_fluid_sq&sy=22d5cd2e-cefd-4f4c-99a3-b62c55c461a6&ts=83&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.arnolds.com.br&mlre=adssuper.com&mlin=0&mlsi=300x280&mlbw=4g&mlcs=NaN&mltp=b04c5544-c1b5-4af5-808d-b92d317676be&e=lm&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4T3N5TFYTCNCKTENT950AYC
date
Tue, 23 Aug 2022 18:39:58 GMT
cf-cache-status
HIT
age
829032
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f9555c5590be-FRA
14763004658117789537
tpc.googlesyndication.com/simgad/17569088738126214120/ Frame FD5D
20 KB
20 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17569088738126214120/14763004658117789537?w=400&h=209
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be82dd20858571cec9f6ada3642d44a2a8e01455758a1067926b385758f23a62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 16:22:21 GMT
x-content-type-options
nosniff
age
94657
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20472
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 04:45:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 22 Aug 2023 16:22:21 GMT
truncated
/ Frame FD5D
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FD5D
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9b892aba4e16858f03fbd026dfabaf851cc1b171010c17d41d10383011e2991

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
2076313506083323656
tpc.googlesyndication.com/simgad/18192962519964929088/ Frame 7B61
38 KB
38 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/18192962519964929088/2076313506083323656
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c19dc58bae1cf2ed2dc38838e7244fe8b8d9c537af33c6c3ab75c5fdb9250a9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 17:02:02 GMT
x-content-type-options
nosniff
age
5876
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38880
x-xss-protection
0
last-modified
Sun, 01 May 2022 23:02:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 23 Aug 2023 17:02:02 GMT
truncated
/ Frame 7B61
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f34d78d92e54eb1ba46df59fc24b6b15c3c6ac0fe1a119c9fb342246dc9d9ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7B61
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6634da7d4c21e8eda253de4c10dd9b11b30c511a0228bc55f0a771c1aa745de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame D7E1
220 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame D7E1
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame D7E1
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame D7E1
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame D7E1
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
91941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 17:07:37 GMT
css
fonts.googleapis.com/ Frame D7E1
6 KB
672 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:09:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:39:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:39:58 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D7E1
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 17:19:51 GMT
x-content-type-options
nosniff
server
cafe
age
4807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7735524722462771930
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Wed, 24 Aug 2022 17:19:51 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D7E1
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 16:47:30 GMT
x-content-type-options
nosniff
server
cafe
age
6748
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 24 Aug 2022 16:47:30 GMT
l
www.google.com/ads/measurement/ Frame D7E1
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQD_lomjMA8mLd37BYQg8nQlvQ_wj7ZT1qHH-b8tHMDq3a9nLTMPQhtJnRZtG7jr_EVkUckuzZPxVA75q2_TQ_JprindA
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame D7E1
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CN7ET_R4FY53aLouwlgTsqYKYB7aaucZrzau__9oP0K2Ms5EOEAEglZvKIWCV6p2CrAegAY-M_ewCyAEJqQLBXRY8NM2wPuACAKgDAcgDCqoErAJP0GzJm3a-WY9w1wACUmg446AWzAudk5vfONqjdvH7C2kkClUnijXRBiUkD8gYYaAT_mCmXHJEdd0DYrgErLw-TmAUI0MSCy8wcu8khQhwawfadiONHLvytNLzIDYyAXnmApm53WacxQkmMCqE96T55kuflrz_ZE1SZOaQ38JE6IpoVUnbOdfbOKL2ida-mIktH6d4ByafrmoiwtLiUZFC6CERbCkPntg7TensMnriUB4w39wF-ABEktqJxS9EDatrw4sw0jgERTv19TncUsPMT9ijCCl_PI8EbfmZkDPQnrY3CS-cy_WCrnZ8RmeYqz0Pg3hsPK8GjdTlpF4a3-BO88LujZrmpgylzO_yKPKuUfxCgfHYdX34JrsedR53W9jWembyPmHQXWrpUDfABImPsdiIBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfZ84KTAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP_GA9IIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi03NTk3OTgzODY4ODg0MzYwgAoDyAsBuBPkA9gTC9AVAZgWAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=Cmig2htcmBM&uach_m=[UACH]&template_id=484
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

e.js
live.demand.supply/e/
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=arnolds.com.br_fluid_sq&pn=2&sn=3&pc=0.531055443056703&ds=true&bv=0&e=wdp&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4T3N5TFYTCNCKTENT950AYC
date
Tue, 23 Aug 2022 18:39:58 GMT
cf-cache-status
HIT
age
829032
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f9563d2390be-FRA
e.js
live.demand.supply/e/
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=arnolds.com.br_fluid_sq&sy=22d5cd2e-cefd-4f4c-99a3-b62c55c461a6&ts=83&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.arnolds.com.br&mlre=adssuper.com&mlin=0&mlsi=300x280&mlbw=4g&mlcs=NaN&mltp=b04c5544-c1b5-4af5-808d-b92d317676be&e=lm&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1kYXItbXVpdG8tbWVkby8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4T3N5TFYTCNCKTENT950AYC
date
Tue, 23 Aug 2022 18:39:58 GMT
cf-cache-status
HIT
age
829032
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f9563d2690be-FRA
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FD5D
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 20:10:25 GMT
x-content-type-options
nosniff
age
512973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 20:10:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FD5D
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
470287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 08:01:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7B61
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:29:41 GMT
x-content-type-options
nosniff
age
220217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 05:29:41 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7B61
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 11:47:17 GMT
x-content-type-options
nosniff
age
111161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 11:47:17 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/18192962519964929088/ Frame D7E1
38 KB
38 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/18192962519964929088/2076313506083323656
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c19dc58bae1cf2ed2dc38838e7244fe8b8d9c537af33c6c3ab75c5fdb9250a9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 17:02:02 GMT
x-content-type-options
nosniff
age
5876
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38880
x-xss-protection
0
last-modified
Sun, 01 May 2022 23:02:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 23 Aug 2023 17:02:02 GMT
truncated
/ Frame D7E1
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f34d78d92e54eb1ba46df59fc24b6b15c3c6ac0fe1a119c9fb342246dc9d9ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D7E1
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24c56eb4f81e8fc968bff1c0c48ab3aa46481a377ae0794e26a0a9382f550261

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
e.js
cdn.ftd.agency/libs/ Frame 1168
2 KB
2 KB
Script
General
Full URL
https://cdn.ftd.agency/libs/e.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.48.117.210 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
dbde787befd05399997159250298503a1ec727b2115919a814e603994df9e9f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:39:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block;
Last-Modified
Fri, 09 Oct 2020 08:00:41 GMT
Server
nginx
ETag
W/"5f8018a9-946"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:39:58 GMT
style.css
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame DAC1
11 KB
2 KB
Stylesheet
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58387ca9397ec3cb0e0d8e163e3aaf616b33db0a023c16b7824519a834ca6001

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
age
226
cf-polished
origSize=11955
last-modified
Wed, 06 Jul 2022 16:16:12 GMT
x-amz-request-id
B8S3VWDX6Z4CWBGJ
x-amz-id-2
bFr5WS/jE/H03v8boRgnVycFLvU8qHWHxSYoEzkQCFZ7pEFNA3ahhQdmxlgcRO5v6IwTJbp9LNY=
cf-bgj
minify
server
cloudflare
etag
W/"0b1a0f0066ac8ef5a3b0a38c0858a9b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1800
cf-ray
73f5f95698b39c0a-FRA
expires
Tue, 23 Aug 2022 19:09:58 GMT
anzeige.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
1 KB
900 B
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/anzeige.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Jul 2022 16:09:10 GMT
server
cloudflare
age
1119
etag
W/"3e9d1a10a1056de77db1bab72b55ef1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f95698b89c0a-FRA
x-amz-request-id
S881PYJJWCVPT3FP
x-amz-id-2
vrk3DzP2E/ayDcHlgZ1wkV1FyhIff2hbL54/NMno0QaCJrRqW/Q4s6cJrySNjnHqTFTw7Mz6Wco=
expires
Tue, 23 Aug 2022 19:09:58 GMT
logo.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
2 KB
1 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/logo.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 16:16:12 GMT
server
cloudflare
age
1119
etag
W/"89cc1efb4630095200908a2c0e01275c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f956f9599c0a-FRA
x-amz-request-id
WQESBR5TB9JFYE3J
x-amz-id-2
qFQJvMjngqorbANFUuQs8MzFEzSNamt3oGViQCUaopHQq3W96RZJnmY7mcnIbUPKoKX2EwroNIs=
expires
Tue, 23 Aug 2022 19:09:58 GMT
copy_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
12 KB
4 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushmobile.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 16:16:12 GMT
server
cloudflare
age
1119
etag
W/"48521ed69677855391819664023f03a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f956f95d9c0a-FRA
x-amz-request-id
B6A7GS5X6SMAN8R5
x-amz-id-2
Y91bCoZKvgJW0ggwHFOAEDOzK43qruDkYPIkYuzBc2gUIwzg072DOBFy6Oy8QqlZSa0hAi8HSvw=
expires
Tue, 23 Aug 2022 19:09:58 GMT
copy_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
12 KB
4 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushdown.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Jul 2022 10:09:11 GMT
server
cloudflare
age
806
etag
W/"b021ae3bd30deb5a02a9d0476e269ae5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f956f95f9c0a-FRA
x-amz-request-id
Y7JTY68D59CTDX3C
x-amz-id-2
H8TJLaIiJWiM3J5uJynpE/5nvSCrV6FFW5t3FnMIf5ZO0u/tK2Xm9ixIxMuU4UA9ZDbOD3Eb+YM=
expires
Tue, 23 Aug 2022 19:09:58 GMT
copy.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
12 KB
4 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2022 15:53:45 GMT
server
cloudflare
age
806
etag
W/"6a14ab0d467b44cc536dff1c855843d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f956f9659c0a-FRA
x-amz-request-id
BEYERDT39A0CYGBA
x-amz-id-2
I4M2yrH0Bs34efHg7QJkg8fYUqbI1srLBsDWBChbc1Ls4U1zYyE54YybK/ClX6IcIBKk5+8s+3A=
expires
Tue, 23 Aug 2022 19:09:58 GMT
copy2-pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
576 B
576 B
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2-pushmobile.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b14c2c71bff7391e8ce4a4cf739c5e747627e9de00407dbfc9ae15efc468310a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
210
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
public, max-age=1800
cf-ray
73f5f956f9679c0a-FRA
x-amz-request-id
F6Y9CS7VFZCHPY15
x-amz-id-2
t5nD1Nr8EICn7l+E6SWkV/zOmhYeTFDbM0Ax38jX233/qLKQmAM9rIUWqAfWkVytDlIgJXj/tRo=
expires
Tue, 23 Aug 2022 19:09:58 GMT
copy2-pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
574 B
574 B
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2-pushdown.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3400732cfc11f1cf6e7a1a1a1c177c4b386382dfdea98f4bde60746158f47ef7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
210
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
public, max-age=1800
cf-ray
73f5f956f96b9c0a-FRA
x-amz-request-id
F6YBTA2XGTQG2H6E
x-amz-id-2
t8w/uCcZklzyUK1BmIhMX6DJcop62CiP+FMJsTSIsbR8+fcUNXosi34q770ONkVqvDNHm2kEvA0=
expires
Tue, 23 Aug 2022 19:09:58 GMT
copy2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
5 KB
2 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Jul 2022 16:09:58 GMT
server
cloudflare
age
806
etag
W/"dc43a4e11b82fa41efb8bdc2acd73425"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f95739cb9c0a-FRA
x-amz-request-id
DA2MERVAJ0GJ24B3
x-amz-id-2
k6xB2zoLpEdUBRjoD8vexFbLTRSsNSA+R5EzGZVkpEBU2szfM6ECoTBJ+NpifJid8Yv16Oh/Wcs=
expires
Tue, 23 Aug 2022 19:09:58 GMT
copy3.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
6 KB
2 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy3.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Jul 2022 16:09:58 GMT
server
cloudflare
age
1118
etag
W/"9048820dc635dbe10d09725e919ba54f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f95739cd9c0a-FRA
x-amz-request-id
8VT90C9BTB3HRBYZ
x-amz-id-2
aZzVsKog2cHZx/daeB22eSz27LlCffQGrnhBc7aPohkkMqRLLcwLuggbe5y1zFvDwQICP7pS7rQ=
expires
Tue, 23 Aug 2022 19:09:58 GMT
cta.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
3 KB
1 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/cta.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 16:16:12 GMT
server
cloudflare
age
1118
etag
W/"b26d0f732978180e7c2480406f97e7f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f95749e09c0a-FRA
x-amz-request-id
S271SZGQXWZEFF33
x-amz-id-2
x2CewUPfp8MdD64Xlqyx6I3xt0OXXWUADro9Y9P4PcS5eb8CwzuABx8dcT3hXInQk+WRD0aiPIM=
expires
Tue, 23 Aug 2022 19:09:58 GMT
legal2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
12 KB
4 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushmobile.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 16:16:12 GMT
server
cloudflare
age
1118
etag
W/"22316355cfe04cd150c2b810a54167a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f95749e89c0a-FRA
x-amz-request-id
TZXQADXZF2QKGS70
x-amz-id-2
o+/L55P7Uw7Pg3V8X/wTQdPI7kFjKszwL7xD97g+mD63ebCNvTeEXPNg7oOzlqSS5twvkpNICOM=
expires
Tue, 23 Aug 2022 19:09:58 GMT
legal2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
33 KB
6 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushdown.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 16:43:44 GMT
server
cloudflare
age
304
etag
W/"19cfc2171558b226e44590caa30ac756"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f95749ec9c0a-FRA
x-amz-request-id
FS1Z3YD57QCJTZB6
x-amz-id-2
pEt2rhya5GfwqPWx5vIZC1pnM5nIsz7Lsc8M16DkjZMRvCKFHJN0fJILBqsMVFneTf8hekvhOcg=
expires
Tue, 23 Aug 2022 19:09:58 GMT
legal2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
33 KB
6 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 16:16:12 GMT
server
cloudflare
age
806
etag
W/"a33282a0f66d9e18e14ed6c9fa761dd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f95749f29c0a-FRA
x-amz-request-id
JQEG6KJR6H1ENX3A
x-amz-id-2
B99OxczYQ4YpthS1ZBZOkhw52oHz8zp0jdwWCHkmEbiHwRge5tuPujk0ITAHaMoYwv8NyShWTAs=
expires
Tue, 23 Aug 2022 19:09:58 GMT
rocket-loader.min.js
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame DAC1
12 KB
4 KB
Script
General
Full URL
https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Aug 2022 16:11:23 GMT
server
cloudflare
etag
W/"62ffb62b-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
73f5f9577a689c0a-FRA
vary
Accept-Encoding
expires
Thu, 25 Aug 2022 18:39:58 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:39:58 GMT
cmp-3.2.2.min.js
optad360.mgr.consensu.org/cmp/v2/ Frame EE5F
692 KB
190 KB
Script
General
Full URL
https://optad360.mgr.consensu.org/cmp/v2/cmp-3.2.2.min.js
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/918e1eea-b7af-45da-a987-49a1ce4b265a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f56e492c10145dbf06276635cf10daf821401c53b928c76e0957b15b134a12e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 05:05:29 GMT
content-encoding
gzip
last-modified
Thu, 17 Feb 2022 13:33:30 GMT
server
AmazonS3
age
48870
etag
W/"516a823d8d894911c809af02ffc6c46a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
-kjV67nSwgbQwJ0aX8XkwFRNBqu0Z3gX-n6xgWT_gXz9JyvkpGSp-A==
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1661279998524&dn=TC&iso=0&r=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&t=5%20Filme%20de%20Terror%20para%20dar%20Muito%20Medo
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
multiversus-alpha-fechado1.jpg
www.arnolds.com.br/wp-content/uploads/2022/08/ Frame 1168
135 KB
136 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/08/multiversus-alpha-fechado1.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
fc1e9c931dc51b0ec55f2d54de9edd0eff9205e377ca9b6eeac7bcb425033377
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"63018908-21d0b"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
138507
x-content-type-options
nosniff
protected
by MS22081202
doctor-strange-2-america-chavez-1200x9001-1.jpg
www.arnolds.com.br/wp-content/uploads/2022/08/ Frame 1168
153 KB
154 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/08/doctor-strange-2-america-chavez-1200x9001-1.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
303720f223071e9d550c73f4aeabb4e2ad1a177f11a2d09fb6c32d0bc51eab5a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"63002258-2644b"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
156747
x-content-type-options
nosniff
protected
by MS22081202
BLACK-PANTHER-2-1-e1656789021812-1200x9001-1.jpg
www.arnolds.com.br/wp-content/uploads/2022/07/ Frame 1168
115 KB
115 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/07/BLACK-PANTHER-2-1-e1656789021812-1200x9001-1.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
93a64df28dd28262af1b9a3e1086c1ee944d73be31bc026e0d5ea2dfb3920fc2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62e6c265-1ca89"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
117385
x-content-type-options
nosniff
protected
by MS22081202
maxresdefault1-4.jpg
www.arnolds.com.br/wp-content/uploads/2022/07/ Frame 1168
75 KB
76 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/07/maxresdefault1-4.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
19d6030c72e73eab60be169b3adb61cb25d9a2a3e002380d10d3d91da981bdd0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62e3427f-12d68"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
77160
x-content-type-options
nosniff
protected
by MS22081202
multiversus-alpha-fechado1-120x120.jpg
www.arnolds.com.br/wp-content/uploads/2022/08/ Frame 1168
11 KB
12 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/08/multiversus-alpha-fechado1-120x120.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
5c7773c4388cf302e59f1d4aeba010e71e05bd14c8e30d573d7ea7abe3d05779
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"63018908-2d82"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
11650
x-content-type-options
nosniff
protected
by MS22081202
doctor-strange-2-america-chavez-1200x9001-1-120x120.jpg
www.arnolds.com.br/wp-content/uploads/2022/08/ Frame 1168
5 KB
5 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/08/doctor-strange-2-america-chavez-1200x9001-1-120x120.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
40fbe71847c72b50e3f6888fc3c2d85b0a0482ea85d90cf1a44f48c9efa3651e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"63002258-130d"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
4877
x-content-type-options
nosniff
protected
by MS22081202
BLACK-PANTHER-2-1-e1656789021812-1200x9001-1-120x120.jpg
www.arnolds.com.br/wp-content/uploads/2022/07/ Frame 1168
4 KB
5 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/07/BLACK-PANTHER-2-1-e1656789021812-1200x9001-1-120x120.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
57bd26ef723df4550767df78011e90d8560c6a455255359eae4b72bead393627
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62e6c266-1148"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
4424
x-content-type-options
nosniff
protected
by MS22081202
maxresdefault1-4-120x120.jpg
www.arnolds.com.br/wp-content/uploads/2022/07/ Frame 1168
3 KB
3 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/07/maxresdefault1-4-120x120.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
3594ef3374eefc43f2f8f8c4753c2cb8ba0f550d18e0d87e5f0092f32f45dc4b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62e34280-b89"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
2953
x-content-type-options
nosniff
protected
by MS22081202
20220709-stranger-things-4-eddie-munson-tocando-master-of-puppets-do-metallica-em-cena-no-mundo-invertido1.jpg
www.arnolds.com.br/wp-content/uploads/2022/07/ Frame 1168
87 KB
87 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/07/20220709-stranger-things-4-eddie-munson-tocando-master-of-puppets-do-metallica-em-cena-no-mundo-invertido1.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
593165f1910ae0ed99f09f3ffd355ea2880be29f0636250a9c47f4864cb113dd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62d8a2f3-15bf2"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
89074
x-content-type-options
nosniff
protected
by MS22081202
saints-row-art1-780x450.jpg
www.arnolds.com.br/wp-content/uploads/2022/06/ Frame 1168
63 KB
64 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/06/saints-row-art1-780x450.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
9dca01dbd6476424e100c9608667fd8b3e33675855c6f3020de611e1cafddb6a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62bcc91d-fcc0"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
64704
x-content-type-options
nosniff
protected
by MS22081202
saints-row-reboot-preview1-780x450.jpg
www.arnolds.com.br/wp-content/uploads/2022/06/ Frame 1168
59 KB
59 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/06/saints-row-reboot-preview1-780x450.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
b19127c5a34fa76d1411dde007de46564da2d7cca1c8cb9bb8f08c20a776c310
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62bcc438-ea48"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
59976
x-content-type-options
nosniff
protected
by MS22081202
celebrimbor_capa__0pu238-1210x5441-1-780x450.jpg
www.arnolds.com.br/wp-content/uploads/2022/06/ Frame 1168
41 KB
41 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/06/celebrimbor_capa__0pu238-1210x5441-1-780x450.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
730437936c9dc0e5fdf83ce8162ab99af15b6b608901b9ca75ca6dcc4160ef10
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62bb96d2-a34a"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
41802
x-content-type-options
nosniff
protected
by MS22081202
VHP3VfzxaxxfZUHbsQrYTg1-780x450.jpg
www.arnolds.com.br/wp-content/uploads/2022/06/ Frame 1168
41 KB
42 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/06/VHP3VfzxaxxfZUHbsQrYTg1-780x450.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
2d643dd7b4981bf170446a8936da983f0e5489aa9222d7d4a83f6a1efe3c7573
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62ba361b-a541"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
42305
x-content-type-options
nosniff
protected
by MS22081202
Jovens-Vingadores-das-HQ-Reproducao1-780x450.jpeg
www.arnolds.com.br/wp-content/uploads/2022/06/ Frame 1168
111 KB
112 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/06/Jovens-Vingadores-das-HQ-Reproducao1-780x450.jpeg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
8f6ffc3214dd6cd69d0df4dcdc22221809732704c1ff132c25b6f3b534516448
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62b8aa60-1bde2"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
114146
x-content-type-options
nosniff
protected
by MS22081202
young-avengers-team1-780x450.jpg
www.arnolds.com.br/wp-content/uploads/2022/06/ Frame 1168
86 KB
86 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/06/young-avengers-team1-780x450.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
ce7c647cd26c6f23924d40319f58f45c9e5d4dd504dad2877bd7ce61f8bb9f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62b8a0d9-1570f"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
87823
x-content-type-options
nosniff
protected
by MS22081202
og_image1-780x450.jpg
www.arnolds.com.br/wp-content/uploads/2022/06/ Frame 1168
124 KB
124 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/06/og_image1-780x450.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
dabdc5a344ed0701b138c580fcea0792d253486c366734977cc4b2c99ee0aca6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62b7b82a-1efcb"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
126923
x-content-type-options
nosniff
protected
by MS22081202
12399221-780x450.jpg
www.arnolds.com.br/wp-content/uploads/2022/06/ Frame 1168
112 KB
112 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/06/12399221-780x450.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
07ad34acaf4171d389d88457ef3e763d2cbb06897d114597d8bdff75841be4b1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62b4e824-1be09"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
114185
x-content-type-options
nosniff
protected
by MS22081202
pp_lightyear_herobanner_v2_22043_2e9cfb4e1-780x450.jpeg
www.arnolds.com.br/wp-content/uploads/2022/06/ Frame 1168
57 KB
57 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/06/pp_lightyear_herobanner_v2_22043_2e9cfb4e1-780x450.jpeg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
4050c2daa1a9b79cb47a7c91c22a4a6d7867e1f98b55ad81a0afff57db3edb24
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62b4cf4a-e243"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
57923
x-content-type-options
nosniff
protected
by MS22081202
games-400x280.jpg
www.arnolds.com.br/wp-content/uploads/2020/02/ Frame 1168
40 KB
40 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2020/02/games-400x280.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
99a17ef28f6bba7b94ba993a195a8adb82a48c921e963dc99f1aabf885e8e215
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5e39f3c4-a086"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
41094
x-content-type-options
nosniff
protected
by MS22081202
curiosidades-400x280.jpg
www.arnolds.com.br/wp-content/uploads/2020/02/ Frame 1168
25 KB
25 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2020/02/curiosidades-400x280.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
601f4b304f52b9695d34b3757fc8c8ee2643b682c7598acccb9e76d210671259
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5e39e7f0-6323"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
25379
x-content-type-options
nosniff
protected
by MS22081202
filmes-400x280.jpeg
www.arnolds.com.br/wp-content/uploads/2020/02/ Frame 1168
33 KB
33 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2020/02/filmes-400x280.jpeg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
0f8b34f331b5366759fc2c6aff892bf29a53dbc059273bf757f65d0d83870620
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5e39f07c-8397"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
33687
x-content-type-options
nosniff
protected
by MS22081202
series-400x280.jpeg
www.arnolds.com.br/wp-content/uploads/2020/02/ Frame 1168
33 KB
33 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2020/02/series-400x280.jpeg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
fa86a341dfbf5ab398659f822e999208d9b17d7771eda6a30b7ab094414bef4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5e39fd1e-8498"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
33944
x-content-type-options
nosniff
protected
by MS22081202
ciencia-tecnologia-400x280.jpg
www.arnolds.com.br/wp-content/uploads/2020/02/ Frame 1168
25 KB
25 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2020/02/ciencia-tecnologia-400x280.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
08fcf2412c2c4323254845e9bd7c373984fe7a33e6ca2ac14fd4cdf4420c2575
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5e39ed0c-6331"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
25393
x-content-type-options
nosniff
protected
by MS22081202
obi-wan-kenobi1-380x350.jpeg
www.arnolds.com.br/wp-content/uploads/2022/05/ Frame 1168
21 KB
21 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/05/obi-wan-kenobi1-380x350.jpeg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
a60b9301e349598c437b403e1970467918b9041779a77312c4ec7f4e4653ba12
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62953c88-541a"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
21530
x-content-type-options
nosniff
protected
by MS22081202
hb_disney_doctorstrangeinthemultiverseofmadness_mobile_d4cf44531-380x350.jpeg
www.arnolds.com.br/wp-content/uploads/2022/05/ Frame 1168
36 KB
37 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/05/hb_disney_doctorstrangeinthemultiverseofmadness_mobile_d4cf44531-380x350.jpeg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
804345fa18c65214d92ac83bf61c1b44ba79b84df3dcd7773e707c2820e3beb9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"6292a0b4-9102"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
37122
x-content-type-options
nosniff
protected
by MS22081202
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D7E1
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:29:41 GMT
x-content-type-options
nosniff
age
220217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 05:29:41 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D7E1
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 11:47:17 GMT
x-content-type-options
nosniff
age
111161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 11:47:17 GMT
EldenRing_Screen-11-120x120.jpg
www.arnolds.com.br/wp-content/uploads/2022/07/ Frame 1168
4 KB
4 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/07/EldenRing_Screen-11-120x120.jpg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
817e2b31f710b531a9ee2c3b54541046de21d4864515eca6767c2fbad48d0bd0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62bf9ea1-e73"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
3699
x-content-type-options
nosniff
protected
by MS22081202
/
adtrue.fun/dynamic/ads/
0
593 B
XHR
General
Full URL
https://adtrue.fun/dynamic/ads/
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9f80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6542
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02DMkYS9D6tiKEr5%2F3Q0ipzAwoCcrPBT9Tvey0dyoxZBFs7pejKxYwKg8YJqKNXpFSC%2BuwVnrqM0LQoKgfe27%2FINDwlOokR6gtJPBkf9u2E65zzOJpVOMLzOkuPu8bPHC73llPOm3YYf"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f957dcda9042-FRA
expires
0
m542bee40d5e121507accc460c259dd41.otf
megacdn.top/fonts/
270 KB
271 KB
XHR
General
Full URL
https://megacdn.top/fonts/m542bee40d5e121507accc460c259dd41.otf
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac289ff51e8058f142d204435f80460c95c0c44cb19a86aac0e87ba3532b2b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
276428
pragma
no-cache
server
cloudflare
etag
280d9752899a09bd5bd316aa17254203
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zm4LS%2BgE%2FjftdO5kxzXUr2ZsKh9m%2BQu9d7rsQEWV%2F0ekFknywifPBAUwbXg9xGszJyCTFM1O1%2FA8vhnor5KYis5cJkalfESS8TPX0HsskakNiA3Z%2B%2FMmbhysR3kmotzN4g5yVNN%2BzU7lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f957dd5fbbdd-FRA
expires
0
en.json
optad360.mgr.consensu.org/cmp/v2/translations/v4/ Frame 1168
4 KB
2 KB
XHR
General
Full URL
https://optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/918e1eea-b7af-45da-a987-49a1ce4b265a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
content-encoding
gzip
last-modified
Thu, 29 Oct 2020 12:24:15 GMT
server
AmazonS3
age
18811
etag
W/"e3fe984dfb883f99b54c331403be617b"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
QWh82Yl_V5c4fYdaxYC97t3hDzXLdH1vNyK5qwaWThI8p-LzAom31Q==
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
css
fonts.googleapis.com/ Frame DAC1
8 KB
730 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:09:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:39:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:39:58 GMT
e.js
live.demand.supply/x/ Frame 1168
0
364 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G4ND3SBEQG2V10BFPH9CQ9EF
date
Tue, 23 Aug 2022 18:39:58 GMT
cf-cache-status
HIT
age
1470227
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f9587f5b90be-FRA
container.html
c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FC4
6 KB
3 KB
Document
General
Full URL
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 18:39:58 GMT
expires
Wed, 23 Aug 2023 18:39:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ Frame 1168
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5878
date
Tue, 23 Aug 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 23 Aug 2022 19:02:00 GMT
v2
de.tynt.com/deb/
4 B
260 B
Script
General
Full URL
https://de.tynt.com/deb/v2?id=w!0hpugnb9nc&dn=TC&cc=1&r=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:58 GMT
cache-control
max-age=86400
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Wed, 24 Aug 2022 18:39:59 GMT
pubads_impl_2022081801.js
securepubads.g.doubleclick.net/gpt/ Frame 1168
384 KB
131 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069091
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
c921b4351a1ae90dcc7a30a01fbc1e169d57e9f4451d55a840438fb13e7c1cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133681
x-xss-protection
0
last-modified
Thu, 18 Aug 2022 08:36:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Aug 2023 14:27:24 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 1168
386 B
744 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.arnolds.com.br&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:56:16 GMT
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
server
Server
age
9821
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
content-length
386
x-amz-cf-id
tNfAo5_5K_YMLopBC94Mvar7BGbcIohXvMgaYliggIdBJSBqcm6euw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 1168
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 03:45:14 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
53685
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 22:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
JXufo2ctue2uysHllG2MRpKE8F0E4.a0
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
z-AzScSDeOQ6g9UpHpKpL28DuwgSMaP3oCpC2iowylwITrLzo0l6Iw==
line-awesome.woff2
www.arnolds.com.br/wp-content/themes/disto/css/fonts/ Frame 1168
44 KB
44 KB
Font
General
Full URL
https://www.arnolds.com.br/wp-content/themes/disto/css/fonts/line-awesome.woff2?v=1.1.
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/wp-content/themes/disto/css/bootstrap.css?ver=1.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
063a952901506e6cbcc2abdd1995ea387e4ae9138993f5517834a75faee165d0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arnolds.com.br/wp-content/themes/disto/css/bootstrap.css?ver=1.6
Origin
https://www.arnolds.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5e32df22-b034"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
font/woff2
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
45108
x-content-type-options
nosniff
protected
by MS22081202
legiao_DlJUvCxo_aIz.jpg1_-120x120.jpeg
www.arnolds.com.br/wp-content/uploads/2022/07/ Frame 1168
5 KB
6 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2022/07/legiao_DlJUvCxo_aIz.jpg1_-120x120.jpeg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
3afe04b97f5b646c9d9ed52a077a33617b37b1db8dbfef78130cd605b4106def
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62d89ac6-15f5"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
5621
x-content-type-options
nosniff
protected
by MS22081202
site
logs.viadata.store/req/ Frame FBB7
43 B
297 B
Image
General
Full URL
https://logs.viadata.store/req/site?sid=104413&uid=55a2ca9d-2f9e-42da-814f-ff4c67526ded&event=playerLoaded&v=208233&cb=1661279999026
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:39:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Aug 2022 18:39:59 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
e.js
cdn.ftd.agency/libs/ Frame FBB7
2 KB
2 KB
Script
General
Full URL
https://cdn.ftd.agency/libs/e.js
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.48.117.210 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
dbde787befd05399997159250298503a1ec727b2115919a814e603994df9e9f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:39:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block;
Last-Modified
Fri, 09 Oct 2020 08:00:41 GMT
Server
nginx
ETag
W/"5f8018a9-946"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:39:59 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame FBB7
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://futebolistasonline.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 19:25:00 GMT
x-content-type-options
nosniff
age
515699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 19:25:00 GMT
fontawesome-webfont.woff2
futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/fonts/fontAwesome/ Frame FBB7
75 KB
76 KB
Font
General
Full URL
https://futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/fonts/fontAwesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/css/main.min.css?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/css/main.min.css?ver=5.9.3
Origin
https://futebolistasonline.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:31 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5f6bff0f-12d68"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
font/woff2
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
77160
x-content-type-options
nosniff
protected
by MS22081202
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame FBB7
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://futebolistasonline.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 19:25:01 GMT
x-content-type-options
nosniff
age
515698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 19:25:01 GMT
Ktk0ALCRZonmalTgyPmRfs16x3TQN4Y.woff2
fonts.gstatic.com/s/spectralsc/v11/ Frame FBB7
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/spectralsc/v11/Ktk0ALCRZonmalTgyPmRfs16x3TQN4Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7d5f711555d39edbe52b9ea37ef3721a37dc806ac118d1cc5eaa15c33c7c875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://futebolistasonline.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 01:44:48 GMT
x-content-type-options
nosniff
age
492911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22220
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 01:44:48 GMT
KtkpALCRZonmalTgyPmRfsWl42E.woff2
fonts.gstatic.com/s/spectralsc/v11/ Frame FBB7
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/spectralsc/v11/KtkpALCRZonmalTgyPmRfsWl42E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47dff2346e754625663b868c32d138ade45c84aefc949eecc2b6146bd7b54db2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://futebolistasonline.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 00:29:09 GMT
x-content-type-options
nosniff
age
497450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21580
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:30:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 00:29:09 GMT
bg-pushdown_2.jpg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DAC1
26 KB
26 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/bg-pushdown_2.jpg?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a01536a4e78676d34742f3d6a8718fd8604dc9c0f4569cbc5a38c1e66d774cf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
cf-cache-status
HIT
age
471
cf-polished
origSize=27972, status=webp_bigger
cf-ray
73f5f95a882e9c0a-FRA
last-modified
Thu, 07 Jul 2022 16:09:58 GMT
content-length
26182
x-amz-id-2
J1xDt64B6FiBUWztRwjg7heGGc0gjEPQ6MGBEN3eD2S3nBG9iSQq/uoVAevz0xhALfR2XKtxnNw=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"badb98ee3ef98cf931012151d07083fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
92K8Y1MX24SMBYHD
cache-control
public, max-age=1800
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 23 Aug 2022 19:09:59 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame DAC1
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp.cleverwebserver.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 18:50:34 GMT
x-content-type-options
nosniff
age
85765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:50:34 GMT
cmp-3.2.2.min.js
optad360.mgr.consensu.org/cmp/v2/ Frame 0568
692 KB
190 KB
Script
General
Full URL
https://optad360.mgr.consensu.org/cmp/v2/cmp-3.2.2.min.js
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/918e1eea-b7af-45da-a987-49a1ce4b265a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f56e492c10145dbf06276635cf10daf821401c53b928c76e0957b15b134a12e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 05:05:29 GMT
content-encoding
gzip
last-modified
Thu, 17 Feb 2022 13:33:30 GMT
server
AmazonS3
age
48871
etag
W/"516a823d8d894911c809af02ffc6c46a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
gLXhJPCFswl0KWWu4M4k2MHIKhNC6hjNr81b0PjYAkDIumHd56J2Mw==
clever.de.min.js
lp.cleverwebserver.com/bet365/js/ Frame DAC1
9 KB
4 KB
Script
General
Full URL
https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Aug 2022 16:55:55 GMT
server
cloudflare
age
731
etag
W/"f608a5d30dd77ed8de7ceb968e854f04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
73f5f95af8f59c0a-FRA
x-amz-request-id
0RY1NXDGXJWA63KR
x-amz-id-2
Ya1widQVL23nx3UZ0MJ/mL1lxvxvoBKhySInYd1X81Z/CjkqF5LNeY6n6ZC31/izUtc5xIVsygk=
expires
Tue, 23 Aug 2022 19:09:59 GMT
load
z.cdn.ftd.agency/ Frame 1168
5 KB
3 KB
Script
General
Full URL
https://z.cdn.ftd.agency/load?z=1967970988&div=zone_1967970988&cw=1000&ch=2000&sr=1600x1200&bh=6&tl=1863&pl=3&mi=4&me=8&hc=4&n=1661279999195&url=www.arnolds.com.br%2F&vc=Intel%20Iris%20OpenGL%20Engine&ref=www.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ti=Arnold%27s%20-%20Entretenimento%20e%20inova%C3%A7%C3%A3o&zyx=2768335805
Requested by
Host: cdn.ftd.agency
URL: https://cdn.ftd.agency/libs/e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.48.117.210 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
9f07f5bc792b92f1c0f9484439775ae2d0b6d96b9fb7c7d9e464fdf44973f8b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 18:39:59 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
2247
Expires
-1
vendor-list.json
optad360.mgr.consensu.org/cmp/v2/ Frame EE5F
373 KB
50 KB
XHR
General
Full URL
https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by
Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.2.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86af650ed3452c03477e710c3d6f094d1198340d6111c0ebd73fefea6b92136c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 03:30:48 GMT
content-encoding
gzip
last-modified
Fri, 19 Aug 2022 01:00:08 GMT
server
AmazonS3
age
54552
etag
W/"d1136a4aecebab44af883071315ae35c"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
336ndDnHO9y9CNY2WYQBET6CTShH4NpBzh-N_COtYMDeKbhRwTQawg==
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
/
megacdn.top/ Frame 69D4
208 B
726 B
Document
General
Full URL
https://megacdn.top/
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3f9d8ff33e31cd0334df91cdb3586df887757daeb652ed27c69b6a43ff78e4

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
HIT
cf-ray
73f5f95c2dc49072-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 18:39:59 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLMwis321nbvSAGh6NJ3zJD%2Bwl9%2Bkckts2limeylQOVqXMqOojHjbENFpYMYskQzmTHGZxmU8jP5n53yeqB7ljy1h35DuGlSo%2FXwnr5dqA%2F0zEkfK%2BUJHifMzo20YZ1FmS2Kbl065xhHEg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D7E1
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 17:19:51 GMT
x-content-type-options
nosniff
server
cafe
age
4808
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7735524722462771930
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Wed, 24 Aug 2022 17:19:51 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D7E1
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 16:47:30 GMT
x-content-type-options
nosniff
server
cafe
age
6749
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 24 Aug 2022 16:47:30 GMT
right-arrow-circular-button.svg
futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/img/icons/ Frame FBB7
563 B
858 B
Image
General
Full URL
https://futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/img/icons/right-arrow-circular-button.svg
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/css/main.min.css?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
76d655e1ad24de393ebbcc5b31f8ebdc34f4e89572c98afc67716e452deefa54
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/css/main.min.css?ver=5.9.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:32 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5f6bff0f-233"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
563
x-content-type-options
nosniff
protected
by MS22081202
back-arrow-circular-symbol.svg
futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/img/icons/ Frame FBB7
577 B
872 B
Image
General
Full URL
https://futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/img/icons/back-arrow-circular-symbol.svg
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/css/main.min.css?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
18e0b016ad6e81b1af4bc7eafbde596a758b5582099de81200955fcaed0a16cb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/wp-content/themes/styleblog3/themebeez/assets/dist/css/main.min.css?ver=5.9.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:32 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5f6bff0f-241"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
577
x-content-type-options
nosniff
protected
by MS22081202
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 1168
43 KB
12 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49907fa8e3c67675f143d2d13940ac5ebe29522c5feb70c570aab1e0c1fba2e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
1262
x-amz-server-side-encryption
AES256
x-amz-request-id
B5CNQBM2GD83601J
x-amz-id-2
TceJDHOjfEdh1N+JNnLeCLBhLNp9LPylyAT8z8H6Q6/HTmu7RM7XgcHIzCwbiNPyLLynRNXLck0=
last-modified
Tue, 23 Aug 2022 08:57:12 GMT
server
cloudflare
etag
W/"bc3c521f89b11aa48366adef8a4f24e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
73f5f95c78896933-FRA
collect
www.google-analytics.com/ Frame 1168
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=475979127&t=pageview&_s=1&dl=https%3A%2F%2Fwww.arnolds.com.br%2F&ul=en-us&de=UTF-8&dt=Arnold%27s%20-%20Entretenimento%20e%20inova%C3%A7%C3%A3o&sd=24-bit&sr=1600x1200&vp=1000x2000&je=0&_u=QCCACUABB~&jid=&gjid=&cid=776207754.1661279997&tid=UA-108875794-3&_gid=943460006.1661279997&gtm=2ou8m0&did=dZTNiMT&gdid=dZTNiMT&z=150603222
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 13:58:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 1168
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=475979127&t=pageview&_s=2&dl=https%3A%2F%2Fwww.arnolds.com.br%2F&ul=en-us&de=UTF-8&dt=Arnold%27s%20-%20Entretenimento%20e%20inova%C3%A7%C3%A3o&sd=24-bit&sr=1600x1200&vp=1000x2000&je=0&_u=QCCACUABB~&jid=&gjid=&cid=776207754.1661279997&tid=UA-108875794-3&_gid=943460006.1661279997&gtm=2ou8m0&did=dZTNiMT&gdid=dZTNiMT&z=1945769626
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 13:58:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1661279998524&dn=TC&iso=0&r=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&t=5%20Filme%20de%20Terror%20para%20dar%20Muito%20Medo
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
css
fonts.googleapis.com/ Frame 2FC4
6 KB
672 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:20:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:39:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:39:59 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 2FC4
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 18:17:34 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2FC4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDJhT_h4FY7-fAcuElgSLmIrIA8Tf4P9q4Mu5uosQ2tkeEAEgqoDDImCV6p2CrAegAd-1wswDyAEJ4AIAqAMByAPLBKoErQJP0O0JR0cZJqhNjjNnOgfW5C5uD1ilqugEf_--YaaH7mVYRnlfRO8kiqM4GdPxp0j1lh74lndR8NHXcpWlyv6K4Zqa_y5LSw83sHNo9qv11UOLvlLwmnozka3kgBdM-CKM4-_P08vtStmXiIWnpkUc5Tx5M6LRHB-ijYy0TglL5y_taCfGmLGfdWZCbVHJ7LS8F3PqsTUZuONyMV8mk5cB7UMzrjDWxJErZ9DTeUkHqb30xTdHwZ6ToSo2EfFOZ2C_zJbUCZ3JyLeYtJ8xCLPKdeKMU_4d3tBItyXCLQiGfSADPs38WQa4evwtRLwfv75UJVmVvANfql8X_7K6ullqoCtViyISmTRqEMnFDc3aMHsIXsoH81yGqc6x_km1JQ08s8C8dEa0MvqChKUuwATRxMPoR-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeJyr0zqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2LsL0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTQ3ODI1NTQyNjU3MTA4MjWACgPICwG4E-QD2BMM0BUBgBcBshceChwIABIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=qrczPFSeRSY&uach_m=[UACH]&template_id=484
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/ Frame 2FC4
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/abg_lite_fy2021.js
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:25:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
899
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 18:25:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 2FC4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/window_focus_fy2021.js
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 18:20:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 2FC4
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 18:30:45 GMT
l
www.google.com/ads/measurement/ Frame 2FC4
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvEbg3QZ5kamPQMEWqPOK72jveQ3IOBXYWDVkfXZAgmi0N6VfnOFc8S_k9CjWPnYYQxqv4-qtvBGnzid7Yx1oMSXmOAQ
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2FC4
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 18:39:59 GMT
e3ca5db921b3b46420ba257a4c2f6b26.js
www.gstatic.com/mysidia/ Frame 2FC4
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 22:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
504037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13683
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 22:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 15 Nov 2022 22:39:22 GMT
publishertag.prebid.js
static.criteo.net/js/ld/
87 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:39:59 GMT
arnolds.png
www.arnolds.com.br/wp-content/uploads/2020/02/ Frame EE5F
7 KB
7 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2020/02/arnolds.png
Requested by
Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.2.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
f363908fbfdcea7ae886b072d6bb21b190edd172d8322a1868c670d54e85dcfb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:32 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5e5411e0-1a2f"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
6703
x-content-type-options
nosniff
protected
by MS22081202
2076313506083323656
tpc.googlesyndication.com/simgad/8609185063011233476/ Frame 2FC4
61 KB
61 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8609185063011233476/2076313506083323656
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fc3e985a65975bfbaf779c81e8f77f6dacc86eea2cc907b2be23b60858d9524
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 11:48:29 GMT
x-content-type-options
nosniff
age
543090
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62332
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 03:36:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 17 Aug 2023 11:48:29 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9842161770512313806/ Frame 2FC4
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9842161770512313806/downsize_200k_v1?w=100&h=100
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0dfec92e08621e63a9c63d274cc88ab057f02569d175fc9f069f461c504ff26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 07:37:07 GMT
x-content-type-options
nosniff
age
471772
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1320
x-xss-protection
0
last-modified
Thu, 09 Jan 2020 08:35:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 18 Aug 2023 07:37:07 GMT
truncated
/ Frame 2FC4
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
impl.v15.2.0.js
live.demand.supply/ Frame FBB7
78 KB
25 KB
Script
General
Full URL
https://live.demand.supply/impl.v15.2.0.js
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73201cd61d120c36fd747444793aa5ccffcfdbb92b0168fe316b8d2a9520dce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01GA74AH5PM44ZFP6ZBTP879AC
date
Tue, 23 Aug 2022 18:39:59 GMT
content-encoding
br
cf-cache-status
HIT
age
1035624
cf-polished
origSize=80095
cf-ray
73f5f95d3cba9bd4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"e392b9d0ccb1968e28d6d403bc0f2521-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
ZnV0ZWJvbGlzdGFzb25saW5lLmNsdWIv
live.demand.supply/p4/v14-3-0/ Frame FBB7
914 B
716 B
Script
General
Full URL
https://live.demand.supply/p4/v14-3-0/ZnV0ZWJvbGlzdGFzb25saW5lLmNsdWIv
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99647c26c6de641606079acccc3f078a3a56e8b9f4c556c495b3b636dacbc08b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
73f5f95d3cbc9bd4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p27c1aed83627845dd2a68a83ddc3fa41.otf
ad.lomadee.fun/fonts/ Frame FBB7
424 B
1010 B
XHR
General
Full URL
https://ad.lomadee.fun/fonts/p27c1aed83627845dd2a68a83ddc3fa41.otf
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/banners/script.js?sourceId=37069243&dimension=19&height=50&width=320&method=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9789e4a25fa23efe97512b4c8d286347f1c0320e319a3b12c14d6b4c3aa116f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
424
pragma
no-cache
server
cloudflare
etag
0aca38ddc466eb728161828763789138
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mwu1VRo6YvMjY8FhVEX8nDyqeKsxkM%2FJDjyUybmKPiT%2FRD17X%2FvsmVtuYTJ%2BWejBHWBl6bSOf2KsM9olV2qkoPr85OfYObJYYJLD8Vw4HFtvPKCDrDSAunU11u1h6ucqeChTpKY9lJu%2Fs5RoxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f95d58f9bb7a-FRA
expires
0
script.js
ad.lomadee.com/banners/ Frame FBB7
431 B
589 B
Script
General
Full URL
https://ad.lomadee.com/banners/script.js?sourceId=37069243&dimension=19&height=50&width=320&method=0
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/banners/script.js?sourceId=37069243&dimension=19&height=50&width=320&method=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
ca6302ea50feb9506aa66eb280d8202823d5fdecb4ea0ebb65b10d4422356516

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 25 May 2022 04:37:44 GMT
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
age
7826534
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-language
en-US
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
content-type
text/html;charset=UTF-8
x-amz-cf-id
4k_JHt-gDYWcC8k4n5Z4LEOddfZTqMslbESCUNFQH_HKmQ5RFr2qIw==
DefaultAff.aspx
members.bet365.de/Members/Helpers/ Frame C035
84 B
1 KB
Document
General
Full URL
https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01003470
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Referer
https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
73f5f95dfcbd693a-FRA
Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
177
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Aug 2022 18:39:59 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ME-Redirect
PQB
Server
cloudflare
Vary
Accept-Encoding
vendor-list.json
optad360.mgr.consensu.org/cmp/v2/ Frame 0568
373 KB
50 KB
XHR
General
Full URL
https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by
Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.2.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86af650ed3452c03477e710c3d6f094d1198340d6111c0ebd73fefea6b92136c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 03:30:48 GMT
content-encoding
gzip
last-modified
Fri, 19 Aug 2022 01:00:08 GMT
server
AmazonS3
age
54552
etag
W/"d1136a4aecebab44af883071315ae35c"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
nmTEm2VPOj3jg8WznlOwVdvXnyBd61xg0xMK4MPPJYfh3jxyX6cn8Q==
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
tiger-woods1-680x450.jpg
futebolistasonline.club/wp-content/uploads/2022/08/ Frame FBB7
41 KB
41 KB
Image
General
Full URL
https://futebolistasonline.club/wp-content/uploads/2022/08/tiger-woods1-680x450.jpg
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
3d0cac1ced65c8605a7bf6eeb85cd932807c2a8e0ac161bd200a619ef7da78e4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:32 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62e9c837-a22d"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
41517
x-content-type-options
nosniff
protected
by MS22081202
index.html
f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/ Frame BD2E
2 KB
1 KB
Document
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
Requested by
Host: z.cdn.ftd.agency
URL: https://z.cdn.ftd.agency/load?z=1967970988&div=zone_1967970988&cw=1000&ch=2000&sr=1600x1200&bh=6&tl=1863&pl=3&mi=4&me=8&hc=4&n=1661279999195&url=www.arnolds.com.br%2F&vc=Intel%20Iris%20OpenGL%20Engine&ref=www.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ti=Arnold%27s%20-%20Entretenimento%20e%20inova%C3%A7%C3%A3o&zyx=2768335805
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
2eaf20ae8c0d6b26613f3afc4e3f0a933429aaf812e4dbf25a0a435a2bed6f6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://www.arnolds.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-PINGOTHER
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Aug 2022 18:39:59 GMT
ETag
W/"62eb7120-69b"
Expires
Wed, 24 Aug 2022 18:39:59 GMT
Last-Modified
Thu, 04 Aug 2022 07:11:28 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block;
event
z.cdn.ftd.agency/ Frame 1168
35 B
175 B
Image
General
Full URL
https://z.cdn.ftd.agency/event?z=1967970988&m=1700670081&n=3521924330028846558&t=&u=5ef09e5661d8cb51
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.48.117.210 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:39:59 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
arnolds.png
www.arnolds.com.br/wp-content/uploads/2020/02/ Frame 0568
7 KB
7 KB
Image
General
Full URL
https://www.arnolds.com.br/wp-content/uploads/2020/02/arnolds.png
Requested by
Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.2.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
f363908fbfdcea7ae886b072d6bb21b190edd172d8322a1868c670d54e85dcfb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:32 GMT
referrer-policy
no-referrer-when-downgrade
etag
"5e5411e0-1a2f"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
6703
x-content-type-options
nosniff
protected
by MS22081202
e.js
live.demand.supply/e/ Frame FBB7
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?e=ll&d=1236&cs=c&dsReferer=aHR0cHM6Ly9mdXRlYm9saXN0YXNvbmxpbmUuY2x1Yi8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G3W6J2DH8WXYVAKSRY7J3YX4
date
Tue, 23 Aug 2022 18:39:59 GMT
cf-cache-status
HIT
age
2244902
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f95e3cbe90be-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FBB7
165 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ad816863ea62d85d2a3be5470f77d5b1fa94a35f6e37ae4d9d2ac97cc9481db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57509
x-xss-protection
0
server
cafe
etag
4451171964019970214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:39:59 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame FBB7
83 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
dd6110a8dac5a0a87be0e286a7484f04330256019f21174f5e7683840e00deb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28559
x-xss-protection
0
server
sffe
etag
"1312 / 384 of 1000 / last-modified: 1661252718"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 18:39:59 GMT
ds.2.html
live.demand.supply/ Frame FBB7
413 B
470 B
XHR
General
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G3W6ST5YAQ27D4GEBJWTR8R1
date
Tue, 23 Aug 2022 18:39:59 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
331487
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
73f5f95e3cc090be-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
load
z.cdn.ftd.agency/ Frame FBB7
5 KB
2 KB
Script
General
Full URL
https://z.cdn.ftd.agency/load?z=1846439634&div=zone_1846439634&cw=1000&ch=2000&sr=1600x1200&bh=6&tl=2378&pl=3&mi=4&me=8&hc=4&n=1661279999710&url=futebolistasonline.club%2F&vc=Intel%20Iris%20OpenGL%20Engine&ref=www.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ti=Futebolistas%20Online%20%E2%80%93%20Tudo%20sobre%20as%20noticias%20mais%20quentes%20do%20mundo%20esportivo&zyx=1205399692
Requested by
Host: cdn.ftd.agency
URL: https://cdn.ftd.agency/libs/e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.48.117.210 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
99e6fbc6a5afada5843ed4d89ce03404ba3bf49ef894eead09d80735aab0a987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 18:39:59 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
2223
Expires
-1
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1661279998524&dn=TC&iso=0&r=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F&t=5%20Filme%20de%20Terror%20para%20dar%20Muito%20Medo
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
analytics.js
www.google-analytics.com/ Frame FBB7
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5879
date
Tue, 23 Aug 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 23 Aug 2022 19:02:00 GMT
view
ad.lomadee.com/banner/ Frame 6C57
0
0

cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D657
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14875
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:32:04 GMT
etag
48472445140208031
expires
Wed, 24 Aug 2022 14:32:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
futebolistasonline.club_fluid_sq_ads_teste
live.demand.supply/cp/ Frame FBB7
29 B
257 B
XHR
General
Full URL
https://live.demand.supply/cp/futebolistasonline.club_fluid_sq_ads_teste?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9mdXRlYm9saXN0YXNvbmxpbmUuY2x1Yi8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4da0955494c0251bde2022a419625c63b563afb16132baf74c3925374b5e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
73f5f95eed6790be-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29
translateelement.css
translate.googleapis.com/translate_static/css/ Frame FBB7
18 KB
4 KB
Stylesheet
General
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.-WS5osDYZQE.O/d=1/rs=AN8SPfpvo3TkKAEGDUANg3Rdiam3HxZeWg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 23:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 23 Aug 2022 19:09:53 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.-WS5osDYZQE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpvo3TkKAEGDUANg3Rdiam3HxZeWg/ Frame FBB7
263 KB
92 KB
Script
General
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.-WS5osDYZQE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpvo3TkKAEGDUANg3Rdiam3HxZeWg/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.-WS5osDYZQE.O/d=1/rs=AN8SPfpvo3TkKAEGDUANg3Rdiam3HxZeWg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc24577bb02bf27ae6c6906ceb9389bae6a0d225162ef888a8aed2ab56f3b32e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 08:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94061
x-xss-protection
0
last-modified
Sat, 20 Aug 2022 01:09:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 08:30:03 GMT
styles.min.css
f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/css/ Frame BD2E
20 KB
4 KB
Stylesheet
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/css/styles.min.css
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
29376c7346dd008f9e7de4c5c049e0cc7d5fa6602911b29560b961b257d6b234
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:39:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block;
Last-Modified
Thu, 04 Aug 2022 07:11:28 GMT
Server
nginx
ETag
W/"62eb7120-4f31"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:39:59 GMT
banner_html5.js
f2.cdn.ftd.agency/libs/ Frame BD2E
2 KB
1 KB
Script
General
Full URL
https://f2.cdn.ftd.agency/libs/banner_html5.js
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
e5ea550aa4bcb9f327fa18006fbbb06b5df119f19af6e26de29ffae10e0af430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:39:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block;
Last-Modified
Tue, 09 Apr 2019 12:08:21 GMT
Server
nginx
ETag
W/"5cac8b35-8b8"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:39:59 GMT
logo.png
f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/ Frame BD2E
2 KB
2 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/logo.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
8ce4cbee041fbb29a5b16edaa48e4a25b1f7487cc326631fdd53b5b68514763c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:39:59 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
1858
X-XSS-Protection
1; mode=block;
Last-Modified
Thu, 04 Aug 2022 07:11:28 GMT
Server
nginx
ETag
"62eb7120-742"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:39:59 GMT
casino.png
f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/ Frame BD2E
31 KB
32 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/casino.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
d736ac25bb367d7d5a69c46acfef07527c9799837a6bf42c984dd79fc84da93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
31767
X-XSS-Protection
1; mode=block;
Last-Modified
Thu, 04 Aug 2022 07:11:28 GMT
Server
nginx
ETag
"62eb7120-7c17"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
big-win_bg.png
f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/ Frame BD2E
19 KB
19 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/big-win_bg.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
ba28d6b9bc270e941432b1b0badabc625ced695922376e764939cea19fe60f62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
19135
X-XSS-Protection
1; mode=block;
Last-Modified
Thu, 04 Aug 2022 07:11:28 GMT
Server
nginx
ETag
"62eb7120-4abf"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
phone.png
f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/ Frame BD2E
7 KB
7 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/phone.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
35fd215d82eb0a09d2ae99628dc41abb6f4f9f6b82ed528f1060d2810805083c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
7029
X-XSS-Protection
1; mode=block;
Last-Modified
Thu, 04 Aug 2022 07:11:28 GMT
Server
nginx
ETag
"62eb7120-1b75"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
coins.png
f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/ Frame BD2E
7 KB
8 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/coins.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
6a84cd41e76a8862837129ef8e131511b1495b8e0e798d178b2d2e06622b9e24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
7668
X-XSS-Protection
1; mode=block;
Last-Modified
Thu, 04 Aug 2022 07:11:28 GMT
Server
nginx
ETag
"62eb7120-1df4"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
big-win.png
f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/ Frame BD2E
6 KB
6 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/big-win.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
3c9714672fb84e67f3cda67ae8d224b1d69f4b8c66d6e1cd622e88a1ee20f7e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
5694
X-XSS-Protection
1; mode=block;
Last-Modified
Thu, 04 Aug 2022 07:11:28 GMT
Server
nginx
ETag
"62eb7120-163e"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
all-in.png
f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/ Frame BD2E
18 KB
19 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/all-in.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
d080969afd9dd51405e545a55ef3bc0f1ce0f9797970380fa85003f7022ce5c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1967970988&m=1700670081&c=1415254964&p0=1839555046&u=5ef09e5661d8cb51&t=1661279999&n=3521924330028846558&h=4042565805
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
18866
X-XSS-Protection
1; mode=block;
Last-Modified
Thu, 04 Aug 2022 07:11:28 GMT
Server
nginx
ETag
"62eb7120-49b2"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
truncated
/ Frame 2FC4
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27642820dad9e3345d808f36c0dc94ef5b01b8984bebb1557b9607a03d7c5a2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
serena-williams1-300x300.jpg
futebolistasonline.club/wp-content/uploads/2022/08/ Frame FBB7
15 KB
16 KB
Image
General
Full URL
https://futebolistasonline.club/wp-content/uploads/2022/08/serena-williams1-300x300.jpg
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
4efde83e70b790e9b8706d5e58acff85a9255794ea9169d12a17250d2a7888cf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:32 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62f30a05-3ccb"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
15563
x-content-type-options
nosniff
protected
by MS22081202
5d3f73c8fb54cf51fc0b674c3e2841fc.js
scripts.cleverwebserver.com/ Frame FBB7
137 KB
47 KB
Script
General
Full URL
https://scripts.cleverwebserver.com/5d3f73c8fb54cf51fc0b674c3e2841fc.js
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1246117fa3ba322c04e6667bb6c05513eb5bb67cb7ade261cfadc3ceff154d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:39:59 GMT
content-encoding
br
cf-cache-status
HIT
age
2
x-amz-request-id
85ZQG34EYRYR7SQM
x-amz-id-2
izmL5itEve836EPx9jJsBXVehjoY/a8impEqptZJAl71KypZg18VWMbWNFTAjXEb1PakuDmeRis=
last-modified
Tue, 02 Aug 2022 09:11:17 GMT
server
cloudflare
etag
W/"ef39f1b2bb49d5c871dd1e062b70c01f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
Lh_y.vJ2VkBCLN07wYGh7HOmZ2BXykev
cf-ray
73f5f95f581c9c0a-FRA
expires
Tue, 23 Aug 2022 19:09:59 GMT
view
ad.lomadee.com/banner/ Frame 732E
1 KB
973 B
Document
General
Full URL
https://ad.lomadee.com/banner/view?sourceId=37069243&dimension=19&width=320&height=50&method=0&advertisers=&tags=
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
dc73e19ce773dab8e3027d16d415aa94a6dcdb69dcefebd5fb495d0a411e2cf7

Request headers

Referer
https://futebolistasonline.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-language
en-US
content-type
text/html;charset=UTF-8
date
Tue, 23 Aug 2022 18:40:00 GMT
server
Apache-Coyote/1.1
vary
Accept-Encoding
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
x-amz-cf-id
fFKLN-PMyMlcEmxSQlIr5oVKYTnzgvT8aXNDSHDfvjr0ASe3s4Kkcw==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
index.html
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/ Frame 7B57
3 KB
1 KB
Document
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1846439634&m=1680563004&c=1417763096&p0=1456549755&u=5ef09e5661d8cb51&t=1661279999&n=1226501152221287135&h=256252826
Requested by
Host: z.cdn.ftd.agency
URL: https://z.cdn.ftd.agency/load?z=1846439634&div=zone_1846439634&cw=1000&ch=2000&sr=1600x1200&bh=6&tl=2378&pl=3&mi=4&me=8&hc=4&n=1661279999710&url=futebolistasonline.club%2F&vc=Intel%20Iris%20OpenGL%20Engine&ref=www.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ti=Futebolistas%20Online%20%E2%80%93%20Tudo%20sobre%20as%20noticias%20mais%20quentes%20do%20mundo%20esportivo&zyx=1205399692
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
7ae18b218568670548bf485404a4866977ca40af75c242526da77263ab92dc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://futebolistasonline.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-PINGOTHER
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Aug 2022 18:39:59 GMT
ETag
W/"62e13f49-a33"
Expires
Wed, 24 Aug 2022 18:39:59 GMT
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block;
event
z.cdn.ftd.agency/ Frame FBB7
35 B
175 B
Image
General
Full URL
https://z.cdn.ftd.agency/event?z=1846439634&m=1680563004&n=1226501152221287135&t=&u=5ef09e5661d8cb51
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.48.117.210 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:39:59 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
css2
fonts.googleapis.com/ Frame BD2E
5 KB
661 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&display=swap
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/css/styles.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86af09d351c0a3be01506ecbff333a4e35474f82442f1fd632a609626e3cd6f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:00:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:39:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:39:59 GMT
prebid5.14.0.js
get.optad360.io/sf/ Frame FBB7
460 KB
461 KB
Script
General
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/b673a0d0-2fd8-411b-885b-35ee33ab22a4/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 00:35:49 GMT
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
12765851
etag
"6dd0a13bde35d2daa452bba998871016"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
471445
x-amz-cf-id
n68Eg6MKCQ75kwVJMgTIFtVX63GhSdxLpJePAem1KWIq7kE8D06z1A==
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame FBB7
384 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 16:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7665
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Aug 2023 16:32:14 GMT
e.js
live.demand.supply/x/ Frame FBB7
0
365 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly9mdXRlYm9saXN0YXNvbmxpbmUuY2x1Yi8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G3W6JDPNGVPGTCSNBCX8Y0Y7
date
Tue, 23 Aug 2022 18:39:59 GMT
cf-cache-status
HIT
age
2590810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f95fde5c90be-FRA
futebolistasonline.club_fluid_lb_ads02
live.demand.supply/cp/ Frame FBB7
31 B
259 B
XHR
General
Full URL
https://live.demand.supply/cp/futebolistasonline.club_fluid_lb_ads02?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9mdXRlYm9saXN0YXNvbmxpbmUuY2x1Yi8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed007bc12e2c346ef476252b177dee6d923f1e858307d8c61383bf1e3d442c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
73f5f95fde5d90be-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2FC4
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
470288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 08:01:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2FC4
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:29:41 GMT
x-content-type-options
nosniff
age
220218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 05:29:41 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2FC4
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 11:47:17 GMT
x-content-type-options
nosniff
age
111162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 11:47:17 GMT
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1661279998524&dn=TC&iso=0&r=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252F5-filme-de-terror-para-dar-muito-medo%252F
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
jquery.js
megacdn.top/ Frame 69D4
14 KB
4 KB
Script
General
Full URL
https://megacdn.top/jquery.js
Requested by
Host: megacdn.top
URL: https://megacdn.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20b8b347154b8a6a144efc72ab1e879c4fd518ccab777235650f9e6c448f281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTw7NQAwUBpZ0o6UfXwxmeEWu7xZrjzTRJF7%2BGJrFDBGA%2FLeDsQE5BIjyRhhR3LyNiKcmOVFeBaLzIeto7ay7RnNO1T8b8p9HdwDEERRHp4w0mEfpYf8uKTEXx6zpN%2FA60S9vrFEB1NhdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f9604bc39072-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
e.js
live.demand.supply/e/ Frame FBB7
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=futebolistasonline.club_fluid_sq_ads_teste&pdc=0.4977843190576413&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9mdXRlYm9saXN0YXNvbmxpbmUuY2x1Yi8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G3W6J2DH8WXYVAKSRY7J3YX4
date
Tue, 23 Aug 2022 18:40:00 GMT
cf-cache-status
HIT
age
2244903
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f9609f1790be-FRA
pixel
cm.g.doubleclick.net/ Frame D657
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4DohXmQx6rjiuNHpxojgQufZNi9heaYvBueGOC...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdVZkFBQUFBWFg3N0ZhcA&google_push=AehlK4DohXmQx6rjiuNHpxojgQufZNi9heaYvBueGOC48p0wrQBV46MvQPAn6uQBeAdMo1iRf_sUIfHtjpQHtV4mX8K_Us2ieD...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdVZkFBQUFBWFg3N0ZhcA&google_push=AehlK4DohXmQx6rjiuNHpxojgQufZNi9heaYvBueGOC48p0wrQBV46MvQPAn6uQBeAdMo1iRf_sUIfHtjpQHtV4mX8K_Us2ieDWWIChEbAl44g-rpoXdujuGhmRbifQ2SAdFKyD76HYRj58
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdVZkFBQUFBWFg3N0ZhcA&google_push=AehlK4DohXmQx6rjiuNHpxojgQufZNi9heaYvBueGOC48p0wrQBV46MvQPAn6uQBeAdMo1iRf_sUIfHtjpQHtV4mX8K_Us2ieDWWIChEbAl44g-rpoXdujuGhmRbifQ2SAdFKyD76HYRj58
Date
Tue, 23 Aug 2022 18:40:00 GMT
Server
Apache
Connection
keep-alive
Content-Length
434
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame D657
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFHpjq6r6JX-sCiKrsIq-nw&google_cver=1&google_push=AehlK4DA2l364CROYgF326n6KrIiuiMta-MXaxqvV7jKzIFkGI5YwD4kZRH99uFqmfvhJrP59AJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc2SjdXMVItMjYtSjBE&google_push=AehlK4DA2l364CROYgF326n6KrIiuiMta-MXaxqvV7jKzIFkGI5YwD4kZRH99uFqmfvhJrP59AJtrU5XNrIMWTFOwosZi4XZfhbmNeKKm...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc2SjdXMVItMjYtSjBE&google_push=AehlK4DA2l364CROYgF326n6KrIiuiMta-MXaxqvV7jKzIFkGI5YwD4kZRH99uFqmfvhJrP59AJtrU5XNrIMWTFOwosZi4XZfhbmNeKKm80bT4ya2JOLbhm1HoB_XQdK4g6WBjVE58k0C5s
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc2SjdXMVItMjYtSjBE&google_push=AehlK4DA2l364CROYgF326n6KrIiuiMta-MXaxqvV7jKzIFkGI5YwD4kZRH99uFqmfvhJrP59AJtrU5XNrIMWTFOwosZi4XZfhbmNeKKm80bT4ya2JOLbhm1HoB_XQdK4g6WBjVE58k0C5s
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame D657
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGbzcXcCH9zsUPbpjk0mzN0&google_cver=1&google_push=AehlK4CrwFEp1xspGAN8bjJkaHT_aEqIGV9mXbvuCtWoa3DlwDMQfY1rqclgJyGPMiapMP0p_lMEub7rktkU...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CrwFEp1xspGAN8bjJkaHT_aEqIGV9mXbvuCtWoa3DlwDMQfY1rqclgJyGPMiapMP0p_lMEub7rktkUCXDIKCsmUtHoco9a5OUqTXTKUceVQLjtxQdm...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CrwFEp1xspGAN8bjJkaHT_aEqIGV9mXbvuCtWoa3DlwDMQfY1rqclgJyGPMiapMP0p_lMEub7rktkUCXDIKCsmUtHoco9a5OUqTXTKUceVQLjtxQdmBiYG6Kk53Z_mp6kyBwBl2So
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CrwFEp1xspGAN8bjJkaHT_aEqIGV9mXbvuCtWoa3DlwDMQfY1rqclgJyGPMiapMP0p_lMEub7rktkUCXDIKCsmUtHoco9a5OUqTXTKUceVQLjtxQdmBiYG6Kk53Z_mp6kyBwBl2So
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame D657
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPSf-DugJzSedxbiWkFOTys&google_cver=1&google_push=AehlK4BdJxWUnyjfvV4MZ5ds0lMxzaaO6sCpaMI-CWl-5OYgo7OU-24c_dHLUOl-GPf8ErFP6nZM0CD0kCds204OVZld_3m23ns...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4BdJxWUnyjfvV4MZ5ds0lMxzaaO6sCpaMI-CWl-5OYgo7OU-24c_dHLUOl-GPf8ErFP6nZM0CD0kCds204OVZld_3m23nsDdp9Tz3vfpJvZi4pHThZidXgFMS0BVH2...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4BdJxWUnyjfvV4MZ5ds0lMxzaaO6sCpaMI-CWl-5OYgo7OU-24c_dHLUOl-GPf8ErFP6nZM0CD0kCds204OVZld_3m23nsDdp9Tz3vfpJvZi4pHThZidXgFMS0BVH2GifBcCbWj6tk&google_hm=Z2E1OWIwNGI4MmNlNDY5YTk4Mjg=
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:00 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4BdJxWUnyjfvV4MZ5ds0lMxzaaO6sCpaMI-CWl-5OYgo7OU-24c_dHLUOl-GPf8ErFP6nZM0CD0kCds204OVZld_3m23nsDdp9Tz3vfpJvZi4pHThZidXgFMS0BVH2GifBcCbWj6tk&google_hm=Z2E1OWIwNGI4MmNlNDY5YTk4Mjg=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame D657
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGq3wi3WqqXOAqbD1FV4CLI&google_cver=1&google_push=AehlK4CNbq0KNYXtnqV-w9ke-FyOUYsL2Iv7XQy2VSQdd0DZozHAISiCSqlr46iwVYBaIlbEpVH3w5A7qwPZsZbrG3vVYPGO-T...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4CNbq0KNYXtnqV-w9ke-FyOUYsL2Iv7XQy2VSQdd0DZozHAISiCSqlr46iwVYBaIlbEpVH3w5A7qwPZsZbrG3vVYPGO-T3...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkwMjY4MzI5MTA0OTQ4NjkyNjY1OQ%3D%3D&google_push=AehlK4CNbq0KNYXtnqV-w9ke-FyOUYsL2Iv7XQy2VSQdd0DZozHAISiC...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkwMjY4MzI5MTA0OTQ4NjkyNjY1OQ%3D%3D&google_push=AehlK4CNbq0KNYXtnqV-w9ke-FyOUYsL2Iv7XQy2VSQdd0DZozHAISiCSqlr46iwVYBaIlbEpVH3w5A7qwPZsZbrG3vVYPGO-T36YVmt74qnnvcmeGt7JUKim2OXhBrsYO5zBh0nL5gKU7o
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkwMjY4MzI5MTA0OTQ4NjkyNjY1OQ%3D%3D&google_push=AehlK4CNbq0KNYXtnqV-w9ke-FyOUYsL2Iv7XQy2VSQdd0DZozHAISiCSqlr46iwVYBaIlbEpVH3w5A7qwPZsZbrG3vVYPGO-T36YVmt74qnnvcmeGt7JUKim2OXhBrsYO5zBh0nL5gKU7o
date
Tue, 23 Aug 2022 18:40:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame D657
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDciNlZcKFfipyA0NztqCJw&google_cver=1&google_push=AehlK4BGc-mTA6CY5MvIwRBZM3bwK5Wvua0H4Zee9U3BtPM4geCD2AtqDTJ0KwM1GM4YkoHM3tZCW...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4BGc-mTA6CY5MvIwRBZM3bwK5Wvua0H4Zee9U3BtPM4geCD2AtqDTJ0KwM1GM4YkoHM3tZCWWLHBtPeP54dmfgAuFxq86zut52Zw2zl0uYEXtRVjUuWNm...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4BGc-mTA6CY5MvIwRBZM3bwK5Wvua0H4Zee9U3BtPM4geCD2AtqDTJ0KwM1GM4YkoHM3tZCWWLHBtPeP54dmfgAuFxq86zut52Zw2zl0uYEXtRVjUuWNmaMM0ofNu4kg18KaEUNMaY&google_hm=WXdVZkFNQ284WU1BQUo1U0s4VUFBQUFB
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
33
Date
Tue, 23 Aug 2022 18:40:00 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEDciNlZcKFfipyA0NztqCJw&google_push=AehlK4BGc-mTA6CY5MvIwRBZM3bwK5Wvua0H4Zee9U3BtPM4geCD2AtqDTJ0KwM1GM4YkoHM3tZCWWLHBtPeP54dmfgAuFxq86zut52Zw2zl0uYEXtRVjUuWNmaMM0ofNu4kg18KaEUNMaY&proto=google_ebda","cluster_id":33,"gdpr":true,"ipv4":"0.0.0.0","key":"YwUfAMCo8YMAAJ5SK8UAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40037"}
X-SO-Ads-Time
4
X-SO-Key
YwUfAMCo8YMAAJ5SK8UAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40037
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4BGc-mTA6CY5MvIwRBZM3bwK5Wvua0H4Zee9U3BtPM4geCD2AtqDTJ0KwM1GM4YkoHM3tZCWWLHBtPeP54dmfgAuFxq86zut52Zw2zl0uYEXtRVjUuWNmaMM0ofNu4kg18KaEUNMaY&google_hm=WXdVZkFNQ284WU1BQUo1U0s4VUFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40037.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-IP
217.114.218.27
sync
rtb2-useast.e-volution.ai/ Frame D657
42 B
233 B
Image
General
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESECBdwTVwsYY_EOkPOk2cAko&google_cver=1&google_push=AehlK4DHwKU91pk9lOaPB8FjHtZNvK_0ZNhVAOJvdVN0qNblXBx4vJdrD8mXGeAxSMahO4HPjPRXjaOniJ5YXtuBUus6xGYjB4mfz15d88Xc_4yAI_LWKSuXk3QVoW-7e40Q3HN5XmbMQCk
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 18:40:00 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
attr
cm.g.doubleclick.net/pixel/ Frame D657
0
223 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IibtIZ-UJQX2unREFzactiAiQMSIavksqFgr_psfLDAqTcy2wie-4h43jpkxNkLIBs23VKGw
Requested by
Host: c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
URL: https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
js
www.googletagmanager.com/gtag/ Frame FBB7
107 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-139883519-66&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de406fe972fecac77270ef4dc2ed82106b42a793f1011d3e9ff00594e7b56a4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42040
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Aug 2022 18:40:00 GMT
js
www.googletagmanager.com/gtag/ Frame FBB7
107 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-135425005-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f70e6fbd5a8d9520b5d0cddb9c1ef46594fa6196d377aaa5a4c673509576179f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42060
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Aug 2022 18:40:00 GMT
bootstrap.js
ad.lomadee.fun/ Frame FBB7
16 KB
5 KB
Script
General
Full URL
https://ad.lomadee.fun/bootstrap.js
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/banners/script.js?sourceId=37069243&dimension=19&height=50&width=320&method=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74a494a17b4aa1290e6e7d1cb4c2f7ba4476673e4c9d29376abaee8e6278b36a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LBMz1DD47TLLxk7kdnGkvAGGxnlaAynHh1v3LfssAb6gjULY7aj%2FY1Rppr2i35qrajxZS%2BvWaIoGSNZTeY%2B9AZNMI1ER6qAjsa8hYMiwtqFeJzx5YoZYkPy%2FaHLp4jKnrZn8cMSORJUqZIddQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f9611bd89be9-FRA
expires
0
truncated
/ Frame 1FCD
2 KB
2 KB
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ Frame FBB7
846 B
870 B
Image
General
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:15:09 GMT
x-content-type-options
nosniff
age
1491
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 23 Aug 2023 18:15:09 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ Frame FBB7
910 B
934 B
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 10:34:24 GMT
x-content-type-options
nosniff
age
29136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
910
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 23 Aug 2023 10:34:24 GMT
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 2207
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 06:26:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
44015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 06:26:25 GMT
e.js
live.demand.supply/e/ Frame FBB7
0
365 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=futebolistasonline.club_fluid_lb_ads02&pdc=0.057801671891140195&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9mdXRlYm9saXN0YXNvbmxpbmUuY2x1Yi8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nf-request-id
01G3W6J2DH8WXYVAKSRY7J3YX4
date
Tue, 23 Aug 2022 18:40:00 GMT
cf-cache-status
HIT
age
2244903
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
73f5f96218bb90be-FRA
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ Frame FBB7
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:36:54 GMT
x-content-type-options
nosniff
age
186
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 23 Aug 2023 18:36:54 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame FBB7
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220823
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6cb31466abd327f67436b68da439bae3aa414bdc41872972fdd8f90dba365c87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://futebolistasonline.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
13141
x-jsd-version
1.0.1441
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
915
etag
W/"666-sZAR3d10B49a/ZZ188bLk+3iKvE"
x-served-by
cache-fra19160-FRA, cache-hhn4067-HHN
x-jsd-version-type
version
date
Tue, 23 Aug 2022 18:40:00 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
style.css
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/ Frame 7B57
40 KB
6 KB
Stylesheet
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1846439634&m=1680563004&c=1417763096&p0=1456549755&u=5ef09e5661d8cb51&t=1661279999&n=1226501152221287135&h=256252826
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
e0dcb72514ca393448b0d4ed00dfa31149703a705aab4628e4b1a1c4cbf92386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1846439634&m=1680563004&c=1417763096&p0=1456549755&u=5ef09e5661d8cb51&t=1661279999&n=1226501152221287135&h=256252826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
W/"62e13f49-a084"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
banner_html5.js
f2.cdn.ftd.agency/libs/ Frame 7B57
2 KB
1 KB
Script
General
Full URL
https://f2.cdn.ftd.agency/libs/banner_html5.js
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1846439634&m=1680563004&c=1417763096&p0=1456549755&u=5ef09e5661d8cb51&t=1661279999&n=1226501152221287135&h=256252826
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
e5ea550aa4bcb9f327fa18006fbbb06b5df119f19af6e26de29ffae10e0af430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1846439634&m=1680563004&c=1417763096&p0=1456549755&u=5ef09e5661d8cb51&t=1661279999&n=1226501152221287135&h=256252826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block;
Last-Modified
Tue, 09 Apr 2019 12:08:21 GMT
Server
nginx
ETag
W/"5cac8b35-8b8"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
bg.jpg
f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/ Frame BD2E
2 KB
2 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/img/bg.jpg
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/css/styles.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
b837f0034d3bfaffc5e843d7eece848969dad53c701b3a19235a4f05c4d13daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/0/8/48480/v1/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
1631
X-XSS-Protection
1; mode=block;
Last-Modified
Thu, 04 Aug 2022 07:11:28 GMT
Server
nginx
ETag
"62eb7120-65f"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame BD2E
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f2.cdn.ftd.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:04:27 GMT
x-content-type-options
nosniff
age
171333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 19:04:27 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame BD2E
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f2.cdn.ftd.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 22:18:51 GMT
x-content-type-options
nosniff
age
591669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 22:18:51 GMT
/
ui.cleverwebserver.com/ Frame FBB7
145 B
210 B
Script
General
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b039b6808272d4dfd72be37f6cc9fc230a865f6c1425fca9d14f4797cff02b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73f5f9636f5f9c0a-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1661279998524&dn=TC&iso=0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
320x50
ad.lomadee.com/banners/superofertas/ Frame 732E
10 KB
10 KB
Image
General
Full URL
https://ad.lomadee.com/banners/superofertas/320x50
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=37069243&dimension=19&width=320&height=50&method=0&advertisers=&tags=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e065342fda13275db15eec90e69951fed46cc8e04198548a42c0e2dbbb672c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lomadee.com/banner/view?sourceId=37069243&dimension=19&width=320&height=50&method=0&advertisers=&tags=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 16:30:04 GMT
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jul 2019 16:41:27 GMT
server
AmazonS3
age
27050997
etag
"6bf400de678e5ffdf5016a102e90b714"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
9771
x-amz-cf-id
AnCqU-FZ9RLZj5wHZhG2cIGioh0I-9ji0-i692Ukxv2k7owShQUdhg==
analyze.js
statistcdn.com/ Frame 732E
0
0

css2
fonts.googleapis.com/ Frame 7B57
4 KB
609 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@500;900&display=swap
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a3f974ab75cf6acbfbef4cd5b59e0c72ae7ced3a6214798b00e52fbd758f097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:40:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:40:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:40:00 GMT
analytics.js
www.google-analytics.com/ Frame 732E
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=37069243&dimension=19&width=320&height=50&method=0&advertisers=&tags=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lomadee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5880
date
Tue, 23 Aug 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 23 Aug 2022 19:02:00 GMT
/
adtrue.fun/dynamic/ads/ Frame FBB7
0
570 B
XHR
General
Full URL
https://adtrue.fun/dynamic/ads/
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9f80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15934
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stm%2B6srcFFPPqu98BKEcW%2F4MheMn1fdjpVW4HpPugOfPzuCFYkGs4awYcXXlqx2J1vLbAq9XD0B5qJ5tEPnTz6b8UeIZbyAp60qNQGIzyv7DLMs87UCjqOaaghafe4UaYjyIjcfUUzDE"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f965edba9bdd-FRA
expires
0
m542bee40d5e121507accc460c259dd41.otf
megacdn.top/fonts/ Frame FBB7
270 KB
271 KB
XHR
General
Full URL
https://megacdn.top/fonts/m542bee40d5e121507accc460c259dd41.otf
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac289ff51e8058f142d204435f80460c95c0c44cb19a86aac0e87ba3532b2b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
276428
pragma
no-cache
server
cloudflare
etag
280d9752899a09bd5bd316aa17254203
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haRWSXRxypo2%2BDri%2B5QlEq%2F7kQ677kSlSCpsg1cYCp%2BW51h1x5N10jdwf50eESCoiVO7Zs3X9KJMvo0ipfgewU91R4Tlf8MEGy8Weo40eoL1ukQKXw%2FbgtCGL0C0BPZSNWFwenkMvsAj0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f9660d25bbda-FRA
expires
0
analytics.js
www.google-analytics.com/ Frame FBB7
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135425005-2&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5880
date
Tue, 23 Aug 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 23 Aug 2022 19:02:00 GMT
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1661279998524&dn=TC&iso=0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
/
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame BB79
Redirect Chain
  • https://sender.clevernt.com/transporter/43452.php?ppuc=1&ppu=0&id=452644&ref=aHR0cHM6Ly9mdXRlYm9saXN0YXNvbmxpbmUuY2x1Yi8%3D&ruri=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvNS1maWxtZS1kZS10ZXJyb3ItcGFyYS1k...
  • https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
4 KB
983 B
Document
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90075efaf91893e57508dea94025405aff0e44a57d236d6e81f2ae98e3288ce0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
73f5f9669d2c9c0a-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 18:40:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 23 Aug 2022 19:10:01 GMT
last-modified
Sun, 24 Jul 2022 21:41:21 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
eOBYCaTuvoG4m/sg4som/txLJ3KqsWsboRn88ENGhvhXgj8ArMHilKdti0M3uS1pDaXqsGr62OA=
x-amz-request-id
KAE7P3GT3MVQ475B

Redirect headers

cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:01 GMT
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Tue, 23 Aug 2022 18:40:01 GMT
location
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
pragma
no-cache
server
nginx
truncated
/ Frame FBB7
655 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame D7E1
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuV9ZVSRxq4zTpV6FXGulbg4DPHVipv9fLcm0PFT9jhOne1qFkpV9p7NRDK_0MgKsB-z78FnwcHkBK49cmSvmRfYTjaPJRFJP0tlwDgzP2X-5jqzoFQM8J7gZ-wolt7SXIcFIErIawwTeak&sai=AMfl-YR9s9SWcSXQQsQiTuhhdIvZYtaR_tc_TwlpAEGpw13_ef6q0ouZSknTswXOX8w_vG3nNNus0ud_u8XiFjoYktcK3sgS-ajhAYiCwrSGNkLOEKV22FLC4YxUYTk&sig=Cg0ArKJSzFdAa5XDztfrEAE&cid=CAASF-RoItoCVKm0AW6BJDsgxRc8ivD04DSY&id=ampim&o=410,639&d=300,280&ss=1600,1200&bs=1600,1200&mcvt=1132&mtos=0,0,1132,1132,1132&tos=0,0,1132,0,0&tfs=1290&tls=2422&g=89.28571343421936&h=89.28571343421936&tt=2422&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3146323343
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
3 KB
4 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/logo.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
95f7a99c6f963e01d5e4bac6f9058129a0c32655c5af7ec87b752bc00ef3273e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
3378
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-d32"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
lines.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
2 KB
3 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/lines.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
3f6bee9a0730064a84a9ff8da506e65383104c6d5fb1b8d60679d25c310de9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
2519
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-9d7"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
paint-stroke.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
6 KB
7 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/paint-stroke.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
92f7696c0793ba80a1a76dba662ea0d68b358c37ebeea3f3c12a9f46ea86399c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
6178
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-1822"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
play-btn.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
3 KB
4 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/play-btn.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
fcd82c01d3a1198315983306f37c8811f5c0d4965ee0ab4e6765d821e805dd90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
3098
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-c1a"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
person-s1.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
9 KB
9 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/person-s1.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
c12a113494572a71906701cc1f8c5d981723a05e40a84a69abdcd5999e9338de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
9143
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-23b7"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
title-bottom.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
4 KB
5 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/title-bottom.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
c26129b75356e69596e3322f877e1d146460022662929c606a1095917003ab6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
4195
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-1063"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:00 GMT
triangle-stadium.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
46 KB
46 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/triangle-stadium.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
19d931617eec70b2be3d6002975bcc6ca6bbe2b0c158c4c2f79451708480b776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
46619
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-b61b"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:01 GMT
triangle-main.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
33 KB
34 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/triangle-main.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
e9afb3acbfe3c25010b20cef54661e69748f48908216e9e258c0fc035f5dff46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
34299
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-85fb"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:01 GMT
person-s2.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
16 KB
16 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/person-s2.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
13ad76a90292629b242bb5006f81a6c49deacd32b13328dbea85c1ffaf6b78c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
16005
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-3e85"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:01 GMT
triangle-light-blue.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
654 B
1 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/triangle-light-blue.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
62ad93dcfefe29c51aede9c64c82087c5b0a6b4ca6c6bb4958659de13c0b8e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
654
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-28e"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:01 GMT
triangle-white.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
443 B
1003 B
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/triangle-white.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
fc18e49d25e7bac0951d94e6e7d8329652bf224dc910ae5cdda1d58cacbb65e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
443
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-1bb"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:01 GMT
triangle-purple.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
446 B
1006 B
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/triangle-purple.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
96488890ae08d4a2187090b4183accb58587d7fe6cd633db06878ae95f370fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
446
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-1be"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:01 GMT
triangle-court.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
41 KB
42 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/triangle-court.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
db8c73895293f1e5ff19ddac1e892a9ac2e5828c19f9474679bf2a9d09473482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
42286
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-a52e"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:01 GMT
person-s3.png
f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/ Frame 7B57
22 KB
23 KB
Image
General
Full URL
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/img/person-s3.png
Requested by
Host: f2.cdn.ftd.agency
URL: https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.194.134 Gifhorn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
ec7a39850e9b81dff51e0ccb8b436ca67292ceb0db8e64256ce7e924a2c80c0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f2.cdn.ftd.agency/uploads/media/5/3/48235/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
22524
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 27 Jul 2022 13:36:09 GMT
Server
nginx
ETag
"62e13f49-57fc"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Wed, 24 Aug 2022 18:40:01 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7B57
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f2.cdn.ftd.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 08:45:00 GMT
x-content-type-options
nosniff
age
554100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 08:45:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7B57
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f2.cdn.ftd.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 20:10:25 GMT
x-content-type-options
nosniff
age
512975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 20:10:25 GMT
serena-williams1-680x450.jpg
futebolistasonline.club/wp-content/uploads/2022/08/ Frame FBB7
41 KB
41 KB
Image
General
Full URL
https://futebolistasonline.club/wp-content/uploads/2022/08/serena-williams1-680x450.jpg
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
8b96b637a6c05ec35ac9d04396d740dffc019af827082e2ee722bf718f75b27c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:33 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62f30a05-a325"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
41765
x-content-type-options
nosniff
protected
by MS22081202
hamilton-brasil1-300x300.png
futebolistasonline.club/wp-content/uploads/2022/08/ Frame FBB7
149 KB
150 KB
Image
General
Full URL
https://futebolistasonline.club/wp-content/uploads/2022/08/hamilton-brasil1-300x300.png
Requested by
Host: futebolistasonline.club
URL: https://futebolistasonline.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 Zaventem, Belgium, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
fa6e589c2902004100ff24e65cc75e96652ae21621eed9fefb222e79b5ddaad1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futebolistasonline.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:40:33 GMT
referrer-policy
no-referrer-when-downgrade
etag
"62f30f02-255e4"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
accept-ranges
bytes
content-length
153060
x-content-type-options
nosniff
protected
by MS22081202
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.arnolds.com.br%2F&domain=www.arnolds.com.br&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.arnolds.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 23 Aug 2022 18:40:01 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
532734
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.arnolds.com.br%2F&domain=www.arnolds.com.br&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=D_g4sHxNOUlEa2xidnpMR00vd2dvbkVML3BPVXpKczNxaU9VeFFtaG9KMjJtQ29nblNyYnkzQkt2SFc5UWNKd0pEdTVsZElkMXg4and6NFRQUkMzMGRYYWwraWhEYllQNVJZNnlWOHpHOHdoYkErU2p5TVE5WjVINU1tTE...
366 B
622 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=D_g4sHxNOUlEa2xidnpMR00vd2dvbkVML3BPVXpKczNxaU9VeFFtaG9KMjJtQ29nblNyYnkzQkt2SFc5UWNKd0pEdTVsZElkMXg4and6NFRQUkMzMGRYYWwraWhEYllQNVJZNnlWOHpHOHdoYkErU2p5TVE5WjVINU1tTEliT0Q1bHBiK1JoY3ZpT0lzRm1iNXQzZXozbU1wWHc3eWFaWGVKTFpWRjZ2bDEyVG5idU9KRmxjY1V2T0lFYjIyQm1jUXRDMGtNd0ZtN0xzSjRvSTliRkxZOHBGOTBvejlCbmNGQ0lHNGxSekNnU3lRNEVXMmhEcXRzSjFBQkZMQTFhQWRJOGxnfA&cppv=2
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e164e4a877946d74f114f8cafb14998b95c64f5de87f9dea377cb84c0004c8e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2885
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:01 GMT
location
https://mug.criteo.com/sid?cpp=D_g4sHxNOUlEa2xidnpMR00vd2dvbkVML3BPVXpKczNxaU9VeFFtaG9KMjJtQ29nblNyYnkzQkt2SFc5UWNKd0pEdTVsZElkMXg4and6NFRQUkMzMGRYYWwraWhEYllQNVJZNnlWOHpHOHdoYkErU2p5TVE5WjVINU1tTEliT0Q1bHBiK1JoY3ZpT0lzRm1iNXQzZXozbU1wWHc3eWFaWGVKTFpWRjZ2bDEyVG5idU9KRmxjY1V2T0lFYjIyQm1jUXRDMGtNd0ZtN0xzSjRvSTliRkxZOHBGOTBvejlCbmNGQ0lHNGxSekNnU3lRNEVXMmhEcXRzSjFBQkZMQTFhQWRJOGxnfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1438
content-length
509
expires
0
rid
match.adsrvr.org/track/
63 B
392 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
1f2228c9c706d54bc27ee328b4dd21c890fb8d34e5ad31e950ab68b477bdf39a

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 22 Sep 2022 18:40:01 GMT
apacdex
sync.quantumdex.io/usersync/ Frame 03EB
3 KB
1 KB
Document
General
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da85dd077f1ab37cfe2a0d6a34b41a99e1502416aa501be788b40f9e852115e

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
73f5f9667e3f900c-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 23 Aug 2022 18:40:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
usersync
ssp.wp.pl/bidder/ Frame 999C
477 B
410 B
Document
General
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 23 Aug 2022 18:40:01 GMT
last-modified
Tue, 23 Aug 2022 14:02:12 GMT
server
nginx
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5BC7
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 23 Aug 2022 18:40:01 GMT
ETag
"623de86a-cf34"
Expires
Wed, 24 Aug 2022 18:40:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9F4C
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1661279997644&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame 6588
6 KB
2 KB
Document
General
Full URL
https://csync.smilewanted.com/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
662817e21330cbf78ce4c0f606a0989b107d3dc4cf55849b6065ad9ee5096d66

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
73f5f9668ee06904-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
/
awscloudfront.ml/ Frame 309F
208 B
725 B
Document
General
Full URL
https://awscloudfront.ml/
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3f9d8ff33e31cd0334df91cdb3586df887757daeb652ed27c69b6a43ff78e4

Request headers

Referer
https://megacdn.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
10
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
HIT
cf-ray
73f5f9673bf9bbfd-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 18:40:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCKTITfydOXYE3RtmsFnWu09MQRGmSiZEYLpRmdnj2YNUfxyI72aA60rR%2Fytu3JE02W3TN44aaiRHuLXU2R3OASf0nILvRDiQoEKA5PbtzYNIeQt8%2FtLqf9K%2BgnhAkIXJcO%2FGNWIz8HzARcGwpre"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1661279998524&dn=TC&iso=0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 999C
44 KB
16 KB
Script
General
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
59dbe6d5353bc60dba5344433007fec4b2ce76b6455a4cf6197d762b7e071ffb

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
last-modified
Tue, 23 Aug 2022 10:28:45 GMT
server
nginx
etag
W/"f42c38fca77dd9cbdcd35965513fd84c"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
style.css
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame BB79
11 KB
2 KB
Stylesheet
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58387ca9397ec3cb0e0d8e163e3aaf616b33db0a023c16b7824519a834ca6001

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
age
229
cf-polished
origSize=11955
last-modified
Wed, 06 Jul 2022 16:16:12 GMT
x-amz-request-id
B8S3VWDX6Z4CWBGJ
x-amz-id-2
bFr5WS/jE/H03v8boRgnVycFLvU8qHWHxSYoEzkQCFZ7pEFNA3ahhQdmxlgcRO5v6IwTJbp9LNY=
cf-bgj
minify
server
cloudflare
etag
W/"0b1a0f0066ac8ef5a3b0a38c0858a9b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1800
cf-ray
73f5f9672e2d9c0a-FRA
expires
Tue, 23 Aug 2022 19:10:01 GMT
anzeige.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
1 KB
895 B
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/anzeige.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Jul 2022 16:09:10 GMT
server
cloudflare
age
1122
etag
W/"3e9d1a10a1056de77db1bab72b55ef1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f9672e2f9c0a-FRA
x-amz-request-id
S881PYJJWCVPT3FP
x-amz-id-2
vrk3DzP2E/ayDcHlgZ1wkV1FyhIff2hbL54/NMno0QaCJrRqW/Q4s6cJrySNjnHqTFTw7Mz6Wco=
expires
Tue, 23 Aug 2022 19:10:01 GMT
logo.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
2 KB
1 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/logo.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 16:16:12 GMT
server
cloudflare
age
1122
etag
W/"89cc1efb4630095200908a2c0e01275c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f9673e579c0a-FRA
x-amz-request-id
WQESBR5TB9JFYE3J
x-amz-id-2
qFQJvMjngqorbANFUuQs8MzFEzSNamt3oGViQCUaopHQq3W96RZJnmY7mcnIbUPKoKX2EwroNIs=
expires
Tue, 23 Aug 2022 19:10:01 GMT
copy_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
12 KB
4 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushmobile.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 16:16:12 GMT
server
cloudflare
age
1122
etag
W/"48521ed69677855391819664023f03a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f9673e5c9c0a-FRA
x-amz-request-id
B6A7GS5X6SMAN8R5
x-amz-id-2
Y91bCoZKvgJW0ggwHFOAEDOzK43qruDkYPIkYuzBc2gUIwzg072DOBFy6Oy8QqlZSa0hAi8HSvw=
expires
Tue, 23 Aug 2022 19:10:01 GMT
copy_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
12 KB
4 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushdown.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Jul 2022 10:09:11 GMT
server
cloudflare
age
809
etag
W/"b021ae3bd30deb5a02a9d0476e269ae5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f9673e5d9c0a-FRA
x-amz-request-id
Y7JTY68D59CTDX3C
x-amz-id-2
H8TJLaIiJWiM3J5uJynpE/5nvSCrV6FFW5t3FnMIf5ZO0u/tK2Xm9ixIxMuU4UA9ZDbOD3Eb+YM=
expires
Tue, 23 Aug 2022 19:10:01 GMT
copy.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
12 KB
4 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2022 15:53:45 GMT
server
cloudflare
age
809
etag
W/"6a14ab0d467b44cc536dff1c855843d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f9673e609c0a-FRA
x-amz-request-id
BEYERDT39A0CYGBA
x-amz-id-2
I4M2yrH0Bs34efHg7QJkg8fYUqbI1srLBsDWBChbc1Ls4U1zYyE54YybK/ClX6IcIBKk5+8s+3A=
expires
Tue, 23 Aug 2022 19:10:01 GMT
copy2-pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
576 B
576 B
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2-pushmobile.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b14c2c71bff7391e8ce4a4cf739c5e747627e9de00407dbfc9ae15efc468310a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
213
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
public, max-age=1800
cf-ray
73f5f9676ea79c0a-FRA
x-amz-request-id
F6Y9CS7VFZCHPY15
x-amz-id-2
t5nD1Nr8EICn7l+E6SWkV/zOmhYeTFDbM0Ax38jX233/qLKQmAM9rIUWqAfWkVytDlIgJXj/tRo=
expires
Tue, 23 Aug 2022 19:10:01 GMT
copy2-pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
574 B
574 B
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2-pushdown.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3400732cfc11f1cf6e7a1a1a1c177c4b386382dfdea98f4bde60746158f47ef7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
213
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
public, max-age=1800
cf-ray
73f5f9676ea89c0a-FRA
x-amz-request-id
F6YBTA2XGTQG2H6E
x-amz-id-2
t8w/uCcZklzyUK1BmIhMX6DJcop62CiP+FMJsTSIsbR8+fcUNXosi34q770ONkVqvDNHm2kEvA0=
expires
Tue, 23 Aug 2022 19:10:01 GMT
copy2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
5 KB
2 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Jul 2022 16:09:58 GMT
server
cloudflare
age
809
etag
W/"dc43a4e11b82fa41efb8bdc2acd73425"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f9677ec99c0a-FRA
x-amz-request-id
DA2MERVAJ0GJ24B3
x-amz-id-2
k6xB2zoLpEdUBRjoD8vexFbLTRSsNSA+R5EzGZVkpEBU2szfM6ECoTBJ+NpifJid8Yv16Oh/Wcs=
expires
Tue, 23 Aug 2022 19:10:01 GMT
copy3.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
6 KB
2 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy3.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Jul 2022 16:09:58 GMT
server
cloudflare
age
1121
etag
W/"9048820dc635dbe10d09725e919ba54f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f9677eca9c0a-FRA
x-amz-request-id
8VT90C9BTB3HRBYZ
x-amz-id-2
aZzVsKog2cHZx/daeB22eSz27LlCffQGrnhBc7aPohkkMqRLLcwLuggbe5y1zFvDwQICP7pS7rQ=
expires
Tue, 23 Aug 2022 19:10:01 GMT
cta.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
3 KB
1 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/cta.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 16:16:12 GMT
server
cloudflare
age
1121
etag
W/"b26d0f732978180e7c2480406f97e7f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f9677ecb9c0a-FRA
x-amz-request-id
S271SZGQXWZEFF33
x-amz-id-2
x2CewUPfp8MdD64Xlqyx6I3xt0OXXWUADro9Y9P4PcS5eb8CwzuABx8dcT3hXInQk+WRD0aiPIM=
expires
Tue, 23 Aug 2022 19:10:01 GMT
legal2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
12 KB
4 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushmobile.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 16:16:12 GMT
server
cloudflare
age
1121
etag
W/"22316355cfe04cd150c2b810a54167a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f9677ecc9c0a-FRA
x-amz-request-id
TZXQADXZF2QKGS70
x-amz-id-2
o+/L55P7Uw7Pg3V8X/wTQdPI7kFjKszwL7xD97g+mD63ebCNvTeEXPNg7oOzlqSS5twvkpNICOM=
expires
Tue, 23 Aug 2022 19:10:01 GMT
legal2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
33 KB
6 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushdown.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 16:43:44 GMT
server
cloudflare
age
307
etag
W/"19cfc2171558b226e44590caa30ac756"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f967af119c0a-FRA
x-amz-request-id
FS1Z3YD57QCJTZB6
x-amz-id-2
pEt2rhya5GfwqPWx5vIZC1pnM5nIsz7Lsc8M16DkjZMRvCKFHJN0fJILBqsMVFneTf8hekvhOcg=
expires
Tue, 23 Aug 2022 19:10:01 GMT
legal2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
33 KB
6 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 16:16:12 GMT
server
cloudflare
age
809
etag
W/"a33282a0f66d9e18e14ed6c9fa761dd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
73f5f967af169c0a-FRA
x-amz-request-id
JQEG6KJR6H1ENX3A
x-amz-id-2
B99OxczYQ4YpthS1ZBZOkhw52oHz8zp0jdwWCHkmEbiHwRge5tuPujk0ITAHaMoYwv8NyShWTAs=
expires
Tue, 23 Aug 2022 19:10:01 GMT
rocket-loader.min.js
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame BB79
12 KB
4 KB
Script
General
Full URL
https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Aug 2022 16:11:23 GMT
server
cloudflare
etag
W/"62ffb62b-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
73f5f967bf2b9c0a-FRA
vary
Accept-Encoding
expires
Thu, 25 Aug 2022 18:40:01 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 6588
48 KB
12 KB
Script
General
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1071527
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
73f5f967480f6904-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
setuid
sync.quantumdex.io/ Frame 03EB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5275872984954526629
43 B
106 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5275872984954526629
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73f5f968c977900c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 18:40:01 GMT
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a9d32d83-fd98-4743-8f13-581ca401846c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5275872984954526629
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 03EB
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=2f151b34-eece-52eb-9a2e-d5f2f92bcaf3
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=2f151b34-eece-52eb-9a2e-d5f2f92bcaf3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73f5f969fad0900c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=2f151b34-eece-52eb-9a2e-d5f2f92bcaf3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
ssp.disqus.com/redirectuser/ Frame 03EB
0
217 B
Image
General
Full URL
https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.59.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-59-108.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:01 GMT
cache-control
no-store
vary
origin
expires
0
v1
match.sharethrough.com/FGMrCMMc/ Frame 03EB
0
35 B
Image
General
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.77.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-77-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
pixel
ap.lijit.com/ Frame 03EB
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 23 Aug 2022 18:40:01 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
0.gif
id5-sync.com/i/495/ Frame 03EB
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216533.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 03EB
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73f5f969aa71900c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 23 Aug 2022 18:40:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Tue, 23 Aug 2022 18:40:01 GMT
setuid
sync.quantumdex.io/ Frame 03EB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QLf9BpRE2uGWLs6oCjrTkaW4NNRB8voLJmgqUzk-~A
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QLf9BpRE2uGWLs6oCjrTkaW4NNRB8voLJmgqUzk-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73f5f969facf900c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QLf9BpRE2uGWLs6oCjrTkaW4NNRB8voLJmgqUzk-~A
date
Tue, 23 Aug 2022 18:40:01 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame 03EB
0
240 B
Image
General
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
9XjhSC_BeUWK2ATWcqTt9FzZBRnmZQOO_tGSmrBQmpSt3gcNe7KnEg==
x-cache
FunctionGeneratedResponse from cloudfront
usermatch
r.casalemedia.com/ Frame 5500
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
1 KB
2 KB
Document
General
Full URL
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ca6f99e16916d6c661a522c8451ff7d09b45e4feadf0f99cf572bb3262539c

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73f5f9697bfe90e8-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 18:40:01 GMT
dropped-udsids
39|230|241|45|188|191|8|51
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFQl5MNwFz2ohUSo9lERnCDR7zi9Mw%2BIviCzwMgWo8XoFz7hKh%2By%2FMuUycZOa1Cl3M4%2F22IShcqvVwtPgE%2BRsfGlIoGZ1hZLRJ2%2B9XSwRfIVHzC1Lepr3G2yCCxZCc9%2FBrT5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73f5f9688faabb89-FRA
content-type
text/html; charset=iso-8859-1
date
Tue, 23 Aug 2022 18:40:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zqy9wz0esTaDBtZWghR7fDmpBQRSCNSGo3Pw9cmWFW%2BPr%2BBiwqp%2F303kJH9iwTOkItYA5%2FqeoD%2FfpTYWQhEKkSd1krC92wxmNH9uqBCmvDk6WY%2B%2B5NzpiVLqBxfsEPf6wgnVea5I0m%2Bmyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 56EC
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame FF1C
0
0
Document
General
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Beverwijk, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BC85
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=78840
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 24 Aug 2022 16:34:01 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
css
fonts.googleapis.com/ Frame BB79
8 KB
730 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:11:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:40:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:40:01 GMT
jquery.js
awscloudfront.ml/ Frame 309F
14 KB
4 KB
Script
General
Full URL
https://awscloudfront.ml/jquery.js
Requested by
Host: awscloudfront.ml
URL: https://awscloudfront.ml/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20b8b347154b8a6a144efc72ab1e879c4fd518ccab777235650f9e6c448f281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscloudfront.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1e%2B1Adtaj%2BDEj6ZNwSSl6epne8Im6LDr%2Fjz%2Fu3yv7AvEmilbaA4HruR7dxQtLNGXSd8GiTUnSWq9FBFd4qUmvrx5rLm2TPCYMwwM7gQ5HUxlPqeogp4o5vsgI2WVGwC%2BLpnz81gVGUVSrhJ6WMo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f9686b169220-FRA
expires
0
/
megacdn.top/ Frame F158
208 B
692 B
Document
General
Full URL
https://megacdn.top/
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3f9d8ff33e31cd0334df91cdb3586df887757daeb652ed27c69b6a43ff78e4

Request headers

Referer
https://futebolistasonline.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
HIT
cf-ray
73f5f968695e9072-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 18:40:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icdDKABwZmpUyTSaVuw0TCBhZ5jINNX6oM%2BY17RObJF75KJdrikxfWJpq8b%2BYLUk5S3RS1Oe6CWoLOsCLIoQT4iyNk%2F%2BJbNFooLsiGkXEbFr00RZQAn5Fs2SqXnib2ss4bKGeejd0lnXqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bg-interstitial_2.jpg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame BB79
58 KB
58 KB
Image
General
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/bg-interstitial_2.jpg?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba913468293ae1abf070f0d046c5df2a36c70038081c8af25eebef3d7ee2db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
cf-cache-status
HIT
age
213
cf-polished
origSize=64220, status=webp_bigger
cf-ray
73f5f968d9269c0a-FRA
last-modified
Thu, 07 Jul 2022 16:09:10 GMT
content-length
59104
x-amz-id-2
IEuUCuh0L2ZOKcrk3OegOtD395w8P0H3J+KAefbRpL5ftQny9/TQ/XKa3YS19WdKDDRuoTqMnY8=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"7d1d2825873f79c09308406be23edd7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
N6H9K4DWQ8J2MYPB
cache-control
public, max-age=1800
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 23 Aug 2022 19:10:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame BB79
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp.cleverwebserver.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 18:50:34 GMT
x-content-type-options
nosniff
age
85767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:50:34 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=D_g4sHxNOUlEa2xidnpMR00vd2dvbkVML3BPVXpKczNxaU9VeFFtaG9KMjJtQ29nblNyYnkzQkt2SFc5UWNKd0pEdTVsZElkMXg4and6NFRQUkMzMGRYYWwraWhEYllQNVJZNnlWOHpHOHdoYkErU2p5TVE5WjVINU1tTEliT0Q1bHBiK1JoY3ZpT0lzRm1iNXQzZXozbU1wWHc3eWFaWGVKTFpWRjZ2bDEyVG5idU9KRmxjY1V2T0lFYjIyQm1jUXRDMGtNd0ZtN0xzSjRvSTliRkxZOHBGOTBvejlCbmNGQ0lHNGxSekNnU3lRNEVXMmhEcXRzSjFBQkZMQTFhQWRJOGxnfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 23 Aug 2022 18:40:01 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1058
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 2FC4
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucJ2rs9eP8UYBSZQTNz9pjKxJOS3SNIK_SPVRpUDi_OB5n9xQ40npWNEZfgmbc_VQoMjOcZ8mvWavf9eqny7Jem8CRgTsbR5-gGvh9H0YgW_iO6bzkSm2EaVYwbRKR_Hvwe4qnfP4BMV7E&sai=AMfl-YSot6SLFn19CRYOU2EoFrRevDrsz266DdKbWEDL3M8Oti22OCLT0BCbw0BuSaN0tcFVndpxto8rwFgE1vh0yK-uSzGNMTAs_7O3fXxy-927C-PQ7IXhdaPqCiM&sig=Cg0ArKJSzLmTM9NAGJAGEAE&cid=CAASF-Rof94ul_TbNJpeXnfHgOgvkUaZ0fiX&id=lidar2&mcvt=1202&p=639,992,889,1292&mtos=1202,1202,1202,1202,1202&tos=1202,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3523648189&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661279998797&rpt=1329&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clever.de.min.js
lp.cleverwebserver.com/bet365/js/ Frame BB79
9 KB
4 KB
Script
General
Full URL
https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01003470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Aug 2022 16:55:55 GMT
server
cloudflare
age
733
etag
W/"f608a5d30dd77ed8de7ceb968e854f04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
73f5f969eb099c0a-FRA
x-amz-request-id
0RY1NXDGXJWA63KR
x-amz-id-2
Ya1widQVL23nx3UZ0MJ/mL1lxvxvoBKhySInYd1X81Z/CjkqF5LNeY6n6ZC31/izUtc5xIVsygk=
expires
Tue, 23 Aug 2022 19:10:01 GMT
jquery.js
megacdn.top/ Frame F158
14 KB
4 KB
Script
General
Full URL
https://megacdn.top/jquery.js
Requested by
Host: megacdn.top
URL: https://megacdn.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20b8b347154b8a6a144efc72ab1e879c4fd518ccab777235650f9e6c448f281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5bbGyQLoClIWCVnk7y6BMjrBhuw0xez8KY%2FIK4DQlUuValQx3vJaJkrPt2VlAj7uJiIUZSMzODGr8FIuRK%2BYq5nqc3PjSHR2YDb9xMp6xOH69PCzbL3zhFG4518862RRMfxX8Bd73GRXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f969eb819072-FRA
expires
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame 05B0
0
324 B
Document
General
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
73f5f96a0c4a6904-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
casale
match.adsrvr.org/track/cmf/ Frame 5500
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5500
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwUfAesU1WSG9FdQd0vHDgAABFMAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5500
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwUfAesU1WSG9FdQd0vHDgAABFMAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwUfAesU1WSG9FdQd0vHDgAABFMAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwUfAesU1WSG9FdQd0vHDgAABFMAAAIB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 18:40:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7ZRSM78H0VF4XW3HNMNA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 18:40:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
J8M46BSC2J2R79DW967J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwUfAesU1WSG9FdQd0vHDgAABFMAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5500
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwUfAesU1WSG9FdQd0vHDgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPN5XSrQ8Wxl38LBguL71Dg&google_cver=1&gdpr=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPN5XSrQ8Wxl38LBguL71Dg&google_cver=1&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73f5f96bdf6c9a2a-FRA
pragma
no-cache
date
Tue, 23 Aug 2022 18:40:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okhWjPzUv66RbXLHBoPwLsRa3bNp%2FJESSOpynUYBB8JgaRse5OQzDToXDBY9AwzNlYHirzDhneGi1kbgWTGze2d0dGmQ2awBhYkhxo2VlKg5q3NFUG1GX%2Fyv58Aa%2B6ckHXuyR1vb46aAFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPN5XSrQ8Wxl38LBguL71Dg&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame 5500
0
35 B
Image
General
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.198.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-198-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
crum
dsum.casalemedia.com/ Frame 5500
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e5247e8b-6245-6855-a8d3702f
43 B
945 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e5247e8b-6245-6855-a8d3702f
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73f5f96c18845bf9-FRA
pragma
no-cache
date
Tue, 23 Aug 2022 18:40:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfxnJ3gjdOmZX9fWPRqImVdSIsHi3jruXXLauQ58bbX%2F45LyASGVlTprmLbFjBrzEIl8%2FFukxYivcVxtK0WzpEfzhdYt3ZCrYexjIpTQ%2BjYo3FgjxMJtcfbS2NQzAMMdqnA0FXFt"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 23 Aug 2022 18:40:01 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e5247e8b-6245-6855-a8d3702f
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame 5500
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=22eddc2b-71dd-40c0-ab33-167894863214&expiration=1692816001
43 B
911 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=22eddc2b-71dd-40c0-ab33-167894863214&expiration=1692816001
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73f5f96d19219a2a-FRA
pragma
no-cache
date
Tue, 23 Aug 2022 18:40:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcJbe9hB%2BuLMLqo5%2BLAy6fHz2pKZiCkSa6W1zi09IQVDoJCfzSMAAooRfvzkxNBYLpp7ETO3TQSSnrI%2BzwiPHVaCngwbDerIWpdhVdifvtnQC%2BvOT3%2B8SHDi91WiRncTMLAN2%2FblyclY0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=22eddc2b-71dd-40c0-ab33-167894863214&expiration=1692816001
date
Tue, 23 Aug 2022 18:40:01 GMT
server
Kestrel
content-length
0
sync
x.bidswitch.net/ Frame 5500
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.40.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-40-23.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:40:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
setuid
sync.quantumdex.io/ Frame 5500
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YwUfAesU1WSG9FdQd0vHDgAABFMAAAIB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73f5f96a2b17900c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
3ad2c3d5e5e070bc42afe323123f4d
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 8187
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/3ad2c3d5e5e070bc42afe323123f4d
0
381 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/3ad2c3d5e5e070bc42afe323123f4d
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
73f5f96acd5d6904-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Aug 2022 18:40:01 GMT
Expires
Tue, 23 Aug 2022 18:40:01 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/3ad2c3d5e5e070bc42afe323123f4d
Pragma
no-cache
Server
nginx
x-sticky-vk
1661280001615057-520
PugMaster
image6.pubmatic.com/AdServer/ Frame BC85
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48662632&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:00 GMT
content-length
0
c1ee4c174b3b485049176b5ff8cbbe10e.otf
megacdn.top/fonts/ Frame 69D4
7 KB
8 KB
XHR
General
Full URL
https://megacdn.top/fonts/c1ee4c174b3b485049176b5ff8cbbe10e.otf
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24297771536aa56b0c34c9913dbed83d5925d2c80dd654109a4477c093aa021f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7120
pragma
no-cache
server
cloudflare
etag
e5cb8c6b1538f7ad9e21057159a9e998
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FuBy9bYoBUDDHtLBqrXQVCeYuj8b8FC8QzgtDAa1OL8yE4evK3EEFgrV1xuByYTNKj7%2Bz29s30yVTBXpGDEQZgh8jkmwHjfABN7AgtCKDfhNAu4gLzdMFN6A9r6qVJpKw%2Fmln6tz3tlSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f96a2bdf9072-FRA
expires
0
DefaultAff.aspx
members.bet365.de/Members/Helpers/ Frame CDC2
84 B
741 B
Document
General
Full URL
https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01003470
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Referer
https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
73f5f96a3ec3693a-FRA
Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
177
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Aug 2022 18:40:01 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ME-Redirect
PQB
Server
cloudflare
Vary
Accept-Encoding
410fba9f-e7bc-41ef-89cf-68176df5a45a
https://www.arnolds.com.br/ Frame C28D
174 B
0
Other
General
Full URL
blob:https://www.arnolds.com.br/410fba9f-e7bc-41ef-89cf-68176df5a45a
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e55275e2cf00c39ce90846157f36235e11ad02f5718bfc6afb5a55fcf692d25

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length
174
Content-Type
text/javascript
/
awscloudfront.ml/ Frame A27D
208 B
692 B
Document
General
Full URL
https://awscloudfront.ml/
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3f9d8ff33e31cd0334df91cdb3586df887757daeb652ed27c69b6a43ff78e4

Request headers

Referer
https://megacdn.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
39
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
HIT
cf-ray
73f5f96aae139220-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 18:40:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqeQLl8oebVMjYSZDgAePKiV93Wf0pQOnByabGWV87hCTW%2FohlXNsneqrRmSePDIoG3jfE%2FQPu6dwJJDkPxV5i9Izsjl5nxhjk%2FcYV0ys1PGuelX3zWvFaubMw202R8T0Jlg6FQxv0ct3bmtXpCp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
9hR33K4x2U0Fu1ts6IZn
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame AFF5
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/9hR33K4x2U0Fu1ts6IZn?pi=smilewanted&tc=1
0
432 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/9hR33K4x2U0Fu1ts6IZn?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
73f5f96bdf006904-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 23 Aug 2022 18:40:01 GMT Tue, 23 Aug 2022 18:40:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/9hR33K4x2U0Fu1ts6IZn?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame 65BD
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=da7423b3d0695eaa08b99a96541fcc66
43 B
1 KB
Document
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=da7423b3d0695eaa08b99a96541fcc66
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
224eb27c-d7bf-47b5-ae5c-eba90d906625
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 23 Aug 2022 18:40:01 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
73f5f96b9ea66904-FRA
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=da7423b3d0695eaa08b99a96541fcc66
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 9C97
1 KB
897 B
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73f5f96c0ba4bbce-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
jquery.js
awscloudfront.ml/ Frame A27D
14 KB
4 KB
Script
General
Full URL
https://awscloudfront.ml/jquery.js
Requested by
Host: awscloudfront.ml
URL: https://awscloudfront.ml/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20b8b347154b8a6a144efc72ab1e879c4fd518ccab777235650f9e6c448f281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscloudfront.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iHYk4Tnxvb2D5ezvLWK%2BH1kwJYJjpOsVbJhyCYWdQK9ob7ACuWpOSYUS%2FyvexlGKB7iDrHiIt6pWS5jDmJsd%2FCm81wZMHt%2BQo6RTgoScXYZFn3QSw8o91%2Bd1D%2F5uAy5LlQAZDhdW8Es%2FBkxXv2U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f96bafa79220-FRA
expires
0
getuid
sync.smartadserver.com/ Frame 56A6
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B
Document
General
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 23 Aug 2022 18:40:01 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Tue, 23 Aug 2022 18:40:01 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
20779243-bafd-4a06-a00e-6e2e982d349e&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 5A0B
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/20779243-bafd-4a06-a00e-6e2e982d349e&partner_id=1010
0
507 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/20779243-bafd-4a06-a00e-6e2e982d349e&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
73f5f96cd9106904-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Tue, 23 Aug 2022 18:40:02 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/20779243-bafd-4a06-a00e-6e2e982d349e&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame 8B12
0
0
Document
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
66ef90d06496cfd000aab8206f2b6221
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B0D0
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=78839
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 24 Aug 2022 16:34:01 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
YwUfAesU1WSG9FdQd0vHDgAA%261107
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 6973
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YwUfAesU1WSG9FdQd0vHDgAA%261107
0
850 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YwUfAesU1WSG9FdQd0vHDgAA%261107
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
73f5f96d8ac76904-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73f5f96d3e319be6-FRA
content-length
0
date
Tue, 23 Aug 2022 18:40:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YwUfAesU1WSG9FdQd0vHDgAA%261107
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13T3AK8EMrKKe%2F0zznTRzs8HrLIAi30wSsTzy4IxJPsRSTx2YDaDlvefk%2BsgythvELX%2FQ47CpWaq%2BY01awd%2FXClreumE6Ami%2FEJoeefZ7%2F3vxRi9jGjchMpY56NWA0FW0GQV1CFbVsv40w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ff9650ad-2312-11ed-8199-1d34abdd0306
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame F6F4
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=ff9650ef-2312-11ed-8199-1d34abdd0306
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/ff9650ad-2312-11ed-8199-1d34abdd0306
0
609 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/ff9650ad-2312-11ed-8199-1d34abdd0306
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
73f5f96e9c926904-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Tue, 23 Aug 2022 18:40:02 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/ff9650ad-2312-11ed-8199-1d34abdd0306
Server
nginx
X-fe
30
i301a18860e11e5a70468ddc2f36fe34b.otf
megacdn.top/fonts/ Frame 69D4
432 B
1010 B
XHR
General
Full URL
https://megacdn.top/fonts/i301a18860e11e5a70468ddc2f36fe34b.otf
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a972c0c99efa23c96703b715ed2daef5b9827e2e0de057288bfb796d4268b7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
432
pragma
no-cache
server
cloudflare
etag
05475eeaa2da254dce4154bf9b514aac
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vy%2FbUt8VkD3hedY35B3oFu7DrgYBQmzzunb3K7VkUOL%2BZHnGjutOuW96G98ABfjNGRcJsxXovmwcp3E7eky3DAk94lW5Dzt6yYSqkPSG6Wyo1NOGKWOArFTGoljtt8RS49bP69IV6AdBDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f96dba849072-FRA
expires
0
1
sync-eu.connectad.io/syncer/ Frame 37D4
0
0
Document
General
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
73f5f96e2faabbce-FRA
date
Tue, 23 Aug 2022 18:40:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
c27c1aed83627845dd2a68a83ddc3fa41.otf
megacdn.top/fonts/ Frame F158
7 KB
8 KB
XHR
General
Full URL
https://megacdn.top/fonts/c27c1aed83627845dd2a68a83ddc3fa41.otf
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24297771536aa56b0c34c9913dbed83d5925d2c80dd654109a4477c093aa021f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7120
pragma
no-cache
server
cloudflare
etag
e5cb8c6b1538f7ad9e21057159a9e998
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCzU2TxlFxy%2BrQuOcH73NWJ1rdW%2F28XWuggZxoFrsQ6eb0xUeE%2FS1jPGZXHYzCwOm6qN3JHSBs0qV76%2BPOJavlcVqXIuFd1qYLs8qRBaBMRWtRpYeT4mR5ijWeXFIAFPdAveQBTU3KKJwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f96e9bb79072-FRA
expires
0
b70fc085-6eb7-4192-9d8f-f9dc27afa424
https://futebolistasonline.club/ Frame 23EC
174 B
0
Other
General
Full URL
blob:https://futebolistasonline.club/b70fc085-6eb7-4192-9d8f-f9dc27afa424
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e55275e2cf00c39ce90846157f36235e11ad02f5718bfc6afb5a55fcf692d25

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length
174
Content-Type
text/javascript
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac1bf2466b9a9281935e8538b267912d4950a96593089d6e8d3226bc905e4374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 18:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11105
x-xss-protection
0
syncframe
gum.criteo.com/ Frame A043
2 KB
1 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.arnolds.com.br&gdpr=1&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
972
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 18:40:01 GMT
server-processing-duration-in-ticks
492
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082201.js?cb=31069092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 18:40:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1B9D
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9214
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 16:06:28 GMT
expires
Wed, 23 Aug 2023 16:06:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F0DD
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6eccb590ef3adb4a2dc941f70c75c268f6e3938cc0509e63b6c39f0675d37a48
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--_wtVM3Lff0HioctKfNr0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce--_wtVM3Lff0HioctKfNr0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 18:40:02 GMT
expires
Tue, 23 Aug 2022 18:40:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
m4889d3f8297ba3edf6742129c80a4da3.otf
megacdn.top/fonts/ Frame 69D4
13 KB
14 KB
XHR
General
Full URL
https://megacdn.top/fonts/m4889d3f8297ba3edf6742129c80a4da3.otf
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62cc85a0e918ca662ecde9ebdea7e32cc473770957860a9858906509ad2aa3c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13600
pragma
no-cache
server
cloudflare
etag
41bdfe94af3728ad116a953e4cbf6de6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRr87HgOASqjiYEosXyUbHWX2mLvCj5vzpvaCiuC8CGBfg4J3EGL9QuOCZ42vRRePSXHUmBdqq1ieIpe7oPNY8VLLJ2B6ae7Md0tEbqrXzT02xrSeIxExDtgsaWzkB6pJAnVD2sUJgpENA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f9719a039072-FRA
expires
0
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 1B9D
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 12:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
20562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 12:57:20 GMT
i301a18860e11e5a70468ddc2f36fe34b.otf
megacdn.top/fonts/ Frame F158
432 B
1014 B
XHR
General
Full URL
https://megacdn.top/fonts/i301a18860e11e5a70468ddc2f36fe34b.otf
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a972c0c99efa23c96703b715ed2daef5b9827e2e0de057288bfb796d4268b7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
432
pragma
no-cache
server
cloudflare
etag
05475eeaa2da254dce4154bf9b514aac
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rs5vtU05Ozew3xPCBB2vswYsUeiS6vitF3253yPWfJSbD8ADpBmsk%2B9EgMUaBh0ix794Rkcxs9Lone6CSjGwvYc0SCsEoO%2FpjQH9XX6n%2BYjIkCHok6j782j%2FKXlMrWedkv3MZFIx%2Fo2RQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f9720ad59072-FRA
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F0DD
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082201&jk=992353446576962&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

m4889d3f8297ba3edf6742129c80a4da3.otf
megacdn.top/fonts/ Frame F158
13 KB
14 KB
XHR
General
Full URL
https://megacdn.top/fonts/m4889d3f8297ba3edf6742129c80a4da3.otf
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62cc85a0e918ca662ecde9ebdea7e32cc473770957860a9858906509ad2aa3c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13600
pragma
no-cache
server
cloudflare
etag
41bdfe94af3728ad116a953e4cbf6de6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoDYg5Eb2QiRnmppxr%2F5Lgmq6Yg%2BXKJDO4hQI6fn6xqkd739N7zgFTFR4uTS548S0uZN15%2FHnkANMf0i%2BizCHiZBrTehKVD5aAvtVUEKyRCkLuFw50N6XdbUJq%2FcH1o2rSPHSt43kX%2Beuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f9731ce79072-FRA
expires
0
generate_204
tpc.googlesyndication.com/ Frame 1B9D
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ekRYGw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
www.streamix.tv/ Frame F9AB
552 B
892 B
Document
General
Full URL
https://www.streamix.tv/
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c792b86b3172a79f73f09d19332a36b09140235f22a569ec8259e6dfaf17f9

Request headers

Referer
https://megacdn.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
BYPASS
cf-ray
73f5f97569ad995c-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 23 Aug 2022 18:40:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5xRRW4jRyRMgoERLL0YsF6J1ZHzAXz3iXxLCOpKddnXCcyOq5mqxOmmC9n21XKSjRUcUg2Ho1Lo4av%2BFjV7i6B8cEsCSxAO54SYC%2B9R0ez0njYn0w6OD%2BR9nWvt93OzkL6HW0thxJK7e8JW8U0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
www.streamix.tv/ Frame B059
552 B
852 B
Document
General
Full URL
https://www.streamix.tv/
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c792b86b3172a79f73f09d19332a36b09140235f22a569ec8259e6dfaf17f9

Request headers

Referer
https://megacdn.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
BYPASS
cf-ray
73f5f976dc359b88-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 23 Aug 2022 18:40:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BcLqDdkxZrSFvRyxcYDX7vMaxu%2B4bzGBQd%2F32NHPpDbIBOTHaxQWCZzBQ3Iwzotf4Ie5MxBhK86ZA7oGrss351oHGtaF8HN%2FuJaa4TH%2FJ71%2B%2B1di%2B2pd8gI0mj6paTpS4i%2BR6KIWpk9Dp4f1bg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.js
www.streamix.tv/ Frame F9AB
14 KB
4 KB
Script
General
Full URL
https://www.streamix.tv/jquery.js?1df8cvllu8bluzkxsfrzitn7tbq0m8uq
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20b8b347154b8a6a144efc72ab1e879c4fd518ccab777235650f9e6c448f281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Aug 2022 18:39:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Fh6EQsGZnqXvVViQZNwi7aXCK0Z51EXAiH2xRdX4%2FCowq2NeUZb0UYUDBBGmK9ZGTYLPckpOSWxZrrNWZnCbxqom4I0Loj7WLvn7G1KMUHdvye9apvnPRuWKTcUQajkY7O%2FXwnWu1WLFzq44tE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73f5f976dc319b88-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082201&jk=992353446576962&bg=!n5ylnNjNAAYUOm8VNDo7ACkAdvg8Wi4UcwEf-AB0MYMiZ6O-TWCYrbTKRN1G95MLv9y9OW7kTeXnggIAAAEGUgAAAAFoAQcKACIcoM64mTgbErVrGJeptIiATI_68uFr2YQARSa9Vio9wBKgmQLPnj43LUom0nS_ecs7zzeLoQY2lQBcayVFFnRIq9lolGbuqoha1cbM_RjCb_SBchfAboswdcLTV3CKXASS3jI23UvvmC5xFXO8XymnrhnwDbrWO7u65NMPYEEf4By2r94JVigbJr7mAPyeNT9I2bUJM1eyD-lPMXp8_ugqAKCO6XFiCbKzeNZggiYWc7JHoJkHqcTFYcwO0ra1tZixDrVeLY3SNs8Nz5KW_EVO-Ug1JOlFAfOYQiHUsVBls_dFEsU15hJbekYMxnH79-2FlSmYklVgyfbqKXoQtchWMEasJrITkbCX1jwOlTidFQt7Yx30V5_UUOOmkEe8j0XVSe6Ujewg4TTQT74AkHtnQNCi1TuqIjKsxgJawMjLKzJfTA_FGLnquT-1O0vp0W2kgvSL1pa_lrB0BNZdeOpxCvnAiixEaIdk2TxWBT7qJ5WIpkBowWpw0LfdltR2Eu3WiI3Ci-e2GcXZGxSBzjmG8HIp5S-vPUZznIpv1Tjzvy_BFj3UZAPypdu7eo_BH1RHcrPZgICZkk5Vc8NSVXtNmwJ4figfgcxNVypLL73QfaF-zxlevEdv-pWknJF0ifeIduCvLJGxsQZd7Ua7KMoVl6CwNpdIuHKq5QjYRI5TmJV8EaNyP40jK4dEpDSWnIb0ZDNgE7TW2CIclhvFAqd-oRhob4-xXCmkT7iwrMeCOyq4TuAjGoJngOEL-_vq23tNSPndPEnoZ97PQsh15TPaPyKGIt2MkHWXW-_d92-FzVQapFR1WDWiwCfiFux8SWPO1DT7ZUdjVcTkMhbfbTFZIqJ_fjowPuViD1ZR1XklpaLvHsrHD-gH__RCwHR-9DsM3KoQZyko51cmRwZrZ_ol92FpJlMHQ2o-nAVLbhHCj62SsyBD1EjlEnw9KuyeafGRVfSKk9vH0pVDglNNzz1sievQxJIR9Mp_3G5gz_aXfUEBbNI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

o-turista-temporada-1
www.streamix.tv/assistir/5463/ Frame 47BD
75 KB
17 KB
Document
General
Full URL
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb66d273929d30c6c8ecd7490321a004f14623bb992e5edd3f74a8641f31460a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
BYPASS
cf-ray
73f5f9781e579b88-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVPEfyKRpiBC8IKozIMu36r5Hkd45xNUX9KvG0oRCxwfiEzUEfd2sIR75lDDxo7cKOJpB2AL5hHlyPJ%2BHTFMrye0jDrj43K80CqFL6lM1RMJf7Kci5fadS9Y65xWzj0y4f6SFLgTrrJeG0MLeLg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/ Frame 47BD
10 KB
838 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,400italic
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ca4f60192d0be869f5ab5c73d8586b562a06c00b0ab098b3f11c204b166a2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:40:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:40:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:40:04 GMT
font-awesome.css
www.streamix.tv/assets/anime/plugins/font-awesome/css/ Frame 47BD
37 KB
8 KB
Stylesheet
General
Full URL
https://www.streamix.tv/assets/anime/plugins/font-awesome/css/font-awesome.css
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:31:37 GMT
server
cloudflare
etag
W/"5e8675d9-9226"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fb%2BzLLnbjp3kyC8uzh7PR8guTJuG%2FWlMcBtNMzHkkUtlhPzTemFePoiqfoGQHoM0M5YHASnuwjfInezG9p6g7oeswQ2T5VNm5mMUinBMy9A2975jqU4EI7XTa1aR7K5XLrQZ3zXwCmM7bNENe4s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f97968919b88-FRA
expires
0
bootstrap.css
www.streamix.tv/assets/anime/css/ Frame 47BD
67 KB
11 KB
Stylesheet
General
Full URL
https://www.streamix.tv/assets/anime/css/bootstrap.css
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5471691331fe5befc0daf136f494fd54d521fa9eb701acc6e6f4895883cbb82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:37 GMT
server
cloudflare
etag
W/"5e86759d-10b7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDsrsXbrDbNsXsa7oQEPnCHkrPtOaJSYvSkAOxqqwhJkPaxho5xcGn8i3aS5%2BapC0Nct0AIkTUZ%2FNryFoK0xd%2BfTlecAPwn5tBcUU0pfYdUz5nJdzXXtCI3NaHy0vt2WP9HRuitfFt9vEgTwjoc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f97968939b88-FRA
expires
0
main.css
www.streamix.tv/assets/anime/css/ Frame 47BD
162 KB
29 KB
Stylesheet
General
Full URL
https://www.streamix.tv/assets/anime/css/main.css?v=1.2
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4485dcef2a437330081fc0e8a0059d542f763746b32eccf2ac438a21012e6b0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Sun, 23 May 2021 14:47:36 GMT
server
cloudflare
etag
W/"60aa6b08-28684"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGOPWs6sXinmuvJyEMOSeIJRusrsiadLaBu1zZdJABiLX%2Bsl6Fy61nqx4uWsP%2FnAT9oIWkg8z8I7BkGluEhlJosetc8BEKF0%2BOwG8PnRJ6Oz%2BJn6TqKjaQwmXGIWUGqn52OTYYQ%2FEr%2Bz10Hd924%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f97968959b88-FRA
expires
0
toastr.css
www.streamix.tv/assets/anime/plugins/toastr/ Frame 47BD
8 KB
4 KB
Stylesheet
General
Full URL
https://www.streamix.tv/assets/anime/plugins/toastr/toastr.css
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7290b870b4b3785b24bb7296a6db28943b0afbd3db6f17737fafbfa038cc49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:31:13 GMT
server
cloudflare
etag
W/"5e8675c1-1eb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuA6rDnNYQoRPG96kcLZl0uEtAgu3NGtI7eNJoZ9dFVOzoN9Wd8c%2B1f%2FnNm9qUMa%2BmLVDzkIk%2FKdPJagcKHebNhigjlPFX63ptppK2jNGqZwuMHQ%2FdCyEMRGbYqbnuzMaZr64%2BXj0OSTUeXnD2M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f97968989b88-FRA
expires
0
jquery-2.2.4.min.js
www.streamix.tv/assets/front_end/js/ Frame 47BD
84 KB
31 KB
Script
General
Full URL
https://www.streamix.tv/assets/front_end/js/jquery-2.2.4.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:48 GMT
server
cloudflare
etag
W/"5e8675a8-14e4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4SzpqU5oqfcO%2FDsyf0aV6N%2BhZ7msC6dpRCCBK0vqzfRsnfYxi0frLl%2FUlArqeDSN7FtbEvJW3EFatVq7oQJyi9lH%2B4SE1pkhPMvs%2BuDGfs8lk9ISJ8%2Bp0IdWjibA19C2ih601J891eNqsMpE0I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f979689b9b88-FRA
expires
0
functions.js
www.streamix.tv/assets/anime/js/ Frame 47BD
22 KB
5 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/functions.js?nocache2
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a952d774e71925cbfb611e74ecdb4a98f437a609a164c1699ac9bbcb9c7aa204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 23 Apr 2020 18:38:22 GMT
server
cloudflare
etag
W/"5ea1e09e-5688"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHFWmA0%2FOnrHu6GIXNoKUND7AV%2F%2B9Nm45NXwwqnQ3vPW68IEsU3vmVt%2Bu4OQiZJpvOjHs3%2FGEswfWZf7qWy2ew5I9Z2OjN5o0cSzwOCB3nJKbLZ4UJ%2FPC76v0e121BY%2F1zM31uLYhOuCcuY7eDw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f979689f9b88-FRA
expires
0
jquery.dataTables.min.css
cdn.datatables.net/1.10.19/css/ Frame 47BD
14 KB
2 KB
Stylesheet
General
Full URL
https://cdn.datatables.net/1.10.19/css/jquery.dataTables.min.css
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
18176261
content-length
2109
last-modified
Tue, 17 Jul 2018 10:18:26 GMT
server
cloudflare
etag
"1121ccf-364c-5712f444e19c2-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
73f5f979dc639255-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Wed, 25 Jan 2023 09:42:23 GMT
jquery.dataTables.min.js
cdn.datatables.net/1.10.24/js/ Frame 47BD
85 KB
30 KB
Script
General
Full URL
https://cdn.datatables.net/1.10.24/js/jquery.dataTables.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
774a9c269c0b9092fe2bcc1b65d16eb560cad1a34c80b278b122c857da380251
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
18176265
content-length
29759
last-modified
Fri, 21 Jan 2022 16:13:21 GMT
server
cloudflare
etag
"11410f2-1521a-5d619e5c65474-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
73f5f979dc659255-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Wed, 25 Jan 2023 09:42:19 GMT
bootstrap.min.js
www.streamix.tv/assets/anime/js/ Frame 47BD
36 KB
11 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/bootstrap.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:39 GMT
server
cloudflare
etag
W/"5e86759f-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOPHaiEYU213XliiXjXHqR%2FYfDAmD%2BrwKAAuuPG07xLqHT1x6jeBqMzxVSGbqi9DZLLiUax4uEy%2F7%2FlS6%2FYCg19nUDW%2FCBh50umhyzkWqWqOCg%2BlOEBG7H8WK0DBR3YWT51IKyTB1DbNatgLSS4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f97968a19b88-FRA
expires
0
js
www.googletagmanager.com/gtag/ Frame 47BD
106 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-219904576-1
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df6d963f5c60a8081b204ff1d6494b254b8ef3e2eda060f6c4b615c13507874a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42031
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Aug 2022 18:40:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 47BD
83 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
dd6110a8dac5a0a87be0e286a7484f04330256019f21174f5e7683840e00deb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28559
x-xss-protection
0
server
sffe
etag
"1312 / 994 of 1000 / last-modified: 1661252718"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 18:40:04 GMT
logo.png
www.streamix.tv/uploads/system_logo/ Frame 47BD
4 KB
5 KB
Image
General
Full URL
https://www.streamix.tv/uploads/system_logo/logo.png?nocache3
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c10bd38d554a5955b26d10e16b1059e2855647a2fe14294b58c35cc86354b575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4569
pragma
no-cache
last-modified
Wed, 22 Apr 2020 15:07:23 GMT
server
cloudflare
etag
"5ea05dab-11d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4yDWSh4b0mXlo8vdv4G%2BFEjjwjp259UtqEtM801ds0RsPcCn6tIjDyL6WFz%2F67VBl3tKToOVARjAxJPEXWScJU1xul0McF3T2u%2BN8QlfZF3eZRUE%2BTHdTcq8BpzgXD5sFK0sfZrz0bXOzU7sc8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f97968a39b88-FRA
expires
0
preloader_white.gif
www.streamix.tv/assets/images/ Frame 47BD
634 B
1 KB
Image
General
Full URL
https://www.streamix.tv/assets/images/preloader_white.gif
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffe96b98423bb7a4e0ca465361afca090f1896831face3abdbd51365e6675c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
634
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:04:58 GMT
server
cloudflare
etag
"5e866f9a-27a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tn9anAKpCKLvm0e%2FQiIoV2ov6U8yKczageOkBhfnEZP4LXFS%2FPdJZEyLuKRYq7awYtdyc3%2BJcMk7%2F40tFPlH3fbnPbgtIySWOFWbMEGIonJFt7xiU2o0EPXtEWfHK3X%2BJCzWldNXfxwR8SKopDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f97978b19b88-FRA
expires
0
5463.jpg
www.streamix.tv/uploads/video_thumb/ Frame 47BD
398 KB
399 KB
Image
General
Full URL
https://www.streamix.tv/uploads/video_thumb/5463.jpg?v=1.0
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c64a4bea500c025b4f0594ecedb59cd5201c54cad0dcea740ec2ea180d768b42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
407849
pragma
no-cache
last-modified
Mon, 14 Mar 2022 12:06:52 GMT
server
cloudflare
etag
"622f2fdc-63929"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=457dL6fJJMv6Jr0naQyq8PLJ7aTB2DB230B%2B4TVCMTOWHyMkpTgFQ%2BUNPgU3Y3TZ9D1ZBu1%2Bqhp8Pc4QpCvysappqoER3sG5Qe1nHCOguIyPCTizer4l0%2BAhhCnJkQJN6Db2Fa4oPCOuTg2y%2Fbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f97978b49b88-FRA
expires
0
hbo.png
www.streamix.tv/uploads/licens_banner/ Frame 47BD
590 KB
591 KB
Image
General
Full URL
https://www.streamix.tv/uploads/licens_banner/hbo.png?v
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fdc568b02255eface80508336227fb044a725244d47dd63c69890ad59b4f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11895
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
604199
pragma
no-cache
last-modified
Tue, 29 Jun 2021 19:41:41 GMT
server
cloudflare
etag
"60db7775-93827"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWF0MXusps9UmDUT0bjFxIf6tSuJyUDZKDkuG7KmVOZPNZ6AIbZUWEX%2Bt3CtAFtAkb9f8xZX%2FIaOBym9CugWMba0xqizSwC7L4Grfe4WT2FteHQzhuUQE93vSP54rLi4SJtTeL6TMl6akHMe8OA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f97978b69b88-FRA
expires
0
addthis_widget.js
s7.addthis.com/js/300/ Frame 47BD
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Tue, 23 Aug 2022 18:40:05 GMT
x-host
s7.addthis.com
content-length
116325
jquery.typewatch.min.js
www.streamix.tv/assets/anime/js/ Frame 47BD
1 KB
1 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/jquery.typewatch.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171ba37249b01fdbdae7d287b9295f4169e2da0d2f43a16bfa358dcdf72c44e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:40 GMT
server
cloudflare
etag
W/"5e8675a0-4f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0u7AqjUzURZ8ONdw%2F%2BX7PuktqXKA8hqP5lOExaamPMHqzagfv925saO3eQQFGK7951pc7C%2F8a8iNsp72ItlKDRozVF0xrM5728wzAjM%2BEgYixyfeGUwixy6aE%2Fmm%2B3OQEpT5wpWerpa8G2YB4ws%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f97978b99b88-FRA
expires
0
scrlbr.js
www.streamix.tv/assets/anime/js/ Frame 47BD
43 KB
13 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/scrlbr.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24b9a68368d658364deeb7d267a5e5f014975781e0a86385cd9b944c8488480a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:40 GMT
server
cloudflare
etag
W/"5e8675a0-adfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUe%2B3g8Q80%2Bv4ZdpkDVJrhT8GXFERDtaed%2B4UDPmpEZNEm6PUJHR9XM5d2fxXIEIROjlmCl8b6BGMSst7hgsrAzZPHC%2BVcnfvcsPEyx4%2FZEZrMse1lSwr7TUKMjJQtsYqRxk6VpSS0pYrtxYNX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f97978bd9b88-FRA
expires
0
jquery.bxslider.min.js
www.streamix.tv/assets/anime/js/ Frame 47BD
23 KB
7 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/jquery.bxslider.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe91e5030d56d2c3eb23a58dec4ec8b52db809e3ca9ee40bebfc83aae730551

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:40 GMT
server
cloudflare
etag
W/"5e8675a0-5c4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gi8VomgcIL%2Bqa%2BMYUJjADMrv3%2FGlca9PtbsCjJmau4Y07vHuXapvAfXBRf0z342OJtnSB83lgpilLMHBXzSyADpOh%2FdbpIdhQMFKOO2PGlwROILYPbZ8ZfU1r0Kt06MZdNn88gxlLxzxLjDL4WY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f97978be9b88-FRA
expires
0
percircle.min.js
www.streamix.tv/assets/anime/js/ Frame 47BD
2 KB
1 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/percircle.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f71fd03dd79be7ffeebac3065bbd98faf05e2bd969b37ff7e36f8c6379ed5e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:40 GMT
server
cloudflare
etag
W/"5e8675a0-6ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZC6VZoaKmroWb1tSBUiCvwjTEDj55mBXcwr%2BGzPOWlAaFh8AD7vZ4mTUpGS5WOFCMbGlCzV3ak6FqS0Hou4E%2B9tV4Hw3%2B7ffRkoBw3SbRcbxRDjqLAgMwbWZ9K7wgkALIoN9q57PZhcJ7BFf7g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f97978bf9b88-FRA
expires
0
toastr.min.js
www.streamix.tv/assets/anime/plugins/toastr/ Frame 47BD
5 KB
3 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/plugins/toastr/toastr.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:31:13 GMT
server
cloudflare
etag
W/"5e8675c1-15a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5ZZIqevhI5Eh5%2BpFJmKlLgKboZN046vP%2FQ%2FXHv6cHQqHGWMQohW95hNVGDOW9fmzENFuN8LuNAo2V5Gb%2BS7SKhYCWWmealZDp7NuEA1Kg1plE1KS8uVEZcQePJDJqYggV8Sx3TNgWlJPNwVreE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f97978c39b88-FRA
expires
0
alertify.js
www.streamix.tv/assets/anime/js/ Frame 47BD
11 KB
4 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/alertify.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9325dd9eb691092ba194fed5c6738ccb7c891ca8281926cc86bd40d4acf3def1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/5463/o-turista-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:39 GMT
server
cloudflare
etag
W/"5e86759f-2c0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3ktdOYmkxAf%2BchQG9STGxFeoAb%2FGONVrbnqbhsopB6WCPEzWNTsDgoz8tF4wGdItCF1kpAxZ3mZc9rfEF10RCyM7hiFW1WiJPo40SdKgv7i9FPGRN%2BdFVNqQLTLPmDHaEDxCuo1GtfL02Cn%2FAk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f97978c59b88-FRA
expires
0
jquery.js
www.streamix.tv/ Frame B059
14 KB
4 KB
Script
General
Full URL
https://www.streamix.tv/jquery.js?1df8cvllu8bluzkxsfrzitn7tbq0m8uq
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20b8b347154b8a6a144efc72ab1e879c4fd518ccab777235650f9e6c448f281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Aug 2022 18:39:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fqjt8Ue18zBb4B%2F%2BNEWekJRMLdtZicuuaYQIyks7C%2FlqHnDW1ScrT%2FstVEdaOYoZxBuGBsLk%2ByNhUm0ptZsGvwEGwz5mxJNuJh1Vj7%2FJw6adOPVO%2Bguq%2B0NZTjPwSSAlYHO4AQdyMP6X38uyf3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f97a4a139b88-FRA
expires
0
cmp.js
quantcast.mgr.consensu.org/ Frame 47BD
16 KB
6 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:32:08 GMT
content-encoding
gzip
etag
W/"51870ee6d5cb32ca5311356b296af21f"
last-modified
Tue, 09 Mar 2021 20:17:06 GMT
server
AmazonS3
age
477
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
TVVBuqWHGUlUv3rmjCgax5YTB0dxTHkOEHLGH1d2ZirD7xldiHV9zw==
bg.jpg
www.streamix.tv/assets/anime/images/ Frame 47BD
1 KB
2 KB
Image
General
Full URL
https://www.streamix.tv/assets/anime/images/bg.jpg
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assets/anime/css/main.css?v=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89eeb960da6b6c96728f9dae20f2082346e1a2b7418351fe6b1b44d7abb457fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assets/anime/css/main.css?v=1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12218
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1210
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:38 GMT
server
cloudflare
etag
"5e86759e-4ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHu%2FqQKdZltAMQDH2qd4ihqfoy35M7mN5%2BlFUGYVUAVYDZCR0iTATGteGETgylGKI2IwVuRMZul26Y0tj5MDxjn1CAH5K6kE%2FaubyfRDAZKzjPjmGFsRGqZp%2Bf9X2ioK8m0Wr2nV8zMOYIuw9Yk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f97a7a819b88-FRA
expires
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 47BD
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.streamix.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 18:50:34 GMT
x-content-type-options
nosniff
age
85770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:50:34 GMT
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame 47BD
384 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 16:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Aug 2023 16:32:14 GMT
analytics.js
www.google-analytics.com/ Frame 47BD
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-219904576-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5884
date
Tue, 23 Aug 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 23 Aug 2022 19:02:00 GMT
fontawesome-webfont.woff2
www.streamix.tv/assets/anime/plugins/font-awesome/fonts/ Frame 47BD
75 KB
76 KB
Font
General
Full URL
https://www.streamix.tv/assets/anime/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assets/anime/plugins/font-awesome/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.streamix.tv/assets/anime/plugins/font-awesome/css/font-awesome.css
Origin
https://www.streamix.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12218
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:31:37 GMT
server
cloudflare
etag
"12d68-5a25733c189ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvd1lEzZssQ8bshkpMFQr4hDU9lrTHxFq7JuqKSCWFqzZ15POb%2FXZu6%2F4fjVbMeL9kJ98oY5VFXW3z1sJRRQDh%2FboAzM3fTj3VVxTYomZuAzN6%2Br9IfnzF1JwK1ddRGuWogIrYDMix7a5wqcLRA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f97abadf9b88-FRA
expires
0
collect
www.google-analytics.com/j/ Frame 47BD
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=391986956&t=pageview&_s=1&dl=https%3A%2F%2Fwww.streamix.tv%2Fassistir%2F5463%2Fo-turista-temporada-1&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Assistir%20O%20Turista%20Temporada%201%20Online%20na%20HBO%20Cat%C3%A1logo%20Streamix&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1264285343&gjid=419182474&cid=251762566.1661280005&tid=UA-219904576-1&_gid=498294986.1661280005&_r=1&gtm=2ou8m0&z=1124454132
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/5463/o-turista-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.streamix.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 18:40:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.streamix.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
a-paixao-temporada-1
www.streamix.tv/assistir/4404/ Frame C384
86 KB
17 KB
Document
General
Full URL
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e403d3ed917af9822eda3cd3346621cc4369860842cdaf9a65995af111f6a1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
BYPASS
cf-ray
73f5f97dc82f9b88-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 18:40:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txolPeihOVCZ%2FOZHp2DFJ6wrgUEgjna8obINh%2F3NH5zJfE1aKyQZsh53aOuPGf3ecto%2FSijt1iKIannRR0m%2B06657FoGg0kyvNH4lw7mYSh%2Fy%2BtpvR0LVJJOl%2BmxYQ%2FI6njswAQhdce1O3Bynqc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
moatframe.js
z.moatads.com/addthismoatframe568911941483/ Frame 47BD
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=47129
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
css
fonts.googleapis.com/ Frame C384
10 KB
838 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,400italic
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ca4f60192d0be869f5ab5c73d8586b562a06c00b0ab098b3f11c204b166a2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:27:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 18:40:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 18:40:05 GMT
font-awesome.css
www.streamix.tv/assets/anime/plugins/font-awesome/css/ Frame C384
37 KB
8 KB
Stylesheet
General
Full URL
https://www.streamix.tv/assets/anime/plugins/font-awesome/css/font-awesome.css
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:31:37 GMT
server
cloudflare
etag
W/"5e8675d9-9226"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7Eez1H71o1FvE5TETn2BF3fdizeOn8IX88Z%2FTqaitsRsRLOEhdI2lXAnLUviObsajfPrusgOwrhah9d9q%2FhRAx9O%2BtYp3B7vtYGi%2FVwUBaxfspvjPSPMcCCt0ik9dPSlNJ8iKAa1dkywmh%2BO2g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f982b9f79b88-FRA
expires
0
bootstrap.css
www.streamix.tv/assets/anime/css/ Frame C384
67 KB
11 KB
Stylesheet
General
Full URL
https://www.streamix.tv/assets/anime/css/bootstrap.css
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5471691331fe5befc0daf136f494fd54d521fa9eb701acc6e6f4895883cbb82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:37 GMT
server
cloudflare
etag
W/"5e86759d-10b7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bePrRHJYBH0UJ32RMjMEfulnJDN5DXyvTeD%2F%2Bn2B0jv%2BhYPEMBtuAHY8qd5gA7FrUTQkIu8vz9FPzqmv7x%2FUFOeFGioxeVF4CZKOQQM1Kppe%2BEtCqN2c6AK8jZbtWwxLTZxQeZcJM3TU%2BJZE7TY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f982b9f89b88-FRA
expires
0
main.css
www.streamix.tv/assets/anime/css/ Frame C384
162 KB
29 KB
Stylesheet
General
Full URL
https://www.streamix.tv/assets/anime/css/main.css?v=1.2
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4485dcef2a437330081fc0e8a0059d542f763746b32eccf2ac438a21012e6b0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Sun, 23 May 2021 14:47:36 GMT
server
cloudflare
etag
W/"60aa6b08-28684"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryVRnPCtz2lO0fOa%2BbD5VRlCzpRisCeXgl1w7xhoEzz6lTDyxzWzomxPE1K8T4ggHX5Xz601i8Ezkj0Hngv8gC2N479IDMTR8lw9bfHy7nrUrVI7tgpezi5wJ1lMR4JQ4spLSD3hljPSeaROUZg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f982b9fa9b88-FRA
expires
0
toastr.css
www.streamix.tv/assets/anime/plugins/toastr/ Frame C384
8 KB
4 KB
Stylesheet
General
Full URL
https://www.streamix.tv/assets/anime/plugins/toastr/toastr.css
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7290b870b4b3785b24bb7296a6db28943b0afbd3db6f17737fafbfa038cc49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:31:13 GMT
server
cloudflare
etag
W/"5e8675c1-1eb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=425FC4s%2F%2BxquyKsVU9PFzqzKrTOzFwIRHD64WawIPb8Gy3Np3mUx57fyBwmBv72Qt4MxEWx5kYGvtQPnGPsurfi%2Fr4kCTFvQwy6424VA1ksllKTHb589gMVvl6%2FmStJufj6kPxfYy%2B%2BnHa4IKP4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f982b9fd9b88-FRA
expires
0
jquery-2.2.4.min.js
www.streamix.tv/assets/front_end/js/ Frame C384
84 KB
31 KB
Script
General
Full URL
https://www.streamix.tv/assets/front_end/js/jquery-2.2.4.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:48 GMT
server
cloudflare
etag
W/"5e8675a8-14e4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSf5emXe4WGdBHotQt%2BTFrj3Sv5Tnm4lvkMDYAsViSOf2YBBXj9OrKkSdaXGavYhVm59wVZZkq%2BNAb4RqC5vd3VpFeuv1kJDN7abVBMkgsNYx94d6F80hPAiIXtzr29c5jwVlDVpmovweJpIoL4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f982b9ff9b88-FRA
expires
0
functions.js
www.streamix.tv/assets/anime/js/ Frame C384
22 KB
5 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/functions.js?nocache2
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a952d774e71925cbfb611e74ecdb4a98f437a609a164c1699ac9bbcb9c7aa204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 23 Apr 2020 18:38:22 GMT
server
cloudflare
etag
W/"5ea1e09e-5688"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFawyl7llimPEwmPHKwIlWZnfxTtQGna196ZyJG5lJDYjJv1fEFhfW4RPV%2BuwP1euhvviIZhpLMzayEakkZskBEeBm6iFuJl5HlIyOnRlXWhIZOvQUszLHFf70DTWIj7x4lXAQB%2F5xx8uH2NmuY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f982ba039b88-FRA
expires
0
jquery.dataTables.min.css
cdn.datatables.net/1.10.19/css/ Frame C384
14 KB
2 KB
Stylesheet
General
Full URL
https://cdn.datatables.net/1.10.19/css/jquery.dataTables.min.css
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
18176262
content-length
2109
last-modified
Tue, 17 Jul 2018 10:18:26 GMT
server
cloudflare
etag
"1121ccf-364c-5712f444e19c2-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
73f5f982bee59255-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Wed, 25 Jan 2023 09:42:23 GMT
jquery.dataTables.min.js
cdn.datatables.net/1.10.24/js/ Frame C384
85 KB
29 KB
Script
General
Full URL
https://cdn.datatables.net/1.10.24/js/jquery.dataTables.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
774a9c269c0b9092fe2bcc1b65d16eb560cad1a34c80b278b122c857da380251
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
18176266
content-length
29759
last-modified
Fri, 21 Jan 2022 16:13:21 GMT
server
cloudflare
etag
"11410f2-1521a-5d619e5c65474-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
73f5f982bee79255-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Wed, 25 Jan 2023 09:42:19 GMT
bootstrap.min.js
www.streamix.tv/assets/anime/js/ Frame C384
36 KB
11 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/bootstrap.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:39 GMT
server
cloudflare
etag
W/"5e86759f-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5vHfJcQeO7RGx%2FOHDeYouWmIK%2Bbie6251vtycXCYXsaeDnNCaDTGqFQlrII0YAJeXesAIH5s6A%2BoVLPC1QDkst7PHwJ2Cifjfmf9iJt2bkr%2FE8oumkaEzO389qhNhbrxfjDQjOUVe%2BthvkOoS8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f982ba069b88-FRA
expires
0
js
www.googletagmanager.com/gtag/ Frame C384
106 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-219904576-1
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df6d963f5c60a8081b204ff1d6494b254b8ef3e2eda060f6c4b615c13507874a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42031
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Aug 2022 18:40:05 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C384
83 KB
0
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28559
x-xss-protection
0
server
sffe
etag
"1312 / 447 of 1000 / last-modified: 1661252718"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 18:40:08 GMT
logo.png
www.streamix.tv/uploads/system_logo/ Frame C384
4 KB
5 KB
Image
General
Full URL
https://www.streamix.tv/uploads/system_logo/logo.png?nocache3
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c10bd38d554a5955b26d10e16b1059e2855647a2fe14294b58c35cc86354b575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4569
pragma
no-cache
last-modified
Wed, 22 Apr 2020 15:07:23 GMT
server
cloudflare
etag
"5ea05dab-11d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGIFL5EcIpThDREdyp7RNIXn9k7Mx%2BpQAnAnS%2FDt7ZpJnYDm1%2F7WHox%2F0aTjtd4li%2BiBoKCJvtf9E%2FZTc2NwM6fPKtukAPWhNfDeImpkkm4ZRChonHFrR%2FaU7HnMoUplozbOQTEHhHOkmTdcMtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f9830a819b88-FRA
expires
0
preloader_white.gif
www.streamix.tv/assets/images/ Frame C384
634 B
1 KB
Image
General
Full URL
https://www.streamix.tv/assets/images/preloader_white.gif
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffe96b98423bb7a4e0ca465361afca090f1896831face3abdbd51365e6675c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
634
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:04:58 GMT
server
cloudflare
etag
"5e866f9a-27a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65aj0bhtl3n7oRIetDgF6bt7ADrSzTk%2BGpZJCGXpuCUH%2FJ5IHlC7NUwVGBCJDFxG%2FF962VTPo2XeK54LFVR%2FNk1FA087zACDlKDuUDnVbXZxGC9zQXIEl17hM6I14afhMaUvNG0snoeSu7WEewc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f9830a829b88-FRA
expires
0
4404.jpg
www.streamix.tv/uploads/video_thumb/ Frame C384
12 KB
13 KB
Image
General
Full URL
https://www.streamix.tv/uploads/video_thumb/4404.jpg?v=1.0
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e431dba690e2160e14b615b7cfadd66db522d19cc8315bb51b714901c74cd21f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12406
pragma
no-cache
last-modified
Tue, 29 Jun 2021 23:00:30 GMT
server
cloudflare
etag
"60dba60e-3076"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coJOwn0wxs6b7ySDoHOs3NJXXFoW%2BDnEF8fSaF8zTSQ91r3Sgxydnum712NKr%2Fvf%2BPhTBBt5Kw0WpCO46B0fONStpX1ScuS%2FSbkCK60dQNwY6upDIhmV5wKptVgOGKXtcUhFPkvtuwvj9oU%2B%2F4A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f9830a839b88-FRA
expires
0
hbo.png
www.streamix.tv/uploads/licens_banner/ Frame C384
590 KB
591 KB
Image
General
Full URL
https://www.streamix.tv/uploads/licens_banner/hbo.png?v
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fdc568b02255eface80508336227fb044a725244d47dd63c69890ad59b4f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11896
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
604199
pragma
no-cache
last-modified
Tue, 29 Jun 2021 19:41:41 GMT
server
cloudflare
etag
"60db7775-93827"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kvHRjS%2BKPLjdxPP%2B8Tp4QMotbda3MKj8CSPa6t2V8RkWpqMgXehRkxQl3zvNOb%2BuUer6gZtHG%2FkabJHiS9VXZsvSWAddHucGBtcfUzq383k7CLBKzgHKokg0GxE545jU%2F3JDq7ZCzqtLJJiDuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f9830a859b88-FRA
expires
0
addthis_widget.js
s7.addthis.com/js/300/ Frame C384
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Tue, 23 Aug 2022 18:40:05 GMT
x-host
s7.addthis.com
content-length
116325
jquery.typewatch.min.js
www.streamix.tv/assets/anime/js/ Frame C384
1 KB
1 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/jquery.typewatch.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171ba37249b01fdbdae7d287b9295f4169e2da0d2f43a16bfa358dcdf72c44e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:40 GMT
server
cloudflare
etag
W/"5e8675a0-4f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZD4xfpUi%2BN1qPK4aSXa3rFBkpismeE9GfrXCWd3tT1oiDLaVSg%2FR7HF1xuJ07Ks%2Bovr%2B%2BVhriub5ptTTwsxtI3OEgVPM643JPHD%2FjifX9yu7sut%2FvOR26Q89uMm59jQkoJqqI8h01bFbWJYXFec%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f9830a749b88-FRA
expires
0
scrlbr.js
www.streamix.tv/assets/anime/js/ Frame C384
43 KB
13 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/scrlbr.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24b9a68368d658364deeb7d267a5e5f014975781e0a86385cd9b944c8488480a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:40 GMT
server
cloudflare
etag
W/"5e8675a0-adfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPlS9O%2BjLnzTLXKyex8Scb6d7YXyvisVY9kHW%2B9kgz8ISY9y4aFJ3IVZ9lxn8jWK2eb3kZPxfIeLimAVwU0OTxOUWw1NsRnKu9WN261Qn8zacQn0s5vbjLHG5PEOHUBkii4nz3Bj1RhxckwoUB0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f9830a789b88-FRA
expires
0
jquery.bxslider.min.js
www.streamix.tv/assets/anime/js/ Frame C384
23 KB
7 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/jquery.bxslider.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe91e5030d56d2c3eb23a58dec4ec8b52db809e3ca9ee40bebfc83aae730551

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:40 GMT
server
cloudflare
etag
W/"5e8675a0-5c4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bq0z4eeGOH5lzaD9WH5RsWWS1930xKNGXqjURGzo%2B60rKTM00ww7cDEl3fbA5JbSQcGG0lupdfVO%2B2cEnsyLnJzJmnH9SPaBn%2B5XUukkT15KRJ%2FK%2Byd3%2BtwCkttyA4O9Y1fwL3zSIUMPEppXVb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f9830a799b88-FRA
expires
0
percircle.min.js
www.streamix.tv/assets/anime/js/ Frame C384
2 KB
1 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/percircle.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f71fd03dd79be7ffeebac3065bbd98faf05e2bd969b37ff7e36f8c6379ed5e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:40 GMT
server
cloudflare
etag
W/"5e8675a0-6ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=titlkm1AZ6CY2sU7GfiZ8KbT%2BHqOa0wHyiHGe0eWYWLeq%2BRTwBK81FJgARD37QZep9b9q7s%2F9%2Bk%2FJEIfh%2F16SnfcDLb3Y3SSmkJ5yUQ6CaEgwXODT81qxxBR9oUzE5YgXSL2awLE%2B5PHhQEGZZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f9830a7b9b88-FRA
expires
0
toastr.min.js
www.streamix.tv/assets/anime/plugins/toastr/ Frame C384
5 KB
3 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/plugins/toastr/toastr.min.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:31:13 GMT
server
cloudflare
etag
W/"5e8675c1-15a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRBiocwEHoBJN4k3EWsVOV1EIjtLlLI19i2cB8CXvfCxbvmIHNRh3huGEwV1kFo8AWVqrLNiT4n3%2B6Z4eQhtzATMhOY0dBz7Tl9eIvk5aKFLbG6L5QI2k0tkRW66%2FrGlAoDvaDNSAK35XeZubCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f9830a7c9b88-FRA
expires
0
alertify.js
www.streamix.tv/assets/anime/js/ Frame C384
11 KB
4 KB
Script
General
Full URL
https://www.streamix.tv/assets/anime/js/alertify.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9325dd9eb691092ba194fed5c6738ccb7c891ca8281926cc86bd40d4acf3def1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:39 GMT
server
cloudflare
etag
W/"5e86759f-2c0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKAlwI2hkO7zvhihHqaiPfKQduvXy6zoFR9d1gRvRIzSmqpItCIjoYmKYFqdAvCuBR22ta66vqLChAh%2F3k5hSuZhXdChzKSMvSU96nd%2Bv%2B8ti8Bhq9JieM2Mvaokmx%2Bok%2FCvbdI%2F%2Bd7%2FAiRdha4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f5f9830a809b88-FRA
expires
0
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-58d74b9dcfd76af7/ Frame 47BD
5 KB
1 KB
Script
General
Full URL
https://v1.addthisedge.com/live/boost/ra-58d74b9dcfd76af7/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
481c73076eb4643acedb46ec0c5042a074866a51f161f45be33dcac4622e07f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
content-encoding
gzip
etag
-976653445--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=36, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
1060
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 7EB1
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 7ECB
71 KB
26 KB
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.streamix.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Tue, 23 Aug 2022 18:40:05 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
cmp.js
quantcast.mgr.consensu.org/ Frame C384
16 KB
6 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:32:08 GMT
content-encoding
gzip
etag
W/"51870ee6d5cb32ca5311356b296af21f"
last-modified
Tue, 09 Mar 2021 20:17:06 GMT
server
AmazonS3
age
478
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
ixyQd9Ex3ry3ZvWcxTwR-r39dwHX07SRWZbc5Fe5zqe3QQQ_01g3Mg==
bg.jpg
www.streamix.tv/assets/anime/images/ Frame C384
1 KB
2 KB
Image
General
Full URL
https://www.streamix.tv/assets/anime/images/bg.jpg
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assets/anime/css/main.css?v=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89eeb960da6b6c96728f9dae20f2082346e1a2b7418351fe6b1b44d7abb457fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/assets/anime/css/main.css?v=1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12219
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1210
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:30:38 GMT
server
cloudflare
etag
"5e86759e-4ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21TIKhKo1slTKqbh4Avlx2J8t6lQjkyGq2Rp6ZpoSeG35cCukINF41NHzJf9cL9RnWtSueI1ypLTO8SthwocRb4G4o3L%2BA2j8%2BG9Go%2Bc9UiBW67hsO1O7mrMs5C5SrHAu%2FDq5iVcyYdldQXl%2BF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f9835af69b88-FRA
expires
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame C384
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.streamix.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 18:50:34 GMT
x-content-type-options
nosniff
age
85771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:50:34 GMT
fontawesome-webfont.woff2
www.streamix.tv/assets/anime/plugins/font-awesome/fonts/ Frame C384
75 KB
76 KB
Font
General
Full URL
https://www.streamix.tv/assets/anime/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assets/anime/plugins/font-awesome/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:96d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.streamix.tv/assets/anime/plugins/font-awesome/css/font-awesome.css
Origin
https://www.streamix.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12219
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
pragma
no-cache
last-modified
Thu, 02 Apr 2020 23:31:37 GMT
server
cloudflare
etag
"12d68-5a25733c189ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJmbODJpdc%2BY1fdc60nMJILISV5Wk0E%2BoZq8U%2FToqkBBnVxzzuGkMHN51QaeTNq62V6zfrc5Ygwka8FhjV26CXPcvl%2BdCHHbzHn6bzSPfWxw%2BeVoltOCabeLV%2Bnn8S4xFE4TUTsJ2v%2BBnikrEgU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
73f5f983ab8d9b88-FRA
expires
0
analytics.js
www.google-analytics.com/ Frame C384
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-219904576-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5886
date
Tue, 23 Aug 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 23 Aug 2022 19:02:00 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ Frame C384
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:06 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=47128
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ Frame 47BD
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Tue, 23 Aug 2022 18:40:06 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-58d74b9dcfd76af7/ Frame C384
5 KB
1 KB
Script
General
Full URL
https://v1.addthisedge.com/live/boost/ra-58d74b9dcfd76af7/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
481c73076eb4643acedb46ec0c5042a074866a51f161f45be33dcac4622e07f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:40:06 GMT
content-encoding
gzip
etag
-976653445--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=35, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
1060
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame BF2A
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 4062
71 KB
26 KB
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.streamix.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Tue, 23 Aug 2022 18:40:06 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
collect
www.google-analytics.com/ Frame C384
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=529345133&t=pageview&_s=1&dl=https%3A%2F%2Fwww.streamix.tv%2Fassistir%2F4404%2Fa-paixao-temporada-1&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Assistir%20A%20Paix%C3%A3o%20Temporada%201%20Online%20na%20HBO%20Cat%C3%A1logo%20Streamix&sd=24-bit&sr=1600x1200&vp=1000x2000&je=0&_u=QACAAUAB~&jid=&gjid=&cid=251762566.1661280005&tid=UA-219904576-1&_gid=498294986.1661280005&gtm=2ou8m0&z=110340936
Requested by
Host: www.streamix.tv
URL: https://www.streamix.tv/assistir/4404/a-paixao-temporada-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 13:58:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16909
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ Frame C384
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.streamix.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Tue, 23 Aug 2022 18:40:06 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuv7KcZf4bHezOt00Kmm_hb8vyDSe6pGxysmNoYeoArM-BMVl-Krf3cydxDggBBzY0JVa9BwOH-uFsj20TrUao18EGnrWk8Nj8T9rFyLHwJDcAd9tGgjIWJLz21dmsBN1NCFZ5Em7iL0p13t5639EYe0O7Yjgvb7GQasFrTpYYTZmcHqOXnogZq-Ke08ss-4qc5OkuUNwjH9crIUl7fKCpIjYXklv5FIn-oATmplCUZZvtaDZady3D7F-lXKJddUZydK8EO_xX1KPYUOZZAxHjrmu_4cJr34pR_1PcmUAs0EgyzX0kxrm20SYUKq8DvQoC2r41ELsa6_k0-O_nEKNFcEh8ZY0k3LI4c2mLbvHIxIoZRjTO1xMGYSdWBKA-AXsTTWxc3x7ZCc6tBcg&sai=AMfl-YSl8H1MttIiNqmsRUS9vuMLw4vRQzDptwLZWOPVwYEf4jsQC6R60YkyLaISg-97FcS3GC_nex99LbRyGZRB9PcD-QvbwIoKe5Z09M8KkN9VAU4PLiDSdIClbqF6MUfMEpw&sig=Cg0ArKJSzNPLwb79BlOQEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssF9kxd4VJKMW01lAXV1Wacz-8uQ_BWUM3rb-08Ra7BIvG-MWjKgImKWvRT1K0spkwwiPRK7bYarnl_zcldosCxKmVhI21zAjIA3tWMxKm4SwM7ivu4Q2gvnHY_DIuQXohR0lS3FWGqz0xox-56f8tWyJLGtBoVt8aRsGnrTkfNblwdCLleDnzUrqK7R_YTKcWkuqSYOCXpBVln4hecMRzKDkUiggt6oJNHoouA5se26yADNh8BDgJ1waxFMf7FUJ6mWcsAkIm-t0VgDs9vUeHF8blmSCbFRL4_O4ZRCyPM9vL0GTK0PBz70f0CdF172MxDn8WgtRuS_uNUukw2wSZSv5qXIguTa9WCfVp0rdCrZUNRdvQCV4lftSPV8TzXKl3blbWAOtOQwvtLrA&sai=AMfl-YRcToes5vdJpTgyIqONcWd3t0tsiifc9Um3OOcbG_F-XJhAR9XOT3NCe1jpBG9MjViUAQPawds1A42DPh2WZHmYdfzOPFnhkIJLqzvTo4UHRqrFPVSN22RPpt5eGvgfqKY&sig=Cg0ArKJSzIrbRuwHm92eEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh1bfXoOd7OYp1KYmyGpl446ljEIulyplO52A6WrJvYp4bZcIBhO62LQrjtx1wVaAeVN28GPK1_BMx83Btaf9514LINEzgU2lGEsyiagiLj9499nnZmQvMqcE-qQuIwesWXKFnxBP0gXntr_8lDhXuf8C9UjdLw1BcO1ZeLIKNnKNBOagiyXjE7857hhZk6p9Y2nvN4tLl9Pvn8JtJvzafXOkzc9y6229khhVcb_bIqo-hc2vRoNdp3BDKQPbkYapP9YEjSaILF_XG0q_tVOWDoR3I8pdMhg0uH179_Tiomz4-HAX-HtXjuqRU8wtJPKU32Sp1BylXOvt5d5Mb4RZkxcjiGet_1B-QbhW44FlSs9LC4JeYA8pMRK0i9eSHImUE1YDFcwuEs-XitQ&sai=AMfl-YSzkdiNPkU4awdbQ8PSMPvzqpjSwy-pnO-5fZMk6n0fA5EIKX45iAHcOV_-pR8dahAlFT3Kq0L42tbIDyAJ063HqfeFMTKPzFYvt70sNcINXpx7Bkzn65w_a6eMToj2eQ&sig=Cg0ArKJSzN4vkts2B0OZEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
statistcdn.com
URL
https://statistcdn.com/analyze.js?typeId=f
Domain
ad.lomadee.com
URL
https://ad.lomadee.com/banner/view?sourceId=37069243&dimension=19&width=320&height=50&method=0&advertisers=&tags=
Domain
statistcdn.com
URL
https://statistcdn.com/analyze.js?typeId=f
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| $ function| jQuery function| GerarCookie function| LerCookie function| ExcluirCookie function| passou function| $a function| gtag object| dataLayer number| g_iCount function| relogio string| mensagem function| clickIE function| clickNS string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi number| demandSupplyAp object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS object| demandSupply object| apstag object| $g object| dspbjs object| _app boolean| apstagLOADED object| google_tag_manager object| AdSlotCollection object| google_tag_data string| GoogleAnalyticsObject function| ga string| demandSupplyFS object| googletag object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| __oa360ScriptsState boolean| __isGoogleAllowed object| pbjs325474 function| pbjs325474Chunk object| ADAGIO object| ID5 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| _0x2a3b function| _0x30cd object| _0x5c796a string| _0x25d66c object| _0x18239e object| _0x556845 function| _0x2f19aa object| _0xa2ab70 boolean| _0x1c8020 boolean| mutexNetwork function| MobileDetect object| iframe object| _wau string| k object| _jy2uayf4hg object| 3wal6hpks2s object| zfgformats function| setImmediate function| clearImmediate function| _sxvhiu function| _wxfdtpn string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| Criteo object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup object| CleverCore boolean| CleverCoreLoaded object| sas object| apntag object| _ADAGIO object| x string| x1 string| x2 object| Tynt object| _dtspv number| 2f1acc6c3a606b082e5eef5e54414ffb function| __tcfapi object| _33Across function| __uspapi object| _0x2cfd function| _0x4e8b string| _0x3e3468 object| _0x1463ca string| _0x47e902 object| _0x12485f object| _0x2788df object| _0x811cdc string| _0x93b100 string| _0x4c1e26 string| _0x365c73 string| _0x181130 string| _0xbd3823 string| _0x32da8f function| _0x470bc9 string| _0x5a4639 string| _0x5d6572 string| _0x571ffa object| _0x528c12 string| _0x2c250c string| _0x5561a3 string| _0x33988d function| _0x22eba8 string| _0x317614 string| _0x39b43e string| _0xa99ebb object| _0x529d8b string| _0x514438 string| _0xcc7b string| _0x19546a function| _0x4a2a57 object| _0x4479e7 object| _0x2cb8f1 boolean| _0x2f5d0c object| _0x539937 object| _0x494312 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ONFOCUS object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| GoogleGcLKhOms object| google_image_requests

83 Cookies

Domain/Path Name / Value
www.adssuper.com/ Name: idpub
Value: 6
adssuper.com/ Name: viewsAds
Value: downloadmegajogos
www.arnolds.com.br/ Name: PHPSESSID
Value: ricjjm135lur6eu8s2pfqmpgno
www.arnolds.com.br/ Name: ppwp_wp_session
Value: 91b90a4cb46d79669e32ddcec8254069%7C%7C1661281795%7C%7C1661281435
www.arnolds.com.br/ Name: idcriptografada
Value: %3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb
www.arnolds.com.br/ Name: nome
Value: VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
www.arnolds.com.br/ Name: ref
Value: downloadmegajogos
adssuper.com/ Name: linkRedir
Value: https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F
live.demand.supply/ Name: demandSupplyTi
Value: b04c5544-c1b5-4af5-808d-b92d317676be
.arnolds.com.br/ Name: _ga
Value: GA1.3.776207754.1661279997
.arnolds.com.br/ Name: _gid
Value: GA1.3.943460006.1661279997
.arnolds.com.br/ Name: _gat_gtag_UA_108875794_3
Value: 1
www.arnolds.com.br/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.arnolds.com.br/ Name: _sharedID
Value: 2f26ed19-4609-468d-accb-343cd904be6e
.prebid.a-mo.net/ Name: __amc
Value: 1_1661279997_1661279997
.quantumdex.io/ Name: uid
Value: ddc0055a-70b1-47ef-86fc-4d0b9f775250
.adnxs.com/ Name: icu
Value: ChgIm7tdEAoYASABKAEw_b2UmAY4AUABSAEQ_b2UmAYYAA..
.adnxs.com/ Name: uuid2
Value: 5275872984954526629
www.arnolds.com.br/ Name: clever-last-tracker-43452
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1661279997
www.arnolds.com.br/ Name: clever-counter-43452
Value: 0-1
.arnolds.com.br/ Name: _gat_gtag_UA_139883519_66
Value: 1
.arnolds.com.br/ Name: _gat_gtag_UA_135425005_2
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUn8x0b1thJuBUOp4PQQDDETDw7LDY7pbuWD2lmm669B-wJBuZuhWIt12jSEnOg
.arnolds.com.br/ Name: __gads
Value: ID=2fa5b062e9108904:T=1661279997:S=ALNI_MZprveR2suvUiNEmH6ADaWWVVXyVg
.viadata.store/ Name: viads_uid
Value: 55a2ca9d-2f9e-42da-814f-ff4c67526ded
.cdn.ftd.agency/ Name: AU
Value: 5ef09e5661d8cb51
members.bet365.de/ Name: session
Value: processform=0
.bet365.de/ Name: pstk
Value: 1A918FFE0D094A4DAE7DC0F997D9EB4E000003
.bet365.de/ Name: __cf_bm
Value: 0T61ddGDF0YmWnXRM3Ga1RYXnFxRLakwUDNIP8oOXMU-1661279999-0-AS3ZU+95n8/ZZRgI+7prgQ9wIGmnW+zGXqh7cvjPSloOn6Ei/Su1lomUetTRIziUc8CLfKTXRbFQkRrEkULC56o=
.3lift.com/ Name: tluid
Value: 2902683291049486926659
.yieldmo.com/ Name: yieldmo_id
Value: ga59b04b82ce469a9828%7C1661280000349%7C0%7C
futebolistasonline.club/ Name: clever-last-tracker-43452
Value: 1
futebolistasonline.club/ Name: clever-counter-43452
Value: 0-1
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.yahoo.com/ Name: A3
Value: d=AQABBAEfBWMCEKgvXPGeXjXMwDMUqSaecb4FEgEBAQFwBmMPYwAAAAAA_eMAAA&S=AQAAApWrM6atMvhodrk3J1vnG3c
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 2f151b34-eece-52eb-9a2e-d5f2f92bcaf3
.betweendigital.com/ Name: ss
Value: 1
www.arnolds.com.br/ Name: unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-23T18%3A40%3A01%22%7D
.casalemedia.com/ Name: CMID
Value: YwUfAesU1WSG9FdQd0vHDgAA
.casalemedia.com/ Name: CMPS
Value: 5158
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.analytics.yahoo.com/ Name: IDSYNC
Value: 192w~26r6
.casalemedia.com/ Name: CMPRO
Value: 1107
.casalemedia.com/ Name: CMST
Value: YwUfAWMFHwEA
.casalemedia.com/ Name: CMRUM3
Value: f163051f0105a0&0863051f0105a00&bc63051f0105a00&2d63051f0105a0&e663051f012760&bf63051f0105a0&3363051f0105a0&2763051f010b40
.betweendigital.com/ Name: ut
Value: YwUfAQAIOXjuYGq3AUGhQlqC9pZPGekdyg4B8Q==
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-d0883411-e9dc-3f58-bf71-e631904662a7
ads.stickyadstv.com/ Name: UID
Value: 3ad2c3d5e5e070bc42afe323123f4d
ads.stickyadstv.com/ Name: sessionId
Value: 214fcb43cae6b93cf5391ffecbb5c4c4
.bet365.de/ Name: Affiliates
Value: Code=365_01003470%2f146870927950&prd=Sports
.brand-display.com/ Name: _knxq_
Value: e5247e8b-6245-6855-a8d3702f.1661280001.0.1661280001.1661280001
.creativecdn.com/ Name: u
Value: 9hR33K4x2U0Fu1ts6IZn
.creativecdn.com/ Name: ts
Value: 1661280001
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2Hc#FBp(w!@wnf-Te9(SNP7Qd)KmvZ6%oVHMV1LEAV.>Esic(UyXqnE<1LJFpH-mV%S:^El^r:HtwNL%(3]^%6lO=*HZw4
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJkYTc0MjNiM2QwNjk1ZWFhMDhiOTlhOTY1NDFmY2M2NiIsImV4cGlyZXMiOiIyMDIyLTExLTIxVDE4OjQwOjAxWiJ9fSwiYmlydGhkYXkiOiIyMDIyLTA4LTIzVDE4OjQwOjAxWiJ9
.arnolds.com.br/ Name: cto_bundle
Value: ryTjC18xcWlOU3lTNjBWJTJGQkhhN2Y3R3NDc1olMkJHTExKJTJCdmpxd29YY2dYMCUyRlNRMUwyQjQ5NlIzZk5NbWYxT2xueTFUcnRTR2dwN2ZHMjlicnBrN012dnpyY2MlMkJjZmglMkJqJTJCWXR5MGtCTkMyN3ZYJTJCMGliT3FmcndYQXY1V2xWZllvR3dONkk
.arnolds.com.br/ Name: cto_bidid
Value: p1WFTl8zYTlLdUJ0QVhwaXdLaU8xc01IZWp2R3JVZVdrOTIwNHVtbVk3MDE5a01ZJTJGJTJGQ2NRaWxTaXdqa1owVngzWUhHUDklMkJEWGtmQnAxWFF6TXU5JTJCWVZDJTJCRlElM0QlM0Q
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 22eddc2b-71dd-40c0-ab33-167894863214
beacon.lynx.cognitivlabs.com/ Name: ss
Value: iLcTO38BNKafmrAIavImpap83%2F9fc7r3W66uV4q6isf6yGm7ActzEjWe54pXsB43Zkn5QVUo3btbjbEyCdQDww%3D%3D
.360yield.com/ Name: tuuid
Value: 20779243-bafd-4a06-a00e-6e2e982d349e
.360yield.com/ Name: tuuid_lu
Value: 1661280002
.casalemedia.com/ Name: CMTS
Value: 1217
.spotxchange.com/ Name: audience
Value: ff9650ad-2312-11ed-8199-1d34abdd0306
.smilewanted.com/ Name: sw_user_params_infos
Value: dSmNbz0Dt9R154O0ZZZ2xppFOenWx75zNl67B349SW%2FXMG0KnMP6BlaDCKm7yVSvVvDuRaNqNyS8Biy6J%2FO9L6GgxZfECIoHUC%2FKH8VPh1ymxdkHy3RAKj15WPYqzM4AYZX18WvWBFDsl4dCgdKZ%2BN%2FIvNcZnKi9ZrwQ6NTs1XY7MCLCtwzUep0hXTUOim3jC%2BcIwjtqCKPAN1YaKFIKoKrIDFk6lOZv4gOEK6mrWzu1TqWjFqI9VKsNlPHX4%2BQjVlFfb33F%2Bx%2BmbGusmaz49lFkwr3FdxhWZ7masv7YlX50dG1x3UxhVc3AC7IO40trGIPBBwt6izSemrjms3%2FIZ485EM0HCKxzQ%2BnRjmcreGuaSit20Mi%2BdSMVRjKwQvd7khSmS0XzDSW%2BDANEaZxNn5IAZg0VELoUL9sXiKFpe15LQwvfL%2Fjebgri4BuaZ%2BjVklLxIbkcqgY5AOVnugxkbQ%3D%3D
www.streamix.tv/ Name: __vcp
Value: t
.streamix.tv/ Name: _ga
Value: GA1.2.251762566.1661280005
.streamix.tv/ Name: _gid
Value: GA1.2.498294986.1661280005
.streamix.tv/ Name: _gat_gtag_UA_219904576_1
Value: 1
www.streamix.tv/ Name: __atuvc
Value: 2%7C34
www.streamix.tv/ Name: __atuvs
Value: 63051f05cbb8b8ca001
www.streamix.tv/ Name: __atssc
Value: google%3B2
.addthis.com/ Name: uvc
Value: 2%7C34
.addthis.com/ Name: ssc
Value: google%3B2
www.arnolds.com.br/ Name: adsclicks
Value: clicou

17 Console Messages

Source Level URL
Text
network error URL: https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2F5-filme-de-terror-para-dar-muito-medo%2F
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.lomadee.com/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.lomadee.com/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://www.arnolds.com.br/5-filme-de-terror-para-dar-muito-medo/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.arnolds.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://futebolistasonline.club/(Line 66)
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://statistcdn.com/analyze.js?typeId=f
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2-pushdown.svg?v=5
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2-pushmobile.svg?v=5
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://adtrue.fun/dynamic/ads/
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://statistcdn.com/analyze.js?typeId=f
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://adtrue.fun/dynamic/ads/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2-pushmobile.svg?v=5
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2-pushdown.svg?v=5
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.lomadee.com
ad.lomadee.fun
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
adssuper.com
adtrue.fun
adx.adform.net
amer.viadata.store
ap.lijit.com
api.demand.supply
awscloudfront.ml
beacon.lynx.cognitivlabs.com
bidder.criteo.com
c.amazon-adsystem.com
c6debb907933184692d3f2b7fab95b64.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.connectad.io
cdn.datatables.net
cdn.ftd.agency
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.tynt.com
cm.g.doubleclick.net
cmp.optad360.io
creativecdn.com
csync.smilewanted.com
de.tynt.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
f2.cdn.ftd.agency
fonts.googleapis.com
fonts.gstatic.com
futebolistasonline.club
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
hbx.media.net
ib.adnxs.com
ic.tynt.com
ice.360yield.com
id5-sync.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
live.demand.supply
logs.viadata.store
lp.cleverwebserver.com
match.adsrvr.org
match.sharethrough.com
megacdn.top
members.bet365.de
mp.4dex.io
mug.criteo.com
onetag-sys.com
optad360.mgr.consensu.org
pagead2.googlesyndication.com
pixel.everesttech.net
pixel.rubiconproject.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
prg.smartadserver.com
quantcast.mgr.consensu.org
r.casalemedia.com
rotumal.com
rtb.adentifi.com
rtb2-useast.e-volution.ai
s.ad.smaato.net
s.amazon-adsystem.com
s7.addthis.com
script.4dex.io
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
sender.clevernt.com
ssp.disqus.com
ssp.wp.pl
ssum-sec.casalemedia.com
static.criteo.net
static.smilewanted.com
statistcdn.com
std.wpcdn.pl
sync-eu.connectad.io
sync.quantumdex.io
sync.search.spotxchange.com
sync.smartadserver.com
t.dtscout.com
tg.socdm.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
ui.cleverwebserver.com
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
v1.addthisedge.com
waust.at
whos.amung.us
www.adssuper.com
www.arnolds.com.br
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.streamix.tv
x.bidswitch.net
z.cdn.ftd.agency
z.moatads.com
ad.lomadee.com
prebid.smilewanted.com
s7.addthis.com
securepubads.g.doubleclick.net
statistcdn.com
www.googletagservices.com
104.18.18.126
104.18.19.126
104.18.36.173
104.22.69.131
124.146.215.48
13.32.121.81
139.45.197.237
141.95.98.67
142.250.181.226
142.250.186.162
143.204.215.64
147.75.85.234
148.69.64.76
158.69.139.238
162.19.138.119
173.237.60.36
174.137.133.49
178.162.194.134
178.250.0.165
178.250.2.146
18.156.0.31
18.195.147.193
185.184.8.90
185.64.190.78
185.86.137.110
185.86.138.121
185.89.210.20
185.94.180.126
188.42.196.115
193.108.153.21
2.21.184.22
212.77.98.32
212.77.99.29
213.19.147.44
23.111.115.244
23.35.236.188
23.35.236.201
23.35.237.151
23.47.212.127
2600:9000:206f:e800:11:a4de:2580:93a1
2600:9000:214f:4200:1b:5138:8a40:93a1
2600:9000:21eb:f000:6:b871:4f00:93a1
2600:9000:236e:be00:9:46dc:4700:93a1
2606:4700:10::6816:325d
2606:4700:10::6816:3456
2606:4700:10::6816:37ce
2606:4700:10::ac43:2ac9
2606:4700:20::681a:407
2606:4700:20::681a:9a9
2606:4700:3030::6815:3197
2606:4700:3033::ac43:96d0
2606:4700:3036::ac43:9f80
2606:4700::6810:8516
2606:4700::6810:8616
2606:4700::6812:19f6
2606:4700::6812:272
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::2001
2a00:1450:4001:806::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a02:2638:1::13
2a02:2638:1::3
2a04:4e42:600::485
2a06:98c1:3120::c
2a06:98c1:3121::c
3.122.40.23
3.127.77.238
34.111.151.213
35.172.59.108
35.71.131.137
37.157.4.39
37.48.117.210
5.226.179.19
51.38.120.206
52.214.225.206
52.46.143.56
54.210.33.215
54.243.198.75
54.36.217.27
54.74.12.230
65.9.71.118
67.202.105.33
67.202.114.212
69.173.144.165
72.251.249.14
76.223.111.18
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
063a952901506e6cbcc2abdd1995ea387e4ae9138993f5517834a75faee165d0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07ad34acaf4171d389d88457ef3e763d2cbb06897d114597d8bdff75841be4b1
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
08fcf2412c2c4323254845e9bd7c373984fe7a33e6ca2ac14fd4cdf4420c2575
0a470dcb63b27b351e85c01df2baa667e440210e5f461497cb70cec4086bb606
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c69db9a8989359cc8f3a482a0e5ba97e93eac62670d13b114e6ddd4f7a584b3
0e065342fda13275db15eec90e69951fed46cc8e04198548a42c0e2dbbb672c7
0f8b34f331b5366759fc2c6aff892bf29a53dbc059273bf757f65d0d83870620
1156a0afa36a72524e02ba5aa358173381ccaee59285c97fa84fbf81aeac361c
13ad76a90292629b242bb5006f81a6c49deacd32b13328dbea85c1ffaf6b78c4
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80
171ba37249b01fdbdae7d287b9295f4169e2da0d2f43a16bfa358dcdf72c44e7
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
18e0b016ad6e81b1af4bc7eafbde596a758b5582099de81200955fcaed0a16cb
19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e
19d6030c72e73eab60be169b3adb61cb25d9a2a3e002380d10d3d91da981bdd0
19d931617eec70b2be3d6002975bcc6ca6bbe2b0c158c4c2f79451708480b776
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
1f2228c9c706d54bc27ee328b4dd21c890fb8d34e5ad31e950ab68b477bdf39a
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
22ca6f99e16916d6c661a522c8451ff7d09b45e4feadf0f99cf572bb3262539c
2357313c85ed63b21d668505ae655a505e5ddbc3058e365a1270015a89acb83f
23da15d35a5d620b1f3387b0d1fd6458166be04496de9d653ba0b22c4f542c42
24297771536aa56b0c34c9913dbed83d5925d2c80dd654109a4477c093aa021f
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
24b9a68368d658364deeb7d267a5e5f014975781e0a86385cd9b944c8488480a
24c56eb4f81e8fc968bff1c0c48ab3aa46481a377ae0794e26a0a9382f550261
25fdc568b02255eface80508336227fb044a725244d47dd63c69890ad59b4f66
25fdc7a17a7b3884e86c6f6b72b60288025980e5bcfff6b736f077902c1697ef
27642820dad9e3345d808f36c0dc94ef5b01b8984bebb1557b9607a03d7c5a2c
27fdb5636ffbcaf7ca8df47c9e26cb62d24bd2f4f383b597d6cd4b4258c2df8c
29376c7346dd008f9e7de4c5c049e0cc7d5fa6602911b29560b961b257d6b234
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c55dea800c7c131d9f3e3ac8a411abf3ca2b4fa836a7376aba3e99c43a621ba
2d643dd7b4981bf170446a8936da983f0e5489aa9222d7d4a83f6a1efe3c7573
2d6549eddaa0efc629edbc038f67e861410a7bb1ede893ca82b8a5527ad0f4dc
2eaf20ae8c0d6b26613f3afc4e3f0a933429aaf812e4dbf25a0a435a2bed6f6e
2fe2c11fe13c383ed7dfca019b5bfe487027e3e934e3b2cedf953226d17cd427
303720f223071e9d550c73f4aeabb4e2ad1a177f11a2d09fb6c32d0bc51eab5a
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
3400732cfc11f1cf6e7a1a1a1c177c4b386382dfdea98f4bde60746158f47ef7
3594ef3374eefc43f2f8f8c4753c2cb8ba0f550d18e0d87e5f0092f32f45dc4b
35fd215d82eb0a09d2ae99628dc41abb6f4f9f6b82ed528f1060d2810805083c
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
37d1ff365dfe111d205d6c9cfa642dfc1b53f33039ac9409fab11936b210a911
3a03eec8b6b8f7367f1b66ff53ac880713e88c910b739e00c7c022534c179e57
3afe04b97f5b646c9d9ed52a077a33617b37b1db8dbfef78130cd605b4106def
3baee6b91d41cdf1f6876a21a763e66bd5ef64b156af02da2a1b2291f9a2b584
3c9714672fb84e67f3cda67ae8d224b1d69f4b8c66d6e1cd622e88a1ee20f7e9
3ca4f60192d0be869f5ab5c73d8586b562a06c00b0ab098b3f11c204b166a2c7
3d0cac1ced65c8605a7bf6eeb85cd932807c2a8e0ac161bd200a619ef7da78e4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5
3e1609acbb7aa6a33b8c40d478ec96b0a0003924be4961258a9d7850084cfc23
3e55275e2cf00c39ce90846157f36235e11ad02f5718bfc6afb5a55fcf692d25
3f6bee9a0730064a84a9ff8da506e65383104c6d5fb1b8d60679d25c310de9d9
4050c2daa1a9b79cb47a7c91c22a4a6d7867e1f98b55ad81a0afff57db3edb24
40fbe71847c72b50e3f6888fc3c2d85b0a0482ea85d90cf1a44f48c9efa3651e
4485dcef2a437330081fc0e8a0059d542f763746b32eccf2ac438a21012e6b0d
45b039b6808272d4dfd72be37f6cc9fc230a865f6c1425fca9d14f4797cff02b
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
47dff2346e754625663b868c32d138ade45c84aefc949eecc2b6146bd7b54db2
481c73076eb4643acedb46ec0c5042a074866a51f161f45be33dcac4622e07f2
49907fa8e3c67675f143d2d13940ac5ebe29522c5feb70c570aab1e0c1fba2e3
49d4222bdd4270b8b892b7b9bd568bb646673ecd9a8e2ea644e07c0ff4301525
4affbd45b8fc138a38bbd00f4bd7fa70a542404b54c44126819a49a9d0ec7d32
4b0e2c1c8e6d92b9083cd952cea6a065485827df78fae548752352da136c3540
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c91536a14a996705216a0c69db31f262ef8bf3bb1139ea724c76ddb8357076a
4d3f9d8ff33e31cd0334df91cdb3586df887757daeb652ed27c69b6a43ff78e4
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e79ce6cfe4b1b75453cf26227e1e117f89ad1824c4fadf78fc87b726cae2cac
4efde83e70b790e9b8706d5e58acff85a9255794ea9169d12a17250d2a7888cf
51a086065e926db0fbeecbed095737061fb511e1764a5c4a019195b2bc9032b4
52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
56392a97bf35956d4a099fbf3c764a01ee1f2cf2e070a0d8aacf458dbecca0a9
56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57bd26ef723df4550767df78011e90d8560c6a455255359eae4b72bead393627
58387ca9397ec3cb0e0d8e163e3aaf616b33db0a023c16b7824519a834ca6001
587e022b442a0d7013a27f5fd2db035e28a74318d44dac1ac431f124c615bb37
593165f1910ae0ed99f09f3ffd355ea2880be29f0636250a9c47f4864cb113dd
59c792b86b3172a79f73f09d19332a36b09140235f22a569ec8259e6dfaf17f9
59dbe6d5353bc60dba5344433007fec4b2ce76b6455a4cf6197d762b7e071ffb
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5ad816863ea62d85d2a3be5470f77d5b1fa94a35f6e37ae4d9d2ac97cc9481db
5c7773c4388cf302e59f1d4aeba010e71e05bd14c8e30d573d7ea7abe3d05779
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
601f4b304f52b9695d34b3757fc8c8ee2643b682c7598acccb9e76d210671259
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61edc138c98b6cb8178ddefe414cf8e80147009cdfc951f8a1caafe6322c2232
61ef4b57e3c5e6779d4c9927bf6e317ed075026191be53a918cbc0f2d264c6e1
62ad93dcfefe29c51aede9c64c82087c5b0a6b4ca6c6bb4958659de13c0b8e32
62cc85a0e918ca662ecde9ebdea7e32cc473770957860a9858906509ad2aa3c6
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
633a066024a0832bae3a7b2846bb9514f5b495c649bf5ce359beb6745b710e95
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230
64dc3aa672761a3eb22acb210bbd442a25f360b80d60c3d4135e971600fb27eb
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018
662817e21330cbf78ce4c0f606a0989b107d3dc4cf55849b6065ad9ee5096d66
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a84cd41e76a8862837129ef8e131511b1495b8e0e798d178b2d2e06622b9e24
6a972c0c99efa23c96703b715ed2daef5b9827e2e0de057288bfb796d4268b7b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c125a51c16a7a29fa000a083e121b94ee8e192aa9d71f691d729f17cb9d0df2
6c38dc17dbebb7e00014f3ea1025d5bb245baff733b50069eff5403b5dfaeeb8
6c4f6bd31140286dcbd3b2a63dec4ddaae6e27a053bf86f8e1370c640187931e
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6cb31466abd327f67436b68da439bae3aa414bdc41872972fdd8f90dba365c87
6e1138bfb8d54fa09dccb43ee5fde94bc36179857c2a6ed2d8a9222870e0f265
6eccb590ef3adb4a2dc941f70c75c268f6e3938cc0509e63b6c39f0675d37a48
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
6f71fd03dd79be7ffeebac3065bbd98faf05e2bd969b37ff7e36f8c6379ed5e3
6fe91e5030d56d2c3eb23a58dec4ec8b52db809e3ca9ee40bebfc83aae730551
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
710bf3b3a54e164c3bde1c64dd239d2e8cafb6277fecfcfff4bda901d81d377b
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
730437936c9dc0e5fdf83ce8162ab99af15b6b608901b9ca75ca6dcc4160ef10
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74a494a17b4aa1290e6e7d1cb4c2f7ba4476673e4c9d29376abaee8e6278b36a
757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df
76396a34f5d4643509dae1874c6ed62e489e1ae35c79e88d2df30acbaae3af0e
76d655e1ad24de393ebbcc5b31f8ebdc34f4e89572c98afc67716e452deefa54
774a9c269c0b9092fe2bcc1b65d16eb560cad1a34c80b278b122c857da380251
7a9de94c9023f2e9a9e60e817685551dee65e694a1dfba8e00234278a8729f89
7ae18b218568670548bf485404a4866977ca40af75c242526da77263ab92dc94
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f7c95b4185b6fe7197d1a4886c70cf2da945c8373820ae9efb8616c90853974
804345fa18c65214d92ac83bf61c1b44ba79b84df3dcd7773e707c2820e3beb9
807aad5832e9c4c12d40084288218c84c8103c827d377f5c65b42866eeb21c4e
815fd8cd1ff4fb8f036b23e556f20ad5f7bf54f8cfee11c9c609de72765d3441
817e2b31f710b531a9ee2c3b54541046de21d4864515eca6767c2fbad48d0bd0
81e403d3ed917af9822eda3cd3346621cc4369860842cdaf9a65995af111f6a1
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33
86af09d351c0a3be01506ecbff333a4e35474f82442f1fd632a609626e3cd6f8
86af650ed3452c03477e710c3d6f094d1198340d6111c0ebd73fefea6b92136c
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87b9c3f2b4fef4924d72457dd213a8b320a05dd2090742ba368ae8ed7f45be82
87e8633079fc9f56ea63ce2a1002d1568db21825cf35bb56820309f1b44df045
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89eeb960da6b6c96728f9dae20f2082346e1a2b7418351fe6b1b44d7abb457fc
89f7966aa12b0c194008a474ec52c9c7af040662d5aceaae4b5eed1006d7e87d
8a3f974ab75cf6acbfbef4cd5b59e0c72ae7ced3a6214798b00e52fbd758f097
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b96b637a6c05ec35ac9d04396d740dffc019af827082e2ee722bf718f75b27c
8bdf934b5f60330dfa865a2b4b3a2c7aacb6aca219aa93ee0c88e01a8d1a9bc0
8ce4cbee041fbb29a5b16edaa48e4a25b1f7487cc326631fdd53b5b68514763c
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da85dd077f1ab37cfe2a0d6a34b41a99e1502416aa501be788b40f9e852115e
8e252a29ade56d616f537aac3504b3a80c903fce646c464bb900f7e2f0f0f59b
8eb18d47449e835bb90b5b734945d763437bcb322ba44f59422afcf43708ce7c
8f1246117fa3ba322c04e6667bb6c05513eb5bb67cb7ade261cfadc3ceff154d
8f6ffc3214dd6cd69d0df4dcdc22221809732704c1ff132c25b6f3b534516448
8fc3e985a65975bfbaf779c81e8f77f6dacc86eea2cc907b2be23b60858d9524
90075efaf91893e57508dea94025405aff0e44a57d236d6e81f2ae98e3288ce0
9043986fde648c179ce63d202242b956fe5bae1cbba32612c721e28aeeae65ab
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
915536d330e7c5a41ed2b2915aaa5d820e81144812ec17c3be1153ccb03d6859
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f
92f7696c0793ba80a1a76dba662ea0d68b358c37ebeea3f3c12a9f46ea86399c
9325dd9eb691092ba194fed5c6738ccb7c891ca8281926cc86bd40d4acf3def1
937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae
93a64df28dd28262af1b9a3e1086c1ee944d73be31bc026e0d5ea2dfb3920fc2
95c9628c1b9999a708886345c166c5234c9e0f4e8f540939a0e2fe66168d320c
95f7a99c6f963e01d5e4bac6f9058129a0c32655c5af7ec87b752bc00ef3273e
96488890ae08d4a2187090b4183accb58587d7fe6cd633db06878ae95f370fda
96aee9dbacc39790de499f7aadfdeba71acf0f202bcd674c268ea377f97bb103
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869
99647c26c6de641606079acccc3f078a3a56e8b9f4c556c495b3b636dacbc08b
99a17ef28f6bba7b94ba993a195a8adb82a48c921e963dc99f1aabf885e8e215
99e6fbc6a5afada5843ed4d89ce03404ba3bf49ef894eead09d80735aab0a987
9a97483aef08d5011466f13f84e6ec38a1b4e595c3a72dda37993b9cae2bf7db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dca01dbd6476424e100c9608667fd8b3e33675855c6f3020de611e1cafddb6a
9f07f5bc792b92f1c0f9484439775ae2d0b6d96b9fb7c7d9e464fdf44973f8b4
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a
a01536a4e78676d34742f3d6a8718fd8604dc9c0f4569cbc5a38c1e66d774cf5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
a51efe1131eac39d9174b557408284b43b4b3aec5d32425c3748de853598b75e
a60b9301e349598c437b403e1970467918b9041779a77312c4ec7f4e4653ba12
a73201cd61d120c36fd747444793aa5ccffcfdbb92b0168fe316b8d2a9520dce
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a94d87084ea9ec639ee261ba747db90b2f3992bbbd100c1f5009680ad744be6b
a952d774e71925cbfb611e74ecdb4a98f437a609a164c1699ac9bbcb9c7aa204
a9789e4a25fa23efe97512b4c8d286347f1c0320e319a3b12c14d6b4c3aa116f
a9e251d76f34521d9b9c85b010b77e45060974ee3e4be9b222ca6e88bc0058d7
a9f28d75598bbee6fefc3cc88da757614b15661b2531e42b9033eec8611c305e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaadde89b0db2f97f270379b4762e025c85a1a4d8a4c9ae2421ab48198cc3ae6
ac1bf2466b9a9281935e8538b267912d4950a96593089d6e8d3226bc905e4374
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad386e83074906780dfa1feec2070ff6e11f15c07953ac3d8431300ae0ba175b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad9f9715cc466d6b47c51f9bf3f3a86fd2796fff2e553f9cb67d7a6f4058f743
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b09c8f21fb8b53a6e355b9c415e1faef94f5dcab16f138261b0b76f6fb816432
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14c2c71bff7391e8ce4a4cf739c5e747627e9de00407dbfc9ae15efc468310a
b19127c5a34fa76d1411dde007de46564da2d7cca1c8cb9bb8f08c20a776c310
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b5633cefe7c581879292959bcb7039b1a41dad5d474103f166aa10669d54e0fe
b6f6a80d4cf098237600a886d7c70a9ae3f0bbf95691e09b490a106207678955
b7b660b1e1668d289a122e144bcea58f20bc4cc55418ee662c52659e7d53ed92
b837f0034d3bfaffc5e843d7eece848969dad53c701b3a19235a4f05c4d13daa
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
b8cd6a935771c335b708ce50bb07ff972f1e8d65185231435365bb0a66062411
b8d9be0db1f8874af5c06b8c7c7fe5b4e5000472fb9a7f8d89c160c65bc5c4f4
ba28d6b9bc270e941432b1b0badabc625ced695922376e764939cea19fe60f62
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bac289ff51e8058f142d204435f80460c95c0c44cb19a86aac0e87ba3532b2b3
bb66d273929d30c6c8ecd7490321a004f14623bb992e5edd3f74a8641f31460a
bba913468293ae1abf070f0d046c5df2a36c70038081c8af25eebef3d7ee2db8
bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385
bcd020990e85c35214d11bdfc48a41e0082d614e681d9d38451b389090e4d4d2
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
be82dd20858571cec9f6ada3642d44a2a8e01455758a1067926b385758f23a62
bec35833fdefd9f00dea8ea4453556d725b2c2368792502677410c6f72699636
c0a71ca2c2b80121a9db00dd745294b6a10f3904add5781197d3f6db69e4a574
c10bd38d554a5955b26d10e16b1059e2855647a2fe14294b58c35cc86354b575
c12a113494572a71906701cc1f8c5d981723a05e40a84a69abdcd5999e9338de
c19dc58bae1cf2ed2dc38838e7244fe8b8d9c537af33c6c3ab75c5fdb9250a9f
c20b8b347154b8a6a144efc72ab1e879c4fd518ccab777235650f9e6c448f281
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c26129b75356e69596e3322f877e1d146460022662929c606a1095917003ab6f
c30eb04d73951db5ec316ce436f1a59a31d5a1ad1b1c78203134582d1f90a5ba
c367c622b7cc9eb103173aeaafa45b78179e4d795294fb3f32acb50ba4dc93c4
c3bf9a688b9ca3ba16c7e43c5ee8af2ad0f619c3a098c7ba12a14ed8975333bd
c64a4bea500c025b4f0594ecedb59cd5201c54cad0dcea740ec2ea180d768b42
c7290b870b4b3785b24bb7296a6db28943b0afbd3db6f17737fafbfa038cc49c
c921b4351a1ae90dcc7a30a01fbc1e169d57e9f4451d55a840438fb13e7c1cc6
c9b892aba4e16858f03fbd026dfabaf851cc1b171010c17d41d10383011e2991
ca6302ea50feb9506aa66eb280d8202823d5fdecb4ea0ebb65b10d4422356516
cc24577bb02bf27ae6c6906ceb9389bae6a0d225162ef888a8aed2ab56f3b32e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
ce7b79859a6195c80419b4f4579f58ee0711a518a77d7d9aeed696711691c273
ce7c647cd26c6f23924d40319f58f45c9e5d4dd504dad2877bd7ce61f8bb9f27
cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898
d080969afd9dd51405e545a55ef3bc0f1ce0f9797970380fa85003f7022ce5c3
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d0dfec92e08621e63a9c63d274cc88ab057f02569d175fc9f069f461c504ff26
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d5471691331fe5befc0daf136f494fd54d521fa9eb701acc6e6f4895883cbb82
d6634da7d4c21e8eda253de4c10dd9b11b30c511a0228bc55f0a771c1aa745de
d736ac25bb367d7d5a69c46acfef07527c9799837a6bf42c984dd79fc84da93c
d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9ce958515e4c42199afa5f6f985d7038047c2ca5821147d68fe3604b138e5aa
dabdc5a344ed0701b138c580fcea0792d253486c366734977cc4b2c99ee0aca6
db1f2f4de4a134a2c6da8be0bf4f997c02d446699f4ae7e12821b90fbd583b84
db8c73895293f1e5ff19ddac1e892a9ac2e5828c19f9474679bf2a9d09473482
dbde787befd05399997159250298503a1ec727b2115919a814e603994df9e9f8
dc2d5ec0504dd07cad1a7672b019d8774f26817e5f057ce31ca984a6819fe8af
dc47fe76a727b19e2809cf536e50aba67ecdf9e9a772c78abc9d5164d220bf20
dc73e19ce773dab8e3027d16d415aa94a6dcdb69dcefebd5fb495d0a411e2cf7
dc78df34cfc8b76a3a91c57c029977b84840175ae6c973fc70e7aa207e2fd583
dc94b334bdbade3c6e278dcb6568556f0ce413d97a49d046e94a67f56472f0ff
dd4da0955494c0251bde2022a419625c63b563afb16132baf74c3925374b5e52
dd6110a8dac5a0a87be0e286a7484f04330256019f21174f5e7683840e00deb2
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de406fe972fecac77270ef4dc2ed82106b42a793f1011d3e9ff00594e7b56a4d
de619fbe12252ff30c18076b7118fff32d2d52e506b16d21f5962af3162649d9
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470
df6d963f5c60a8081b204ff1d6494b254b8ef3e2eda060f6c4b615c13507874a
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0c11b77797b37f998d256d54e7fd425dd0582f5e257676eafcc2a7932c82435
e0dcb72514ca393448b0d4ed00dfa31149703a705aab4628e4b1a1c4cbf92386
e164e4a877946d74f114f8cafb14998b95c64f5de87f9dea377cb84c0004c8e4
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e431dba690e2160e14b615b7cfadd66db522d19cc8315bb51b714901c74cd21f
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e5ea550aa4bcb9f327fa18006fbbb06b5df119f19af6e26de29ffae10e0af430
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7d5f711555d39edbe52b9ea37ef3721a37dc806ac118d1cc5eaa15c33c7c875
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9afb3acbfe3c25010b20cef54661e69748f48908216e9e258c0fc035f5dff46
eb0eb94ace7a4c722452ddf6b069b300d25ff3b82ac2884e23be46a810be5f63
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
ec7a39850e9b81dff51e0ccb8b436ca67292ceb0db8e64256ce7e924a2c80c0b
ed007bc12e2c346ef476252b177dee6d923f1e858307d8c61383bf1e3d442c21
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f278bf82a64ac1a5ae8f69e06890047a914b3d0100bf856aabd758d2e15edf36
f34d78d92e54eb1ba46df59fc24b6b15c3c6ac0fe1a119c9fb342246dc9d9ab5
f363908fbfdcea7ae886b072d6bb21b190edd172d8322a1868c670d54e85dcfb
f56e492c10145dbf06276635cf10daf821401c53b928c76e0957b15b134a12e5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6021f132e8dba8615c182c58926ef50ea7b7a8aec7afb255a874d03853446e1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70e6fbd5a8d9520b5d0cddb9c1ef46594fa6196d377aaa5a4c673509576179f
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b
f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0
fa6e589c2902004100ff24e65cc75e96652ae21621eed9fefb222e79b5ddaad1
fa86a341dfbf5ab398659f822e999208d9b17d7771eda6a30b7ab094414bef4d
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fc18e49d25e7bac0951d94e6e7d8329652bf224dc910ae5cdda1d58cacbb65e2
fc1e9c931dc51b0ec55f2d54de9edd0eff9205e377ca9b6eeac7bcb425033377
fcd82c01d3a1198315983306f37c8811f5c0d4965ee0ab4e6765d821e805dd90
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffe96b98423bb7a4e0ca465361afca090f1896831face3abdbd51365e6675c1a